Skip to main content
European Commission logo
Deutsch Deutsch
CORDIS - Forschungsergebnisse der EU
CORDIS
CORDIS Web 30th anniversary CORDIS Web 30th anniversary
Inhalt archiviert am 2024-06-18

PREVENTIVE METHODOLOGY AND TOOLS TO PROTECT UTILITIES

Final Report Summary - PREEMPTIVE (PREVENTIVE METHODOLOGY AND TOOLS TO PROTECT UTILITIES)

Executive Summary:
PREEMPTIVE proposes to:
• Enhance existing methodological security and prevention frameworks with the aim of harmonizing Risk and Vulnerability Assessment methods, standard policies, procedures and applicable regulations or recommendations to prevent cyber-attacks.
• Design and develop prevention and detection tools complaint to the dual approach that takes into account both the industrial process misbehavior analysis (physical domain) and the communication & software anomalies (cyber domain)
The strong innovation proposed in PREEMPTIVE is to face the cyber-attacks adopting a dual approach techniques that take into account industrial process behaviour (IPB) and communication & software related threats (CATh).
Industrial process misbehavior take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the industrial process. Think of a disgruntled employee that has access to the HMI systems used to control an industrial process. Thanks to the knowledge of the underlying industrial process, he/she can devise a combination of (legitimate) actions that will trigger a failure in the process, such as opening certain valves in a water facility to release sewage water in drinkable water.
Communication & software related threats imply that an attacker hits computers, networks, sensors, PLCs or radio signals to cause failures in the SCADA system by leveraging software vulnerabilities. Stuxnet is a typical example of a communication & software related threat. It used four previously unknown exploits of both host- and network-based software components to deploy some specific PLC code to alter the regular operations of centrifuges for uranium enrichment. To conceal its activities, Stuxnet replayed data recorded during regular operations of the centrifuges to operators’ workstations.
Current research activities failed to recognize the primary importance of the existing relationship among the industrial process behaviour and communication & software related threats. Researchers have focused on addressing one of the two types at a time, without correlating information and events from both, extracted at various levels.
The breakthrough of PREEMPTIVE proposal, unlike other researches, is to conceive a dual approach techniques that improves prevention and detection capabilities against cyber-attacks where SCADA, DCS and PLC networks are used in conjunction with cyber networks.

Project Context and Objectives:
Main Objectives realized during whole Project are summarized below:
• Definition of taxonomy for utility network
• Definition of PREEMPTIVE legal and ethical requirements and implementation
• Modeling and simulation of Cyber attacks against the utility network
• Evaluation of existing Security framework, standards, recommendations and gap analysis
• Development of Preemptive Methodology
• Application of Preemptive Methodology to a real utility
• Development of Industrial process tool by
• normal operation states characterization, negative data representation and compression
• industrial process hierarchical structure based on Multiagent
• Development of network-based tools for analyzing both traffic payload and flow
• Development of host-based tool for analysis system/applications events and logs
• Development of a network discovery tool
• Development of the event correlation engine
• Development of a graphical interface for the SW tools
• Making the test session of SW tools and KPI measuring on the final test bed at IEC laboratory
• Finalize the dissemination and exploitation of the project results, and of project web site.
• Ensure proper Management of the project for the correct running of the activities in the period as part of WP1 activities.

Project Results:
In Technological Research and Development work packages the following main goals have been achieved:
WP2 serves as input for the other work packages in PREEMPTIVE. It proposes a taxonomy for organizing in a coherent way the information about the physical processes of utilities, the process automation systems employed to monitor and control these processes and their security properties (threats, vulnerabilities and impact on failure). In particular following goals have been achieved:
• taxonomy which provides a consistent description of the physical processes run by utilities, the systems used to control and automate their processes, the main objectives (use cases) that these automation systems allow to achieve and their high-level architecture.
• three utility sectors are analyzed: electricity, gas and water
• cyber-attacks that could affect these systems. In particular, it provides an inventory of the most which processes and services an attacker may wish to disrupt, and for each attack is provided a high-level description of how an attacker may achieve his goals by leveraging (known) vulnerabilities in software, components and protocols used for the process automation systems.

