This work addresses the limitations of traditional cyber situational awareness approaches, which predominantly focus on technical alerts and lack mission-oriented decision support, thereby struggling to integrate into diverse operational and security workflows. To bridge this gap, the paper proposes a mission-centric System-of-Systems (SoS) architecture that establishes a closed-loop framework comprising seven types of mission-driven artifacts—including a common cyber situational picture, situational reports, What-If analyses, and action recommendations—thereby seamlessly connecting perception, decision-making, execution, and learning. The proposed approach facilitates integration with heterogeneous toolchains and supports incremental deployment, enabling seamless embedding into existing cybersecurity processes and significantly enhancing the effectiveness of situational understanding in supporting mission planning and execution.

Operational organizations increasingly require Cyber Situational Awareness (CySA) capabilities that go beyond isolated technical alerts, providing mission-relevant artefacts that can be embedded into heterogeneous toolchains and cyber security or cyber defense processes. ECYSAP EYE addresses this need through an adoption-oriented System-of-Systems (SoS) architecture centered on seven groups of mission-focused artefacts: the Recognized Cyberspace Picture (RCyP), Cyber Situational Reports (CySRs), the What-If Analysis Report (WIAR), Option Recommendations (OPRE), an operator Dashboard/HMI (DSH), Action Enforcement (AE), and After-Action Reports (AAR). The ECYSAP EYE architecture structures the transition from perception (full-spectrum RCyP views), to decision-oriented reasoning (WIAR/CySRs/OPRE), and to operational execution and learning (DSH/AE/AAR), with explicit integration surfaces that support incremental deployment and validation. This paper presents this innovative project from a technology transfer perspective, summarizing the updated architecture, the functional role of seven groups of artefacts, and the expected impact of cyber situations on the decision-making process in the context of a mission planning and execution.