SIMAVI and NTUA initiated a workshop to bridge communication between all three projects funded under SU-DS04-2018-2020 call. The aim of this workshop was to introduce the projects, identify similarities and explore collaboration opportunities from both technical and dissemination perspectives. EnergyShield, PHOENIX and SDN micro-SENSE projects were introduced by leading partners in terms of objectives, consortium, technical challenges, and next coming activities. In total, 38 representatives of the three projects participated in the workshop.

Project presentations

EnergyShield

Anna Georgiadou (NTUA) welcomed workshop participants on behalf of the EnergyShield project and presented the general collaboration concept behind this initiative: Bridging three H2020 EU projects, EnergyShield, PHOENIX and SDN-microSENSE, all funded under the SU-DS04-2018-2020 program and, consequently, sharing the same goals and vision towards Cybersecurity in the Electrical Power and Energy System (EPES).

First, Otilia Bularca (SIMAVI), as the EnergyShield Project Manager, presented the EnergyShield project including (the slides can be found here):

  • General project information including budget, duration and consortium partners
  • Concept and objectives
  • Technical activities progress
  • Toolkit architecture and overall design with details regarding each available tool
  • Pilot use cases along with a comparative analysis
  • Integration approach, perspectives and activities flow
  • Milestones, progress and roadmap
  • Project communication channels

Phoenix

Second, Farhan Sahito (Capgemini), as the Phoenix Project Coordinator, presented the PHOENIX project general information including (the slides can be found here):

  • Project facts and objectives
  • Consortium partners
  • Large scale pilots
  • Progress and expected results

Following, Theodore Zahariadis (Synelixis) proceeded in the technical presentation of the project including:

  • Project approach and main goals
  • Architecture design
  • Core technologies and integration approach
  • Pilot presentation

Closing the project presentation, Elena Sartini (CEL) briefly elaborated on the PRESS (Privacy and Data Protection, Ethics, Social and Security) Framework and its approach while sharing the resources for its analytical presentation.

microSENSE

The presentations of the projects were closed by Fernando Usero Fuentes (AYESA), as the SDN-microSENSE Project Coordinator, presented the SDN-microSENSE project general information including:

  • General project information including budget, duration, and consortium partners
  • Work package progress
  • Objectives, challenges and expected results
  • Milestones and roadmap
  • Pilot use cases

Then, Panos Sarigiannidis (UOWM) proceeded in the technical presentation of the project including:

  • Project approach
  • Architecture design
  • Operation flow
  • Core technologies and implementation approach

Closing the project presentation, Theodoros Rokkas (inCITES) provided several dissemination and collaboration ideas based on previous experience and revealed a few other ongoing collaboration activities with other EU projects.

Discussion on Collaboration between Projects

The project presentations were followed by the project representatives recognizing the common goals, concepts and similar approaches embraced by the three participating projects. Ideas regarding future workshops with a more technical basis open to third parties including BRIDGE representatives or even to the end-users and public were introduced. Sharing and exchanging anonymized EPES datasets, project interconnection via common usage of the same incident report platforms, similar tool testing techniques were a few of the ideas put forward by the participants.

The Outcomes

Project partners attending the workshop agreed on the importance of sharing information and knowledge. A common dissemination approach was discussed, and some activities have been drafted:

  • Join forces on social media communication channels starting from Twitter
  • Create a LinkedIn group (EPES – related projects)
  • Prepare common workshop/conferences involving stakeholders
  • Publish whitepapers
  • Share costs of booth in events
  • Create a “sister projects” section on project webpages

The opportunity of organizing joint technical activities for the outside world was also put forward. Workshops or webinars potential topics:

  • architecture design and integration possibilities
  • data exchange/sharing and interoperability
  • demonstrator and tools capabilities

To go ahead with this initiative, the creation of a board from all three projects was suggested. Thus, SIMAVI would initiate a list with persons that should be contact points for the collaboration activities.

Another proposal was related to the possibility of following up the progress of projects. Thus, from time to time selected partners (field experts) could attend significant project consortium meetings, such as review rehearsals.

As EnergyShield is the first of the participating projects to undergo a review process, it has already scheduled review rehearsal on the 29th of July. Consortium partners will be asked if they have objections against inviting external experts to attend the meeting on the 29th of July.

Next, the project partners will continue to communicate online and align the ideas on a technical workshop that would be scheduled in September – October 2020.

Finally, more than 90 people logged in to listen to the talks of Robert Lagerström (KTH), Erik Ringdahl (foreseeti), and Simon Hacks (KTH) given on July 9.

Robert opened the webinar with explaining the overarching goal of the EnergyShield project and stressing the challenges the EPES sector is facing when it comes to cyber security. Furthermore, he presented actual research conducted at KTH to tackle these challenges. Then, Erik took over and showed the interested audience the capabilities of foreseeti’s tool securiCAD and the way it was used in the past to simulate attacks on the EPES sector. Finally, Simon brought the threads of Robert and Erik together, presenting epesLang, a threat modelling languages that covers the assets needed to successfully conduct attack simulations on power assets. epesLang’s capabilities were demonstrated by modelling the attack on the Ukraine from 2015 and illustrating also alternative attack paths that could have been successful.

The webinar was closed by a panel discussion on the key challenges for the EPES sector, how these challenges can be addressed, and what are the key enablers. In the panel, Chris Few (Ofgem), Johan Söderbom (InnoEnergy), Kimon Nicolaides (MASS), Thomas Olsen (Lagoni Engineering), and Matthias Rohr (PSI Software AG) participated.

The captured presentations and panel discussions can be found here.