WP3 package regroups research activities on legal and ethical aspects, and on the societal impact of PREEMPTIVE. The objectives is the identification of a list of high-level legal and ethical requirements to which the PREEMPTIVE solution must abide in order to avoid legal and ethical inconsistencies at crucial later stages of the project. In particular following goals have been achieved:
• the ethical and legal requirements to which the end-product should abide
• the legal and ethical considerations to be considered during the development phase
• detail on the requirements for the technical implementation of legal requirements

WP4 package objective defines guidelines for improving Critical Infrastructures (CIs) surveillance. In particular following goals have been achieved:
• describe the state of the art of security frameworks, standards and recommendations which resulted in the description of seven weak points in the state of the art
• development of a Preemptive methodology to be applied to Critical Infrastrucures
• Application of Preemptive methodology to a real utility
• White paper on Methodology results
• Network detection tool for known vulnerabilities

WP5 package objective is to model and simulate utility networks environment and cyber threats in order to anticipate and study the criticalities coming for the adoption both the prevention methods and innovative technologies. In particular following goals have been achieved:
• a reference guide to operate the test environment and simulate threats and their steps to compromise the industrial network based on the attack scenarios developed in WP2
• the realization of simulation and emulation environment used to deploy cyber-attack malware in industrial control networks. Software and hardware components emulate the cyber and physical functionalities of a real system
• building upon the above simulation and emulation environment recreating specific attack scenarios. The focus is on cyber attacks deployment and their impact on electricity, water and gas networks

WP6 package objective is to is to identify misbehavior at industrial process level through measurement analysis that could depict a cyber-attack. In particular following goals have been achieved:
• the detection based in Artificial Immune System of anomalies at industrial process level by the characterization of normal operation states in Critical Infrastructures, and negative representation of data
• the design and implementation of several layers of coordinated sensors (physical or software modules) at different levels that allows identifying global effects even when all corresponding local sensor indicate “normal operation”
• the detection based in Artificial Immune System of anomalies at industrial process level by the characterization of normal operation states in Critical Infrastructures, and negative representation of data

WP7 package objective is to to develop new tools to prevent and/or detect anomalous and malicious activities against critical systems. In particular following goals have been achieved:
• network-based intrusion detection solutions (IDS) for ICS/SCADA based on two distinct but complementary areas: payload-based and flow-based
• host-based IDS for ICS/SCADA based on three distinct but complementary areas: malicious payload detection for embedded devices used in ICS environments, malware detection in standard IT components deployed in ICS environments and integrity of personal and company storage devices
• Correlation Engine for the alarm correlation and threats/APT identification

WP8 package objective is to measure the effectiveness of the methodology framework as well as the innovative tools developed during the time period of the project. In particular following goals have been achieved:
• a comprehensive list of Key Performance Indicator (KPI) to be used in the assessment of the project solutions
• the test plan, which has been used to validate and demonstrate the results achieved. The proposed test plan is composed by a set of test sessions structured as cyber attacks
• the test environment in an industrial network in a reduced configuration which has been used in order to running cyber-attack according to test plan to validate KPI of methodology and SW tools

WP9 package objective is to make the knowledge and results of the project available for the research community and to companies that can turn these results into a sustainable business. The envisaged objective of WP9 is to disseminate the project results and deliverables of the previous work packages through participation in standards bodies, coordination activities with other organizations, face-to-face meetings, briefings, presentations, and publications in conferences, workshops, scholarly journals, magazines, and other venues in academia, industry, and government. Moreover this work package focuses on creating visibility for the project, on disseminating the results through different channels, on building a knowledge base within the project and creating permanent structures to collect and disseminate the knowledge about utilities protection, and finally on stimulating the uptake and exploitation of the results. Main results reached by this WPs are:
• Setup of project webpage
• Setup mailing lists for the dissemination and partners cooperation
• Setup of SVN storage servers for document and data
• Setup of web portal for partners cooperation including forums, calendars and wiki pages dedicated for each WP.
• Publication of several papers
• Active participation to several congresses for Preemptive results dissemination
• Contacts with End User for exploitation


The main PREEMPTIVE final output are:
• Taxonomy – report
▪ Classifying the utility networks taking into account type and communication technology, sensibility to Cyber threats
• Simulation Modelling – software
▪ Models and virtual environment for simulating and gathering data on cyber attacks
• Core of the detection tools (network, host and process based) - Software
▪ Prevention and detection tools to improve security on SCADA utility networks
• Cyber Defence Methodology Framework – Guidelines
▪ Risk and Vunerability Assessment Methods
▪ Standard policies, procedures and guidelines to prevent cyber attacks
• Ethics, Social Impact– Report
▪ Legal and ethical requirements and implementation report

