Preliminary results of EnergyShield project were presented on 27 of April at the  2nd ECSCI Workshop on Critical Infrastructure Protection CIP.  The focus of the presentation  was on how could stakeholders shield the power grid from cyberattacks.  EnergyShield project the tools and pilots were introduced and policy contributiions were shared alongside  with some lessons learned and ways to reachout the project. 

The relevance of a toolkit for Critical Infrastructures (CI) / EPES – like the proposed by EnergyShield – was evaluated during project implementation. Supply chain for CI has gotten recently and software supply chain risks become additionally very visible (e.g Solar Winds incident). To this end the need for complex systems that are fully flexible and ensure different deployment possibilities and easy adoption of new technologies is highly relevant. Moreover, the current market shows the existence of many cross-sector tools and a limited offer for the energy sector. The latest incidents however provide good arguments for the exploitation of a toolkit like EnergyShield. 

Building an online identity as well as creatin flexible systems are essential. Starting from a plethora of technologies and use case functionalities the EnergyShield system needs to provide full flexibility. In adapting and integrating technologies the technology providers have improved and adapted the tools making them ready for integration through the overall EnergyShield system and interacted with Practitioners to collect feedback (testing and evaluation of tools. Also, a flexible integration concept was designed and is being implemented to ease the accommodation of tools and a Portal to securely access the toolkit. Technology providers have collaborated towards preparing and accommodating tools using different technologies in a common environment (EnergyShield toolkit) and using a data fusion mechanism combined with machine learning to create a global view.

About the event. This workshop presented the different approaches on integrated (i.e., cyber and physical) security in several different industrial sectors, such as finance, healthcare, energy, air transport, communications, industrial plants, gas, and water. The peculiarities of critical infrastructure protection in each one of these sectors have been discussed and addressed by the different projects of the ECSCI cluster that presented their outcomes, discussing the technical, ethical and societal aspects and the underlying technologies. The workshop included three opening remarks, three keynote speeches, 21 projects presentations, 2 roundtable and panel discussions,  21 thematic presentations, and closing remarks. The audience included scientists and experts in the field of critical infrastructure protection, CISOs, CIOs, CERTs, CSIRTs, CSOs, cyber and physical security experts representing different sectors and policy makers for critical infrastructure protection. 

On April 29th, 2022 the main accomplishments of the EnergyShield project were presented at the “Trends in managing current security and predictive maintenance challenges in Smart Energy Grids in Romania” workshop. The workshop was organized by the University Politehnica of Bucharest, Faculty of Electrical Engineering ( together with several companies in the field. The project, together with the main results and an invitation to the final event were presented by Assoc. Prof. Ana-Maria Dumitrescu from SIMAVI. The workshop was held in Romanian, for the EPES sector stakeholders in the area.

3rd International Workshop on Electrical Power and Energy Systems Safety, Security and Resilience (EPESec 2022)

As a participant, we gladly invite you to attend this event: the 3rd International Workshop on Electrical Power and Energy Systems Safety, Security, and Resilience (EPESec 2022). The event will take place from August 23–August 26, 2022, in Vienna, Austria.


The forthcoming smart energy ecosystem is considered as the next-generation power system, which promises self-healing, resilience, sustainability, and efficiency to the critical energy infrastructure. However, due to the increasing digitization of the energy infrastructure, the risk of cyberattacks has risen dramatically, while as the smart energy and power grid is reaching every house and building, the potential of attracting cyber-attackers is magnified. Additionally, legacy systems constitute weak points of failure since they were designed in times when cybersecurity and remote monitoring and control was not part of the technical specifications for the system design.

From this perspective, the EPESec 2022 workshop aims at collecting the most relevant ongoing research efforts in the EPES digital security field. It also serves as a forum for relevant projects in order to disseminate their security-related results, boost cooperation, knowledge sharing and follow-up synergies, and foster the development of the EPES Security Community, composed of security experts and practitioners.


Important Dates
Submission Deadline May 13, 2022
Author Notification June 05, 2022
Proceedings Version June 19, 2022
ARES EU Symposium August 23, 2022
Conference August 23 – August 26, 2022


Click here for more information:

We would like to express our congratulations to our KTH colleagues, who have published their article entitled “Two Decades of Cyberattack Simulations: A Systematic Literature Review” in the Computers & Security (2022) journal.


The abstract is as follows:

Cyberattack simulations appear across multiple computer security domains and are interpreted in many different but equally viable ways. However, this makes the topic appear fragmented and inconsistent, making it challenging to identify and communicate relevant research. Therefore, this article contributes to a unified baseline by presenting the results of a systematic literature review. The review targeted attack simulations published between 1999 and 2019, specifically those exploring which specific steps result in successful attacks. The search initially produced 647 articles, later reduced to 11 key contributions. Despite being scattered across application domains, their general aims, contributions, and problem statements were remarkably similar. This was despite them generally not citing each other or a common body of work. However, the attack simulations differed in implementation details, such as modeling techniques, attacker decision-making, and how time is incorporated. How to construct a fully unified view of the entire topic is still somewhat unclear, particularly from the 11 articles. However, the results presented here should help orient practitioners and researchers interested in attack simulations regarding both present and future work. Particularly since, despite the seemingly implausible sample, the cumulative evidence suggests that attack simulations have yet to be pursued as a distinct research topic.


