The full program of EnergyShiled’s “Building upon cyber resilience in energy sector”  online conference is now ready. 

Please take a closer look at the sessions planned by the EnergyShiled Consortium members and don’t forget to register.

“Building upon cyber resilience in energy sector” is the name of the event and covers a wide range of topics wiht relevance for EPES and for the critical infrastructures in general. 

A representative from DG CNECT will kick off the event. Then we will continue with the outcomes of the project, live demonstration of the integrated system and our dissemination, communication and exploitation strategies. For this session we have also invited the leaders of ECSCI – https://www.finsec-project.eu/ecsci and CyberEPES  https://cyberseas.eu/cyberepes/  clusters. 

Looking forward to seeing you there!

EnergyShield_Final event_AGENDA 

Between the 14th and 16th of June, the event Critical Infrastructure Protection & Resilience Europe 2022 is being held at the Parliament Palace in Bucharest.

Day 3 is being dedicated to an Overview of European Horizon Europe Programmes. It brings a deeper look at the current range of Horizon Europe Critical Infrastructure Protection & Resilience projects and research programmes across Europe that are designed to enhance understandings for adapting policies and adopting best practices. EnergyShield project was among the projects presented in this session and was presented by Monica Florea, HoU European Funds at SIMAVI. 

EnergyShield addresses the vulnerability at cyber attacks of energy transport infrastructures and aims to develop a toolkit to ensure the protection of critical energy infrastructure. This project covers the whole spectrum of energy infrastructure: producer, consumer, and distributor. This toolkit combines innovative cybersecurity tools that will be adapted and configured for use in critical infrastructure: vulnerability detection (attack modeling application), monitoring and protection (anomaly detection and DDoS applications), and an SIEM system.

The latest Critical Infrastructure Protection & Resilience Europe came to a conclusion following 3 days of excellent range of presentations and discussions for securing Europe’s critical infrastructure.
Co-hosted by ICI Bucharest and the International Association of CIP Professionals, held at the magnificent Palace of Parliament, delegates also enjoyed a host of networking opportunities and shared experiences.

 

Registrations are now open for EnergyShield’s final event online “Building upon cyber resilience in energy sector “.  Book your seat to the event to receive connection details and updates about the full program.  

A full day event to present the results of the EnergyShield project and to interact with the audience is prepapred by EnergyShield Consortium members. 

AGENDA (CEST time)

10.00-11.30 Welcome & keynote message
11.30-12.00 Addressing the vulnerabilities of EPES
12.00-12.45 Monitoring and managing security and privacy incidents through the EPES value chain
12.45-13.00 Q&A | 13.00-14.00 Lunch break
14.00-14.30 Deploying the tools in OT environment
14.30-15.15 The opportunity of a toolkit for Critical Infrastructures (CI) / EPES
15.15-15.30 Q&A
15.30-16.15 Reaching the audience
16.15-16.30 Wrap-up

Looking forward to seeing you at the event! 

 

ZINC 2022

We would like to express our congratulations to our KTH colleagues (Junaid Qadir, Jose Eduardo Urrea Cabus, İsmail Bütün, and Robert Lagerström), who have presented their articles entitled:

  1. Security Considerations for Remote Terminal Units
  2. Towards Smart Sensing Systems: A New Approach to Environmental Monitoring Systems by Using LoRaWAN” 

in the Zooming Innovation in Consumer Electronics International Conference 2022 (ZINC 2022), which is sponsored by IEEE Serbia and Montenegro Section – Consumer Electronics Chapter; University of Novi Sad, Faculty of Technical Sciences, Department for Computer Engineering and Computer Communications and RT-RK Institute for Computer-Based Systems.

In addition, we would like to extend our heartfelt congratulations to Junaid Qadir, a visiting PhD student, who was recognised for presenting the research paper that was judged to be the best overall throughout the conference. You have done the KTH and all of your EECS family members and friends very proud! We hope that the years to come are prosperous for you. 