Potential Impact:
In order to effectively exploit the results of the project, the consortium has planned the following exploitation activities:
• Individual partners have developed plans for transferring project results into new products and services. These partner exploitation strategies are described in detail in section 7.
• Transfer opportunities and development of the PREEMPTIVE methodology has been analyzed against the end user requirements/needs, adjusting the project when necessary in order to ensure the best possible outcome. Finally, the Preemptive methodology will be presented to stakeholders potentially interested in its implementation.
• Working with end the End-User Advisory Board (EUAB) throughout the whole process to make sure that the project stays on track and leads to exploitable results. There has been regular contact with the EUAB and they have taken part in several meetings (Rome, 31 March and 18 September 2015; Barcelona, 17 March 2016; Lancaster, 29 September 2016). Details of the exploitation activities with the EUAB can be found in section 5 of this deliverable, while the Q&A of the EUAB meetings can be found in Annex 1.
• Knowledge transfer through publication of results and collaboration with other research projects.
• Assessment of the possible economic benefits and impact of the expected results. The individual partners have looked into the possible benefits and impact of the resulting tools and methodology and are planning their exploitation activities accordingly.
• Participation in expert groups, policy making and standardization ensures long-term widespread exploitation of the results. Details on activities in standardization and policy making can be found in section 6 of this deliverable.

Utility networks (gas, water, energy) can benefit from the methodology and products developed within PREEMPTIVE.
Competitive impact:
• PREEMPTIVE has aimed to minimize cyber-risk by applying innovative methods (the PREEMPTIVE methodology) and technologies developed for the utility networks. SCADA and ICS systems have been a specific focus of the project. Therefore, the outcome of this project is expected to have a high impact on utility companies and related industry, as future attacks will be thwarted with the help of the PREEMPTIVE methodology.
• The taxonomy defined within PREEMPTIVE shall improve the awareness in legal and regulatory organizations as well as for operators managing critical infrastructure assets. This taxonomy, aimed to better address the prevention and countermeasure needs, clearly classifies the utility networks based on:
o The utility network type and communication technology used
o The utility network sensibility to cyber threats
o The impact over the citizens of the service unavailability caused by a cyber-attack through the utility network
• The PREEMPTIVE consortium features partners that represent important sectors in primary services distribution (IEC) and related industry (SM, VITRO, HWC) and ENCS is able to coordinate the dissemination and exploitation activities within the EU Member States. National Regulators have been involved in workshops and seminars, aiming to prepare standardization processes.
• The specific “host based” technique developed within WP7 in order to contrast transmission through personal devices will have also impact within the sector of the “cloud technologies”, especially for securing storage spaces.

Impact at the societal level:
The PREEMPTIVE final exploitation objective is the protection of the utility networks against cyber-attacks, giving a response to the need to minimize the impact of criminal activities and malicious behavior that can reduce the level of availability of the primary services for the citizens. The improvement of the security of utility networks also increases the safety of the distribution network of the primary goods (gas, water and energy).
The consortium has developed a series of industrial process-related threats prevention and detection tools and host-based tools that constitute the PREEMPTIVE methodology that can be exploited individually by the developing partners or included in products already existing in their portfolios. PREEMPTIVE exploitable results include:

- Preemptive Methodology, cyber defense methodology framework that will provide security protection for utility networks and improve the level of security in cyber-physical system of critical infrastructure.
- Inclusion of the PREEMPTIVE tools in Vitrociset’s Vbrain and CyCube products. Vbrain is a scalable and configurable platform that allows the realization of remote command and control system of technological plants and integrated security systems. CyCube, on the other hand, is a microappliance that offers advanced protection means against cyberattacks.
- P-NIDS (Payload-based Network IDS). A tool for monitoring process variables by passively sniffing network traffic in critical infrastructure, developed by SecurityMatters.
- PR-IDS (Process-Related Intrusion Detection System). An anomaly detection tool, developed by AIA, built to detect abnormal behaviours at the process level of critical infrastructures, aimed to the detection of cyber of physical intruders.
- HIS (Host-based Integrity System) tool and results achieved with the tool.
- Scientific publications in conferences and journals. Scientific knowledge transfer within academic partners.
- Software aimed to produce an open-source library for the scientific community and industry.
- USBCheckIn, a hardware protection against firmware attacks.
- Baseline security requirements, developed by ENCS, for smart meters and equipment used in the operation of the smart grid.

