EU funding security robots: 2026 application logic

Plant managers and CFOs at KRITIS operators face two parallel obligations in 2026. The KRITIS Umbrella Act (KRITIS-Dachgesetz) requires physical resilience. NIS-2 requires risk management at the physical-digital interface. Security robots address both. The question is not whether, but how the investment can be structured. EU funding programmes can lower the entry hurdle. They do not replace regular operations. This text describes the application logic without ornament.

EU funding security robots: status 2026

Horizon Europe Cluster 4 (Digital, Industry and Space) funds robotics demonstrators. The funding rate is 50 percent for large enterprises and up to 70 percent for SMEs in Innovation Actions. Security-related robotics falls into the calls on industrial resilience and AI-based autonomy.

The Digital Europe Programme (DIGITAL) covers AI-based sensing in critical infrastructures. It addresses deployment, not pure research. The funding rate varies by topic, typically 50 percent. DIGITAL also accepts service models when the innovation share is documented.

The Connecting Europe Facility (CEF Digital) co-finances cross-border KRITIS protection projects. It becomes relevant when an operator maintains facilities in several EU states or sets up a sector cluster jointly with a partner from a second state.

The European Defence Fund (EDF) explicitly excludes civilian perimeter robotics. Those targeting a KRITIS site should not pursue EDF. The line is clear: civilian and dual-use with a civilian primary application go to Horizon and DIGITAL, military to EDF.

National co-financing via BMWK and BMI remains a prerequisite for many funding lines. EU funds do not replace the own contribution. At a 50 percent rate, half stays with the operator, plus pre-financing until the first disbursement.

Which robot types are eligible

Eligible systems carry CE conformity under the EU Machinery Regulation 2023/1230. The regulation replaces the old Machinery Directive and applies bindingly to autonomous security robots in the EU single market. Without CE conformity, an application stands no chance.

EN ISO 13482 defines safety requirements for personal care and service robots and serves as a reference for autonomous mobile robots in environments with people. For patrols on factory grounds with employee traffic, the proof is mandatory.

QR-2 and QR-3 meet the requirements for outdoor patrol and drone detection. The QR-2 outdoor patrol covers perimeters and factory areas. The QR-3 with LiDAR and drone detection adds airspace surveillance and higher sensor resolution.

Active drone defence (jamming, disabling, intervening in flight) is not eligible for civilian funding and is reserved for authorities in Germany anyway. Passive detection and alerting are eligible and exactly what civilian KRITIS operators need.

Pure indoor systems without a KRITIS link usually fall out of the programmes. An inventory robot in a high-bay warehouse has no claim to security funding. The KRITIS link must be evidenced in the application, ideally with reference to BBK registration and sector assignment.

RaaS and eligibility: the accounting problem

Classic EU investment funding addresses CapEx, not OpEx. A buyer capitalises the robot as a fixed asset. Funding covers a share of the acquisition cost. With service models, this logic does not apply directly.

The Robotics-as-a-Service model with a monthly fee falls into operating cost logic. From the perspective of a classic investment grant, no balance sheet capitalisation arises and therefore no anchor point for funding.

The way out leads through structuring as an R&D project. Horizon Europe funds Innovation Actions and Research and Innovation Actions. When a pilot project contains an innovation share (new data integration, new use case, new compliance interface), the service contract can be structured as part of a research project.

DIGITAL accepts service contracts when the innovation share is documented. Concretely: specification, technical description, delimitation from the standard product. With QR-3, the LiDAR and drone detection stack can be presented as an innovation component, because the sensor fusion and the KRITIS-specific alarm logic go beyond standard patrol.

The 24-month contract matches typical funding periods of 18 to 36 months. The RaaS contract fits operationally into the project term. Before the funding project ends, the transition into regular operations must be prepared, otherwise a gap arises.

Application structure for plant managers

Identifying consortium partners is the first step. Horizon Calls require at least three independent entities from three EU member states. DIGITAL and CEF apply similar rules, partly relaxed depending on topic.

Role distribution in a typical consortium: Quarero provides the technical partner, the operator the use case partner. Added to this are a research partner (university, Fraunhofer institute) and a partner from a second EU state. Four entities form a robust setup.

Work packages are structured along four axes: deployment (hardware, commissioning), data integration (control room, ISMS, alarm chain), KRITIS compliance (BBK evidence, audit trails, documentation) and scaling (transfer to further sites, sector lessons learned).

Budget items cover sensors, edge compute, integration into the control room and documentation. Personnel costs at the operator are reimbursable under Horizon, to the extent they fall on the project. Clean time tracking is a prerequisite.