The complete article can be reviewed and found at the following link:


As a participant in the 2nd ECSCI Workshop on Critical Infrastructure Protection, we cordially invite you to attend this event:

This workshop will present the different approaches to integrated cyber and physical security in different industrial sectors, such as energy, transport, drinking and wastewater, health, digital infrastructure, banking and financial market, space and public administration. The peculiarities of critical infrastructure protection in each one of these sectors will be discussed and addressed by the different projects of the ECSCI cluster that will present their outcomes, discussing the technical, ethical, and societal aspects as well as the underlying technologies.

Specifically, novel techniques will be presented for integrated security modelling, IoT security, artificial intelligence for securing critical infrastructures, distributed ledger technologies for security information sharing and increased automation for detection, prevention and mitigation measures.

The workshop will include keynote speeches, 23 projects presentations, roundtable and panel discussions, and thematic presentations. It is intended for scientists and experts in the field of critical infrastructure protection, CISOs, CIOs, CERTs, CSIRTs, CSOs, cyber and physical security experts representing the different sectors and policymakers for critical infrastructure protection.

Click here for more information:

EnergyShield project was presented at the 2nd International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP 2021) – Security & Trust

CPS4CIP 2021 is the second workshop dedicated to cyber-physical security for protecting critical infrastructures that support finance, energy, health, air transport, communication, gas, and water. The secure operation of these critical infrastructures is essential to the security of a nation, its economy, and the public’s health and safety.

This week (28th of September’21), Ismail Butun, Ph.D. from KTH Royal University of Technology, the Department of Computer Science at the School of Electrical Engineering and Computer Science presented our #H2020 project #EnergyShield at the SCADA-Säkerhet 2021 Cyber-Security Conference. Our project aims at developing & testing an integrated cyber security toolkit for the energy sector. Including vulnerability assessment, anomaly detection, behavior analysis, forensics, DDoS mitigation, and SIEM. #cybersecurity #energy #ddosprotection #smartgrids #h2020energy #scada

As a result of all of the positive feedback and great demand from our stakeholders, a summary of the conference may be reviewed in the following figures:

NTUA and KTH joined forces to write an article together that conceptually maps the SBA and the VA tool to each other. Therefore, they facilitated the MITRE ATT&CK matrix to link the meta model of SBA to the icsLang, which is used as meta model for VA. The paper will be presented at the EPESec workshop at the ARES conference.

The abstract reads as follows:

The increase of cyber-attacks raised security concerns for critical assets worldwide in the last decade. Leading to more efforts spent towards increasing the cyber security among companies and countries. For the sake of enhancing cyber security, representation and testing of attacks have prime importance in understanding system vulnerabilities. One of the available tools for simulating attacks on systems is the Meta Attack Language (MAL), which allows representing the effects of certain cyber-attacks. However, only understanding the component vulnerabilities is not enough in securing enterprise systems. Another important factor is the `human`, which constitutes the biggest `insider threat`. For this, Security Behavior Analysis (SBA) helps understanding which system components that might be directly affected by the `human`. As such, in this work, the authors present an approach for integrating user actions, so called “security behavior”, by mapping SBA to a MAL-based language through MITRE ATT&CK techniques.

EnergShield Consortium has just released the report of the European workshop Trends, opportunities and choices in designing a cyber resilient EPES infrastructure organized on the 15th of April 2021, 10.00 CET. EnergyShield_Workshop Report_v0.6

A total of 135 persons attended the online EnergyShield workshop and the majority were interested in the opening session topics. 

The event was initiated and organized by three EnergyShield partners: Software Imagination & Vision (Coordinator), KTH Royal Institute of Technology in Stockholm (Dissemination& Communication Leader) and National Technical University of Athens (Collaboration Leader). 

The event gathered Critical infrastructure stakeholders, business, academia, and industry professionals from 8 European countries around cross-domain topics. 

Different aspects of cyber security in EPES sector including standardization efforts and policy updates were addressed during the opening sessions leaded by representatives from European Commission, ENISA and energy standardization and regulatory bodies. Also, a brief introduction of Energy Shield project and a demonstration of the toolkit developed completed this session.

The second part of the workshop focused on two topics that will be addressed in two consecutive panels equipped with high profiled experts from the field. The first one elaborated on the effect of work from home on energy and IT infrastructures, while the second one addressed latest incidents targeting critical infrastructure and their impact on designing new technologies, business models and policies.