Vitrociset is a prominent integrator of complex systems for the security and defence sectors. In these areas Vitrociset is offering large-scale turn-key integrated solutions, which usually employ multi-sensor systems in order to provide advanced situation awareness.
Vitrociset security offer covers all of the areas associated with the Civilian and Military sectors. The breakthroughs of PREEMPTIVE will enforce the market position of Vitrociset as national and international player in security including the protection of critical infrastructure. The Preemptive project has increased Vitrociset’s knowledge mainly in the correlation engine and data format. Such progress will be used in two of the products which are at Vitrociset catalogue:
• Vbrain
• Cycube
CyCube is a microappliance with the target to offer advanced protection means against cyber-attacks.
Current Cyber Security Systems are located at the LAN’s perimeter in order not to allow any penetration from the outside. This approach fails when the attack takes place from inside the LAN.
Vitrociset CyCube has been developed specifically to counter this kind of threats, that’s the attacks from inside the network, completing the offer for a 360° cyber protection system.
More in detail, main CyCube mission is to protect SCADA (Supervisory Control and Data Acquisition) networks, that’s the communication networks used to remotely command and control fielded equipment commonly used by private and military utilities such as PLC, ICS, breakers, sensors etc.
It is evident that usage of the correlation engine to detect alarms detected by Cycube will give an increase to Cycube functionalities.
Vbrain is a a scalable and configurable platform which allows to realize remote command and control system of small, medium and large technological plants, as well as integrated security systems, implementing internationally recognized standards both for signal acquisition and for interoperability with similar third party systems. It is actually used for monitor and control of small electric power stations in national airports as well as monitor and control of the auxiliary energy supply for Fixed Air Defense Radars (FADR) and at Ministry of Interior. Usage of standard format (CEF) for Preemptive, its parser with related Data Base schema for data are components which will be included in next V-Brain releases increasing its functionalities
The principal channel for market exploitation of the Preemptive project outcomes will be through the Vitrociset customers (utilities like ENEL and TERNA, Air Traffic control, Ministry of Interior and Defense). In a second phase, through partners and stakeholders networking, the results shall be advertised specifically through:
• Presentation of the project’s outcomes in workshops and events organized by VITRO and other Stakeholders,
• Participation in exhibitions and public demonstrations,
• Utilization of distributions and resellers worldwide to promote and include the solutions in offers and commercial bids.

The experience gathered during the project, and the tools and infrastructure developed, will help to guide and support future research efforts. In general, security researchers have limited access to Critical Infrastructure environments. This includes access to physical, realistic environments for the evaluation of new tools and approaches, as well as the ability to dialogue with stakeholders, to get a complete understanding of the processes, the requirements and the limitations of critical infrastructure. The convergence of end users and researchers enabled by the PREEMPTIVE project has had an important impact on research in the field: it has generated knowledge in the security research community, and a better understanding of the challenges, problems and opportunities associated with critical infrastructure environments. Furthermore, this consortium helped us establish long-term research and collaboration links with high-profile partners all over Europe. These collaborations will generate a long lasting network of integrated European research on practical aspects of critical infrastructure security

During the execution of PREEMPTIVE, SecurityMatters has designed and developed the P-NIDS, a tool for monitoring process variables by passively sniffing network traffic in critical infrastructure. The P-NIDS has the ability to learn the normal trend for continuous and binary variables and to detect any suspicious deviations in their trend. The P-NIDS is completely non-intrusive since it can be deployed in a network without requiring the access to any resource beside the spanning port of a switch.
To facilitate exploitation, the P-NIDS has been developed on top of SilentDefense, SecurityMatters’ flagship product. SilentDefense is a network monitoring and intelligence platform that passively analyses industrial network communications, providing rich information about network assets and alerts in real-time for any threat to operational continuity. By adding the P-NIDS functionalities to SilentDefense, SecurityMatters can offer wider protection to its current and its potential customers. For instance, in presence of a cyber-attack targeting the control process, the P-NIDS can promptly notify what variables are affected by the threat. In this way, operators know exactly where to act in order to address the problem. The P-NIDS has been tested on real data coming from SecurityMatters’ customer base and the results it can achieve have attracted interest from both current customers and prospects.
Given its novelty, the integration of the P-NIDS to SilentDefense is expected to bring a significant competitive advantage to SilentDefense. First, SecurityMatters will have a clear advantage against those competitors that do not offer any detection mechanisms that focus on the physical process; second, SecurityMatters can increase its competitive advantage against those competitors that do offer such functionalities but to do so they require access to resources of the system such as SCADA servers. In addition, as far as we know, the P-NIDS is the only solution for monitoring process variables that can be used in a plug-and-play fashion, without relying on expensive time-consuming tuning from operators.

