Periodic Reporting for period 2 - SDN-microSENSE (SDN - microgrid reSilient Electrical eNergy SystEm)
Reporting period: 2021-01-01 to 2022-10-31
Cyberattacks have become increasingly sophisticated, stealthy, targeted and multi-faceted. As a result, incidents like power outages, brownouts and blackouts are likely to happen and they may affect not only the energy domain but all the interconnecting devices and infrastructure. Therefore, new security measures are needed, not only from the IT point of view, but by combining the arsenals from both domains: the IT and the power infrastructure domain. SDN-microSENSE aims at providing and demonstrating a secure, resilient to cyber-attacks, privacy-enabled, and protected against data breaches solution for decentralised Electrical Power and Energy Systems (EPES). The project employs a set of advanced cutting-edge technologies targeting at:
1. Performing collaborative and distributed risk assessment involving all energy actors
2. Strengthening EPES domains with self-healing capabilities based on islanding and fast grid recovery processes exploiting renewable sources
3. Enabling effective energy exchange between microgrids and residential prosumers
4. Implementing a large-scale cybersecurity solution by integrating innovative components for detecting and preventing cyberattacks, privacy violations and various threats
5. Building a decentralised security information and event management (SIEM) tool for decision support concerning anomaly detection and response enhanced with advanced machine learning capabilities
6. Realising an end to-end privacy framework that involves all types of users and stakeholders to protect against data breaches
7. Demonstrating and validating all tools/systems/processes through detailed real-world scenarios (in differents countries such as Norway, Greece, Spain or Bulgaria )with emulated/simulated cyberattacks
8. Contributing to international standardisation activities for promoting sustainable and compatible EPES cybersecurity approaches. All designed, developed, and tested technologies should consider the latest related research findings and maintain high compliance with current industrial standards (e.g. IEC standards).
1. Performing collaborative and distributed risk assessment involving all energy actors
2. Strengthening EPES domains with self-healing capabilities based on islanding and fast grid recovery processes exploiting renewable sources
3. Enabling effective energy exchange between microgrids and residential prosumers
4. Implementing a large-scale cybersecurity solution by integrating innovative components for detecting and preventing cyberattacks, privacy violations and various threats
5. Building a decentralised security information and event management (SIEM) tool for decision support concerning anomaly detection and response enhanced with advanced machine learning capabilities
6. Realising an end to-end privacy framework that involves all types of users and stakeholders to protect against data breaches
7. Demonstrating and validating all tools/systems/processes through detailed real-world scenarios (in differents countries such as Norway, Greece, Spain or Bulgaria )with emulated/simulated cyberattacks
8. Contributing to international standardisation activities for promoting sustainable and compatible EPES cybersecurity approaches. All designed, developed, and tested technologies should consider the latest related research findings and maintain high compliance with current industrial standards (e.g. IEC standards).
SDN-microSENSE consortium has worked to fulfil all the objectives set in the Grant Agreement (GA). In this period, apart from all the managerial activities, use case scenarios definition were finalized. Tthe definition of the Collaborative Risk Assessment Methodology and the implementation of it within S-RAF was performed. New functionalities to the current concept of honeypots through the development of the Honeypot Manager, the IEC61850 Honeypot and the Modbus Honeypot were carried out and improved cybersecurity training process was identified, leading to the development of the Cybersecurity Awareness & Training Model & the corresponding evaluation tool. Other important result has been the development of a self-healing mechanism to cluster the grid and apply intentional islanding as well as an Energy Restoration & Management Processes framework (EMO) in order to maintain the energy balance.
The development and provisioning of the Overlay Privacy Framework (OPF) for the protection of energy consumers’ data privacy was finalized as well as the anonymous repository of incidents (ARIEC). Related to the cybersecurity certification scheme, a number of recommendations were provided based on experience gained in the project, on areas that need attention to enhance the EU certification schemes. A System Development Life Cycle Methodology was presented in order to serve to structure the standards and norms to be applied.
