Part B — Outline (DIGITAL — Simple Grant, EN)

1. Summary (1/2 page)

• What: PQC X.509 (Hybrid) TRL-7 demo in operational environment (A/B pilots)
• Why now: PQC transition pressure; interoperability need; compliance
• Who: Foritech (SME); solo S-tier (€81k), 6 months

2. Objectives & Relevance

• O1 TRL-7 packaging and docs
• O2 A/B pilots (internal + internet-facing)
• O3 Verification: KPIs, signed reports, evidence bundle
• Fit to PUBLICPQC: hybrid certificates, interop, ACME/CT/CR minimal contributions

3. Methodology & Innovation

• Hybrid X.509 (ML-KEM/Kyber + Dilithium), issuance/verify/rotation
• Operational hardening “13+2”
• Reproducible release bundle + PROGRESS.md

4. Implementation (Work plan)

• WP1 Management (M1–M6) — deliverables: D1.1 Kick-off pack; D1.2 Final report
• WP2 TRL-7 Packaging (M1–M2) — deliverables: D2.1 Docs/Test/CI; D2.2 Release bundle v0.6.0
• WP3 Pilot & Evidence (M3–M5) — deliverables: D3.1 Pilot A report; D3.2 Pilot B report; D3.3 Verification report + video
• Milestones: see docs/funding/Milestones_Timeline.csv

5. Resources & Budget (A–E + 7%)

• Personnel (SME owner unit cost + QA); Subcontracting (independent verification/video)
• Purchases (equipment full cost; services; travel)
• Indirect costs 7%; EU grant 50% (€40.5k); co-funding 50% (€40.5k)

6. Impact & KPIs

• KPIs: issuance <60s; mTLS ≥99% (100 runs); rotation <10m; CodeQL Critical=0/High≤2; docs ≥90%
• Exploitation: open-core; Pro/Enterprise add-ons; partners (MSP)
• Dissemination: TRL site (Pages), binder PDF, quick guide

7. Risk & Mitigation

• Interop gaps → hybrid fallback + matrix
• Pilot delays → backup site; parallel prep
• Resourcing → lean scope; staged features

8. Ethics & Security

• GDPR/NIS2 lite checklist; DPIA stub
• Security restrictions per DEP Art. 12(5) — compliant

9. Management & Monitoring

• PROGRESS.md daily digest (CI)
• Release tags + SHA256