SecurityMatters exploitation plan includes the following activities: i) development to integrate the P-NIDS within SilentDefense; ii) testing phase; iii) deployment as Proof-of-Concept (PoC) for interested customers. To sustain the exploitation plan, SecurityMatters is considering applying for SME Instrument fund. In addition, internal resources and income from PoCs will also contribute to the sustainability of the P-NIDS further development.

AIA exploitation strategy is based in the following points:
The main objective of AIA in the PREEMPTIVE project was to build an anomaly detection tool, called Process-Related Intrusion Detection System (PR-IDS), to detect abnormal behaviours at the process level of Critical infrastructures with the main purposes of detecting cyber or physical intruders. This tool has been implemented on a state-of-the-art open source distributed real time computation system which, among other important features, is flexible, scalable and easy to integrate with current queueing systems and database technologies. This will allow AIA to use and test other anomaly detection algorithms, different to the NSA (negative selection algorithm) applied in this project, in order to compare the detection rates and false negative rates obtained, and also adapt the PR-IDS system to different environments and detection targets.
The PR-IDS architecture contains a website for the configuration of the tool that can work independently of the PREEMPTIVE platform. It must be kept in mind when considering other applications of the PR-IDS that it is an anomaly-based detection tool and, thus, it will raise alarms whenever abnormal behaviours are found. These anomalies can be produced by cyber or physical threats, as the case considered here, but may be also due to malfunctioning of specific equipment, connection losses, or any other possible source of anomaly present in the supervised process.
Full documentation of the PR-IDS tool has been prepared, describing the functional and technical specifications of the systems, in order to provide internal documentation in AIA that allows other departments to take advantage of the detection system that has been designed to detect anomalies on real time.
Since AIA has a large experience working with anomaly detection algorithms in a wide variety of sectors (i.e. energy, financial, retail), the results from PREEMPTIVE project will be used to improve anomaly detection techniques currently used at AIA in all departments. The plan is to first have a presentation of PREEMPTIVE results to all departments and evaluate the possibilities of using this technology in current or near future consulting projects where anomaly detection is envisaged.
In addition, the knowledge in cyber security gained during PREEMPTIVE project is highly valuable for AIA as it can be used to improve its own commercial products designed for Electric and Gas utilities.
The Fraunhofer IOSB carries out applied research and is acting in between research and industry in the business area civil security. The results of this project will raise the security level of existing products in this area. The generated knowledge will help to acquire new projects in the industry. Finally the project will allow the IOSB to support lectures, PhD thesis and publish the results in well-known conferences
HWC will benefit from the enhancement of their attack detection technology and integration of this component within a much larger system. HWC’s current roadmap aims to improve the integration of their low level attack detection techniques with the overall processes which define and manage an organization. HWC’s customer base currently consists of large tier 1 defense suppliers, government agencies and critical infrastructure operators whom currently generate around £1M revenue per year. HWC’s offerings are greatly enhanced by the broader view of the problem which is facilitated by the PREEMPTIVE project.
The exploitation plan for UNIROMA3 encompasses both scientific and industrial aspects. From a scientific point of view, we plan
● to refine and improve the results that were published in scientific conferences to produce journal-level publications,
● to use the achieved results for the integrity of personal storage (the HIS tool) as the basis of a research proposal for the integrity of personal data stored into public cloud services, and
● to refine and extend the software developed in Preemptive to produce an open-source library, for the scientific community and industry.
From an industrial point of view, we point out that some of the work developed in WP7, namely the USBCheckIn hardware protection against firmware attacks, was already covered by an Italian patent application. We plan to give visibility to the innovations developed by UNIROMA3 within PREEMPTIVE, and in particular the USBCheckIn tool, with the intent of finding economic entities interested to start an industrialisation path, comprising the extension of the patent to European/international level. The following possibilities will be considered:
● transfer of the intellectual/industrial rights to an industrial partner as long as providing the support for the industrialisation, and
● taking advantage of the H2020 SME Instrument (http://ec.europa.eu/programmes/horizon2020/node/686) which require an industrial partnership with a SME.
The scope of our partner search will not be limited to the utilities sector. Other critical applicative contexts like banks, hospitals, or ICT-related service providers, will also be taken into account.
ENCS plans to use the results of the PREEMPTIVE project to create more secure smart grid architectures through direct collaboration with electricity grid operators throughout Europe. ENCS has developed several baseline security requirements for smart meters and other kinds of equipment used in the operation of the smart grid. These baseline requirements are used by distribution grid operators across Europe. PREEMPTIVE threat analysis together with requirements defined throughout the duration of the project can be leveraged to improve these requirements that grid operators use for procurement and testing of equipment.
