Work Packages

Project activities

Work Package 1 - Project Management (PMF Research)

The overall objective of Work Package 1 of the OSCRAT project is to ensure the achievement of the project objectives within the budgetary constraints and deadlines. This work package includes all activities related to the general management and coordination of the project, including meetings, communication tools and financial management.

Work Package 2: Requirements gathering and Analysis (EMAG)

A requirements analysis phase is essential when it comes to the creation of tools addressed to various stakeholders. For this reason, a rigorous requirements gathering and analysis phase is necessary in order to have a full understanding of the needs and issues that SMEs face every day with regard to cybersecurity.

The objectives of Work Package 2 (WP2) of the OSCRAT project are to precisely define the scope of the CRA automation tool, to identify the specific requirements of stakeholders and end users, to analyse user needs and collect and analyse relevant data to inform decision-making throughout the development process.

These objectives aim to ensure that the resulting tool effectively addresses stakeholder challenges, aligns with industry standards and meets the evolving needs end-users, while ensuring alignment with the CRA’s essential cybersecurity requirements and documentation obligations.

Work Package 3 - Software Design and Development (Oves Enterprise)

The main objective of Work Package 3 (WP3) of the OSCRAT project is to provide a fully operational product aligned with the established needs and requirements of small and medium-sized enterprises (SMEs), enabling them to effectively adhere to the CRA regulation.

This was based on the detailed analysis carried out in Work Package 2 (WP2), where we assessed and defined the specific needs of SMEs. The development, testing and implementation phases were designed to be meticulous to ensure that the final product not only meets regulatory standards, but also fully meets the operational requirements of SMEs.


The ultimate intent of WP3 is to offer SMEs a robust solution that facilitates compliance processes and enhances their ability to handle CRA regulations without difficulty.

Work Package 4 - Stakeholder Engagement (EDIH Trakia)

Work Package 4 (WP4) primarily aims to promote cybersecurity resilience by promoting CRA among European SMEs through the OSCRAT software.

The objectives include facilitating the exchange of knowledge through several workshops on general and specific topics related to cybersecurity resilience and the organisation of an international event at UNICIS with the participation of the entire consortium, the identification and sharing of best practices for CRA compliance, and the formalisation of best practices and results in a final report to be included within OSCRAT.

The main specific objectives of this WP are:

  • Organise a series of webinars and workshops on the importance of the CRA to raise awareness and inform SMEs involved in the project and those interested;
  • Organise training sessions with partners and companies interested in the benefits of OSCRAT during their co-creation to explain its many functionalities;
  • Collect OSCRAT use cases and create a final report with best practices to be included in the software to support future users of the software’s potential;
  • Organise an international event in the form of TED Talks at UNICIS, involving the project partners together with cybersecurity experts from across Europe.

Work Package 5 - Dissemination and Exploitation (PMF Research)

In order to make the project’s impact as deep and wide as possible, dissemination and exploitation activities will play an essential role within the project, selecting the right target groups and differentiating the content to be disseminated.

In addition, this WP will aim to generate awareness and interest in the project by developing a specific communication strategy that enables the partners to build and nurture the community of SMEs involved.


In particular, the main objectives of this WP are:

  • Design and implement a powerful dissemination campaign to engage key stakeholders;
  • Ensuring that knowledge is effectively disseminated and exploited within the participating organisations;
  • Ensure the highest possible visibility of the project’s main themes, activities and results;
  • Raise awareness of the importance of the CRA and the Digital Europe Programme and present it at the EU Cyber Act Conference;
  • Supporting the exploitation of project results, including for the development of strategies at national, regional and local level, enabling the adoption of results after the project’s duration.

Follow us on social media

Linkedin X-twitter Youtube Github

Co-funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Cybersecurity Industrial, Technology and Research Competence Centre. Neither the European Union nor the granting authority can be held responsible for them. – Project: 101190180