SECURE XR – Human Opsis

Information

Project name: SECURE XR

Summary: The project aims to enhance the security, privacy, and resilience of extended reality (XR) applications by integrating automated vulnerability analysis, compliance monitoring, and DevSecOps practices into their development lifecycle. It supports diverse XR domains, including healthcare, industrial safety, and biometric authentication, ensuring secure handling of sensitive data and real-time interactions. By leveraging multi-language analysis, containerized environments, and continuous monitoring, SECURE-XR enables developers to identify risks early, improve regulatory alignment and deliver trustworthy XR systems with stronger security assurance and operational transparency.

Status: In progress (2026)

Funding body: EU Digital Europe Programme through CONSOLE

Description

The SECURE-XR project aims to strengthen the security and privacy of XR applications by combining automated analysis with usable security principles. XR systems operate in complex environments that involve real-time interaction, multimodal data, and diverse stakeholders, making security not only a technical challenge but also a usability one. Developers, engineers, and decision-makers must be able to understand, interpret, and act on security findings efficiently. SECURE-XR addresses this need by embedding security tools and insights directly into development workflows, fostering clarity, usability, and adoption.

The main objective of SECURE-XR is to enable teams to identify, understand, and mitigate security and privacy risks in XR systems through accessible and actionable mechanisms. The project integrates automated static and dynamic code analysis, multi-language vulnerability detection, and continuous monitoring within containerized environments. At the same time, it focuses on presenting results through clear dashboards, structured reports, and unified formats that reduce complexity and support informed decision-making across roles.

SECURE-XR supports multiple XR domains, including healthcare, industrial safety, and biometric authentication, where both security and usability are critical. These domains require developers and operators to manage sensitive data, real-time processing, and strict regulatory requirements such as GDPR, NIS2, and the Cyber Resilience Act. SECURE-XR facilitates this process by providing transparent compliance monitoring and traceable reporting, allowing users to understand not only what issues exist but also why they matter and how to address them.

To achieve its goals, SECURE-XR defines several key sub-objectives. First, it aims to deliver a unified and user-centered security framework that supports heterogeneous XR software stacks while maintaining clarity in how results are presented. Next, it focuses on integrating security and compliance checks seamlessly into CI/CD pipelines, minimizing disruption to existing workflows and encouraging continuous use. Finally, it seeks to enhance usability by offering interpretable visualizations, prioritization of findings, and remediation guidance, enabling both technical and non-technical stakeholders to engage with security processes effectively.

By aligning automated security mechanisms with usability principles, SECURE-XR supports a shift from fragmented, hard-to-interpret security practices to integrated, user-centered approaches. It improves not only the technical robustness of XR systems but also teams’ confidence in using security tools, ultimately fostering trust, adoption, and more secure XR ecosystems.