ENCS carries out consulting activities in the area of critical infrastructure cybersecurity with major DSOs. PREEMPTIVE threat analysis, standard reviews, taxonomies, cyber-attack scenarios, monitoring framework, tools and risk assessment methodologies will be leveraged by ENCS to enhance its consulting services. For instance, ENCS is currently involved in projects regarding OT/IT security monitoring that involve the definition of suitable architectural models and framework components for major EU utility operators. In addition to this, ENCS is currently supporting its members in the development of an enhanced risk assessment methodology that considers cyber risks.
On the other hand, ENCS is involved in several research activities and collaborations with multiple industrial and academic partners. ENCS will seek to exploit PREEMPTIVE results in other on-going activities such as SEGRID FP7 project, future H2020 projects in the critical infrastructures and IoT areas, and internal research activities carried out for its members.
IEC has a great interest in tools and systems that can improve the company's possibilities to protect the energy infrastructure capabilities from cyber-attacks. IEC will take advantage of the PREEMPTIVE results to demonstrate compliance with high-level security requirements that originate from mandates, standards, and guidelines. At the same time IEC is looking for an opportunity to acquire the know-how and the possibility to exploit the project's results to introduce new possibilities for effective and secure operation of the energy infrastructure. Participation in this project has also allowed the IEC engineers to acquire know-how on telecommunication, informatics and control systems, and more specifically on ICT security and risk prediction.
Being an academic research institution, our objective is to elaborate our already existing knowledge and to examine the compliance of new information and communications technologies with the relevant European legal frameworks (e.g. on security and data protection, on surveillance and on cybercrime). These results will aim to put the PREEMPTIVE objectives in context and to clarify the applicable legal framework, to point out the legal challenges and to propose solutions to deal with the identified problems.
Considering KU Leuven is an academic partner, the exploitation plans for KU Leuven encompass primarily academic and scientific aspects. The main task of KU Leuven has been to provide ethical and legal advice; support and guidance was given to the project partners in their development of the technical tools. Therefore, no concrete, or immediate, tangible, economic or industrial exploitation plans are present.
The results of KU Leuven’s ethical and legal research performed as part of the PREEMPTIVE project, and WP3 in particular, will primarily be exploited through the transfer of the acquired research knowledge gained during the project back to the academic sector. As an academic partner, the knowledge obtained as part of WP3 research will be further applied in our academic activities. Though not of an economic nature, this knowledge will result in amongst others future papers and courses.
The expertise gained throughout the project will also be applied in subsequent research projects, e.g. Horizon 2020, related to the cyber-security of critical infrastructures. Furthermore, the research concerning general security and privacy requirements, which aren’t necessarily specific to the critical infrastructure context, e.g. the data protection framework has a horizontal scope and applies to all personal data processing activities regardless of the sector in which these activities are performed, contributes to all future research activities. In other words, the scope of our research will not be limited to the utilities sector. Other contexts that require research into the security, privacy and data protection aspects concerning the deployment of new technologies will also be taken into account.
The main outcome of Preemptive for IREC has been the taxanomy, the experimental validation of cyber security tools at IREC lab and the experience and knowledge acquired in the field of cyber security applied to electrical networks and smart grids.
IREC has not developed any product or tool aimed to be exploited commercially. However, the knowledge and experience acquired will be used in future developments and research projects in electrical networks with particular focus on smart grids and the implementation of ICTs.
Being a research center specialized in smart grids from the electrical point of view, the experience and knowledge gained during Preemptive project will allow IREC to enlarge its scope of research activities in this field adding more value to new collaborative research and demonstration projects at regional, national and European level.
As an example, IREC is leading the RIS3CAT Energy Community in Catalonia, a 15 MiEuro project aiming to transform and increase the competitiveness of the energy sector in Catalonia in the fields of energy efficiency, low carbon technologies and smart grids. IREC will be able to propose and promote new projects within the RIS3CAT Energy community in the field of smart grids as a key element for the future deployment of smart grids and smart buildings technologies.
Harnser has invested heavily in creating methodologies that operators and owners of critical infrastructure assets can apply and benefit from. Harnser will incorporate the results from PREEMPTIVE into PRISM® to enhance its application to cyber risks, applying the learning from the Project to elevate the visibility and response to cyber-attacks within the integrated security risk management framework that PRISM® represents.
List of Websites:
www.preemptive.eu
final1-preemptive-brochure.pdf