Research security
A changed geopolitical context requires increased attention to research security in R&D activity. Great power rivalry and the technological race are a struggle for access to knowledge and technology. R&D institutions and communities must navigate in a more complex international landscape, where they must take into account both transparency and security in research.
The Project Owner's organisation is responsible for research security related to each project. The Research Council expects the Project Owner and the project manager to assess the risk picture and any measures for projects for which funding is sought.
What is research security?
Research and innovation are based on openness and collaboration. Openness, academic freedom and cross-border collaboration are fundamental to scientific activity. At the same time, research projects and institutions are attractive targets for some actors, for example to extract information and technology to strengthen their military capacity, or to affect academic freedom by influencing researchers and research projects.
In the EU context, research security is understood as anticipating and managing risks related to a) unwanted transfer of knowledge and technology that may harm our national or economic security, b) impact on research and innovation, or c) violations of research ethics/integrity where knowledge and technology are used to undermine key societal values.
This definition is based on the recommendations of the Council of the European Union adopted in May 2024. It provides recommendations to member states, research funders and research institutions to strengthen their work on research security.
EU Council Recommendation on enhancing research security (May 2024)
What does this mean for applicants?
Institutional autonomy and academic freedom are fundamental principles of the Norwegian research system. This means that it is the research-performing institution that has the primary responsibility for research security. As of 2025, the Research Council has made it clear in all calls for proposals that the assessment and management of research security in individual projects is a prerequisite for the allocation of funding.
This means that the Project Owner and the Project Manager must jointly assess at the planning stage whether there is a risk associated with the individual project. If a risk has been assessed, the institution is responsible for introducing appropriate measures in the project or at the institution to manage or minimise the risk. Assessment and management of risk in projects must be carried out in accordance with the applicant institution's security work. Several Norwegian institutions have their own resource pages that describe recommended measures and internal contact points for questions about research and information security.
For questions about the assessment and measures for research safety in individual projects, applicants should primarily contact the administration or management at their own institution.
Responsible international knowledge cooperation
Consideration for research security is particularly important in international cooperation. It is crucial that research institutions have a conscious relationship with the values they manage, and facilitate a good balance between openness and diligence when interacting with other countries. This also includes a responsibility to familiarise oneself with relevant legislation, make one's own risk and vulnerability assessments and seek advice from relevant authorities if necessary.
On behalf of the Ministry of Education and Research, the Research Council of Norway and HK-dir have drawn up Guidelines for responsible international knowledge cooperation. The guidelines are an online resource that is being updated. The guidelines are intended to support the institutions' own safety and emergency preparedness work, and be a practical tool for institutions, individual researchers and students. It contains overarching advice for institutional management, administration and academic communities for managing risk and strengthening security in international cooperation, as well as overviews of laws and other guidelines that the knowledge sector must comply with.
Guidelines and tools for responsible international knowledge cooperation | HK-dir
Export control
Many countries are now taking steps to strengthen research security in their national R&D systems. This is taking place in parallel with the introduction of new export control procedures to safeguard national security interests by controlling exports of defence-related products and dual-use goods. In a number of countries, export control has been expanded to include knowledge and technology transfer. In Norway, the Ministry of Foreign Affairs has proposed to strengthen the regulations for export control [ZS1] and introduce a licence requirement for technology transfer. The changed regulations may have an impact on, for example, technology environments, which in some cases must apply for an export licence.
From January 2025, a new directorate responsible for export control and sanctions has been established, which also offers guidance to the knowledge sector.
Questions about export control and any applications for licences must be directed to the Directorate for Export Control and Sanctions (DEKSA).
Directorate for Export Control and Sanctions (DEKSA) - guidance page for academia.
Messages at time of print 21 January 2025, 05:12 CET