The funding rate is 50 percent for large enterprises, up to 70 percent for SMEs in Innovation Actions and up to 100 percent in Research Actions. KRITIS operators are often large enterprises, the research partner draws the higher rate.

Application deadlines and cut-off dates of the respective calls determine the project start. Horizon calls run on annual cycles, DIGITAL partly half-yearly. Eight to twelve weeks of lead time between consortium formation and submission are realistic.

Interface to KRITIS-Dachgesetz and NIS-2

The draft KRITIS-Dachgesetz regulates federally uniform physical resilience obligations for operators of critical infrastructure for the first time. Security robots are one measure for fulfilling this obligation, not the only one, but a documentable one.

The NIS-2 Directive 2022/2555 obliges KRITIS operators to manage risk at the physical-digital interface. A patrol that feeds data into the ISMS covers part of this requirement. The funding application benefits when this interface is described cleanly on the technical side.

Funding projects with a compliance link have higher approval chances. The EU Commission prioritises projects that operationalise regulatory requirements. Those who explicitly reference KRITIS-Dachgesetz and NIS-2 in the application address the evaluation criteria on impact and policy alignment.

The documentation obligation from the funding can be used for BBK evidence. The BBK is the federal authority for civil protection and the central registration office for KRITIS operators in Germany. Deliverables from the funding project (risk analysis, measures catalogue, audit reports) can be reused as compliance artefacts.

Audit trails of the funding project cover parts of the ISMS requirements. Double documentation falls away when the structures are set up in parallel from the start. The KRITIS-Dachgesetz checklist provides the frame.

Cost calculation with funding

QR-2 without funding costs 3,500 euros per month, i.e. 84,000 euros over 24 months. That is the base calculation for an outdoor patrol robot in the RaaS model, without special modules and without escalation services.

At a 50 percent funding rate via a DIGITAL or Horizon project, the operator share drops to 42,000 euros over the term. This amount covers 24 months of pilot operation including data integration and analysis.

The comparison to a 24/7 guard post is 15,000 to 25,000 euros per month without funding. Over 24 months, that is 360,000 to 600,000 euros. The guard service cost in direct comparison shows the details including Manteltarifvertrag and allowances.

Pilot funding lowers the entry hurdle but does not replace regular operations. After project end, the regular RaaS contract applies at standard conditions. Those who do not plan for this stand without continuation after 24 months and must close the security gap at short notice.

Funding is an accelerator for entry, not a permanent subsidy. In the CFO model, the funded phase is booked as pilot budget, the continuation as regular operating expense.

Typical rejection reasons

Missing proof of innovation is the most common rejection reason. Pure standard use of a market-available product is not funded. The application must name an innovation component: new sensor fusion, new data integration, new use case, new interface to a regulatory obligation.

No cross-border dimension in Horizon calls leads to non-admission. A consortium of three German partners does not meet the criterion. At least one partner from a second EU state is mandatory, three different states are the norm.

Unclear delimitation between research and commercial use is examined critically by reviewers. Those who write in the application that they simply want to buy an existing product receive a rejection. The separation between R&D share and standard procurement must be clean.

Missing conformity proofs under the EU Machinery Regulation and ISO 13482 are a technical knock-out criterion. Without CE conformity and without an applicable safety standard, the system is not recognised as eligible.

Double funding from national and EU programmes without coordination leads to reclaim. BMWK and BMI funds must be coordinated with EU funds. The application must disclose which other public funds the project receives or has applied for.

Procedure in the next 90 days

Defining the use case is the first step. Which KRITIS section (energy, water, transport, health), which facility (site, perimeter, building), which threat vector (intrusion, sabotage, drone, insider). These three axes yield the use case in two to three sentences.

Address consortium partners, at least one from a second EU state. Sector associations, research institutions with European networks and existing supplier relationships are the first contact points. Four weeks of lead time for confirming the partnerships are realistic.

Set up a funding scout workshop with Quarero for call selection. Which call matches the use case, which cut-off dates, which funding rates, which minimum and maximum budgets. This clarification saves weeks of research and avoids wrong application paths.

Start a pre-pilot with QR-2 or QR-3 to create a data basis for the application. Three months of operational running deliver incident data, availability metrics and integration experience. This evidence raises the approval probability significantly.

Finalise the application text with technical annex eight weeks before cut-off. The last two weeks are reserved for internal reviews, consortium alignment and uploading in the EU portal. Those still writing the text one week before cut-off risk formal errors.

The board liability from NIS-2 board liability makes investment in physical resilience a mandatory task. Funding only shifts the cost distribution, not the responsibility. Those who want to scout the application route can submit a pilot request and clarify in the preliminary call which call and which use case are viable for the own site.