With respect to pilot assessment, a strategy for the six pilot’s assessment in terms of user needs was outlined and a detailed description of the demonstration scenarios, implemented cyberattacks, key KPIs, and user requirements was created. An evaluation questionnaire were developed as part of the pilot planning methodology. A set of isolated sandboxing environments where deployed to simulate the behavior of different components and installations of the Smart Grid. Each scenario emulated a different EPES infrastructure and validated different components of the SDN-microSENSE. The evaluation of the technologies, procedures and algorithms developed and assessed within the whole project took place and a variety of lessons learnt and recommendations from the whole process were gathered
In terms of dissemination activities, social media accounts included the latest news of the project. A flyer was created along with a banner that was used in events and exhibitions. Other important actions were the creation of blog posts that were published on the website, newsletters with the latest the news of the project along with main achievements, participations in several events to present the project outcomes, publications of project results in Journals and Conferences. Furthermore, organization of workshops in conferences and organization of the final open event were carried out.
Information for each exploitable item regarding the owners and TRL levels, market assessment and main innovations was collected and the creation of a business canvas and a SWOT analysis for all exploitable items.
Organization of a series of exploitation workshops to present the exploitable items, get feedback and adjust the Business Canvas and SWOT analysis were performed. For the KERs, creation of a business plan were performed. Finally, the project contributed to the foundation and development of CyberEPES cluster.
The development and provisioning of the Overlay Privacy Framework (OPF) for the protection of energy consumers’ data privacy was finalized as well as the anonymous repository of incidents (ARIEC). Related to the cybersecurity certification scheme, a number of recommendations were provided based on experience gained in the project, on areas that need attention to enhance the EU certification schemes. A System Development Life Cycle Methodology was presented in order to serve to structure the standards and norms to be applied.
With respect to pilot assessment, a strategy for the six pilot’s assessment in terms of user needs was outlined and a detailed description of the demonstration scenarios, implemented cyberattacks, key KPIs, and user requirements was created. An evaluation questionnaire were developed as part of the pilot planning methodology. A set of isolated sandboxing environments where deployed to simulate the behavior of different components and installations of the Smart Grid. Each scenario emulated a different EPES infrastructure and validated different components of the SDN-microSENSE. The evaluation of the technologies, procedures and algorithms developed and assessed within the whole project took place and a variety of lessons learnt and recommendations from the whole process were gathered
In terms of dissemination activities, social media accounts included the latest news of the project. A flyer was created along with a banner that was used in events and exhibitions. Other important actions were the creation of blog posts that were published on the website, newsletters with the latest the news of the project along with main achievements, participations in several events to present the project outcomes, publications of project results in Journals and Conferences. Furthermore, organization of workshops in conferences and organization of the final open event were carried out.
Information for each exploitable item regarding the owners and TRL levels, market assessment and main innovations was collected and the creation of a business canvas and a SWOT analysis for all exploitable items.
Organization of a series of exploitation workshops to present the exploitable items, get feedback and adjust the Business Canvas and SWOT analysis were performed. For the KERs, creation of a business plan were performed. Finally, the project contributed to the foundation and development of CyberEPES cluster.
SDN-microSENSE uses advanced microgrid technologies and builds upon the pillars of software defined networking, virtualization, detection tools, deep learning and big data techniques, game-theoretic modelling and visualisation that will provide a secure platform for efficient prevention, detection and respond to sophisticated cyber-attacks as well as the efficient exchange of critical information. SDN-microSENSE has provided an appropriate framework and an all-in-one solution for energy stakeholders and operators to safeguard the secure and continuous operation of their networks, meeting their highly demanding security requirements and pushing the current state of the art. Project results will greatly benefit society as a whole since other infrastructures and economic sectors are interdependent to energy systems and thus a potential paralysis of them due to domino and cascade effects will be avoided. In addition, this will also have a positive environmental impact by means of physical resources expenditure limitation and better network load balancing. SDN-microSENSE is going to radically decrease the detection and respond time to sophisticated cyber-attacks through the proposed large scale SDNmicroSENSE SIEM tool that will efficiently process the collected events using big data analytics, deep learning and visualisation, whilst providing enhanced data and network monitoring mechanisms. This is further enhanced by introducing SDN capabilities to the architecture enabling a specification-based intrusion detection methodology at different locations and areas and allowing self-healing of several grid nodes. These will contribute to the limitation of smart grids, and as a consequence of businesses’ and supply chains’ in general, disruptions positively influencing production and sales and saving high costs of response, repair, and clean actions. Finally, conclussions gathered from the execution of the pilots have helped to identify lessons learnt and recommedations that could be used in future developments.