The EU Innovation Project EnergyShield welcomes all interested parties working with cyber security or risk management in the Energy sector or in Critical Infrastructure to the “Future of Cyber Security in Electrical Power and Energy Systems” webinar. The webinar focuses on integrated cyber risk and vulnerability assessments for Critical Energy Infrastructures and is held on Thursday 9th of July at 15:30 – 17:00 CET.

For the agenda and more information please visit: https://foreseeti.com/2020/06/17/join-our-energyshield-webinar-on-the-9th-of-july-ws/

We are happy to announce that we recently published a video that describes the problem we tackle and how our project will help to make the European energy grid safer. Enjoy our video:

EnergyShield project was accepted in cyberwatching.eu project hub.

Cyberwatching.eu is the European observatory of research and innovation in the field of cybersecurity and privacy. Funded under the European Commission’s H2020 programme, this project contributes to making the Digital Single Market a safer place by promoting the uptake and understanding of cutting-edge cybersecurity and privacy services which emerge from Research and Innovation initiatives across Europe.

In the pre-accession phase the market and technology readiness were evaluated and the project was included on the Cybersecurity and Privacy Project Radar. The Cybersecurity and Privacy Project Radar provides a birdseye view of the complete collection of EU funded projects in the cybersecurity space. Projects with a colour gradient have volunteered in a technology and market readiness assessment by Cyberwatching.eu

We are happy to announce that our partners from City, University of London got two papers accepted:

ICCCN 10th Internal Workshop on Security, Privacy, Trust, and Machine Learning for Internet of Things 2020

City has had a paper entitled “Modelling DoS Attacks & Interoperability in the Smart Grid” accepted at this workshop, as part of the 29th International Conference on Computer Communications and Networks (ICCCN). The event will take place virtually (due to the current coronavirus pandemic) between the 3rd-6th August 2020, where City will present. This paper contains the results of City’s research into the interdependency between cyber systems and the underlying power grid, and features a novel model to explore the potential spread of issues caused by DDoS attacks. This paper is co-authored by L7 Defense, who provided their insights. The paper will be published by IEEE.

EAI International Conference on Security and Privacy in New Computing Environments 2020

City has had another paper entitled “A Characterisation of Smart Grid DoS Attacks” accepted at this conference. This event has also been moved online due to the pandemic and related lockdown conditions, and is scheduled to take place between 6th-7th August. City will once again be presenting. This paper contains City’s background research into DoS attack possibilities in the smart grid environment, including a review of existing DoS scenarios as reported by existing scientific literature, and an assessment of the characteristics of these attacks. L7 Defense is once again listed as co-authors and reviewed the paper.

Kanaris Bounas from National Technical University of Athens (NTUA) presented the framework of the Cybersecurity Culture tool at the IADIS Information Systems Conference (IS 2020) on 2-4 of April. The IS 2020 provides a forum for the discussion of information systems taking a socio-technological perspective. It aims to address the issues related to design, development and use of IS in organisations from a socio-technological perspective, as well as to discuss IS professional practice, research and teaching.

IS2020 gathered more than 80 researchers and practitioners from multiple disciplines including technology infrastructures and organisational processes, risk management, ethics and privacy, information security, IS design, development and management, and IS research.

Due to the COVID-19 outbreak the conference was held online. The initial work and vision for the tool for the assessment of socio-culture behavior of organisations was presented under the title “Towards a cybersecurity culture tool through a holistic, multi-dimensional assessment framework” and was published in the IADIS digital library.  The attendants commented on the importance of the tool and provided valuable feedback and ideas for the assessment process while also initializing a fruitful discussion on the unpredictability and indeterminism in human behavior.

Holding the conference as an online event brought some minor difficulties such as connection problems that caused delays in the sessions but in general the conference was completed with great success.

According to a Gartner, Inc. survey of 800 global HR executives on March 17, 88% of organizations have encouraged or required employees to work from home, regardless of whether or not they showed coronavirus-related symptoms. At the same time, a profound cyber-crime increase has occurred that cannot be left unnoticed.

Our team aims to investigate the cyber-security culture readiness along with the effects of the COVID-19 pandemic to numerous organizations from different countries, business domains and specialization fields.

What we need is 5 minutes of your time to assist us in our goal.

 Please participate in our short survey and help us understand the technological side-effects of the COVID-19 crisis. Be assured that the survey is anonymous and the responses will be kept strictly confidential.

Click here to take this 5 minutes  survey 

All the information provided id anonymous and no personal information required.

Your contribution to our research is valuable and we will keep you posted on the findings.

We are happy to announce that the work of NTUA has been accepted at the IADIS Information Systems Conference (IS 2020). The paper, titled “TOWARDS A CYBERSECURITY CULTURE TOOL THROUGH A HOLISTIC, MULTI-DIMENSIONAL ASSESSMENT FRAMEWORK”, is about the framework and the tool the NTUA is developing for the Task 2.2 of the project. The conference will be held in a virtual format due to the corona-virus outbreak, from 2 to 4 of April.

The abstract is as follows:

Cyber-security culture forms one of the best lines of defence against many cyber-attacks making it an ideal and efficient target to address, in order to better secure organisations. It has its foundations on the information security policies and procedures enforced by its management. It is also dictated and formed by the behaviour, perceptions and attitudes of its employees. These will form the basis of our model which aims to quantify these theoretical constructs in order to analyse them and provide feedback. The close examination of existing security assessment tools and frameworks while identifying the most important security components and sections which need to be addressed and evaluated, resulted in our proposition of a state-of-the-art cyber-security culture tool. The presented approach aims to address existing gaps by adopting a holistic perspective that incorporates both organisational and individual aspects of security culture, including behavioural traits that affect and risk the security level of the company. Our approach and tool will be applied to the EPES sector, where the timely assessment of the security culture is considered essential and of high impact.