Preliminary results of EnergyShield project were presented on 27 of April at the  2nd ECSCI Workshop on Critical Infrastructure Protection CIP.  The focus of the presentation  was on how could stakeholders shield the power grid from cyberattacks.  EnergyShield project the tools and pilots were introduced and policy contributiions were shared alongside  with some lessons learned and ways to reachout the project. 

The relevance of a toolkit for Critical Infrastructures (CI) / EPES – like the proposed by EnergyShield – was evaluated during project implementation. Supply chain for CI has gotten recently and software supply chain risks become additionally very visible (e.g Solar Winds incident). To this end the need for complex systems that are fully flexible and ensure different deployment possibilities and easy adoption of new technologies is highly relevant. Moreover, the current market shows the existence of many cross-sector tools and a limited offer for the energy sector. The latest incidents however provide good arguments for the exploitation of a toolkit like EnergyShield. 

Building an online identity as well as creatin flexible systems are essential. Starting from a plethora of technologies and use case functionalities the EnergyShield system needs to provide full flexibility. In adapting and integrating technologies the technology providers have improved and adapted the tools making them ready for integration through the overall EnergyShield system and interacted with Practitioners to collect feedback (testing and evaluation of tools. Also, a flexible integration concept was designed and is being implemented to ease the accommodation of tools and a Portal to securely access the toolkit. Technology providers have collaborated towards preparing and accommodating tools using different technologies in a common environment (EnergyShield toolkit) and using a data fusion mechanism combined with machine learning to create a global view.

About the event. This workshop presented the different approaches on integrated (i.e., cyber and physical) security in several different industrial sectors, such as finance, healthcare, energy, air transport, communications, industrial plants, gas, and water. The peculiarities of critical infrastructure protection in each one of these sectors have been discussed and addressed by the different projects of the ECSCI cluster that presented their outcomes, discussing the technical, ethical and societal aspects and the underlying technologies. The workshop included three opening remarks, three keynote speeches, 21 projects presentations, 2 roundtable and panel discussions,  21 thematic presentations, and closing remarks. The audience included scientists and experts in the field of critical infrastructure protection, CISOs, CIOs, CERTs, CSIRTs, CSOs, cyber and physical security experts representing different sectors and policy makers for critical infrastructure protection. https://www.finsec-project.eu/second-ecsci-virtual-workshop 

3rd International Workshop on Electrical Power and Energy Systems Safety, Security and Resilience (EPESec 2022)

As a participant, we gladly invite you to attend this event: the 3rd International Workshop on Electrical Power and Energy Systems Safety, Security, and Resilience (EPESec 2022). The event will take place from August 23–August 26, 2022, in Vienna, Austria.

 

The forthcoming smart energy ecosystem is considered as the next-generation power system, which promises self-healing, resilience, sustainability, and efficiency to the critical energy infrastructure. However, due to the increasing digitization of the energy infrastructure, the risk of cyberattacks has risen dramatically, while as the smart energy and power grid is reaching every house and building, the potential of attracting cyber-attackers is magnified. Additionally, legacy systems constitute weak points of failure since they were designed in times when cybersecurity and remote monitoring and control was not part of the technical specifications for the system design.

From this perspective, the EPESec 2022 workshop aims at collecting the most relevant ongoing research efforts in the EPES digital security field. It also serves as a forum for relevant projects in order to disseminate their security-related results, boost cooperation, knowledge sharing and follow-up synergies, and foster the development of the EPES Security Community, composed of security experts and practitioners.

 

Important Dates
Submission Deadline May 13, 2022
Author Notification June 05, 2022
Proceedings Version June 19, 2022
ARES EU Symposium August 23, 2022
Conference August 23 – August 26, 2022

 

Click here for more information: https://www.ares-conference.eu/workshops-eu-symposium/epesec-2022/

We would like to express our congratulations to our KTH colleagues, who have published their article entitled “Two Decades of Cyberattack Simulations: A Systematic Literature Review” in the Computers & Security (2022) journal.

 

The abstract is as follows:

Cyberattack simulations appear across multiple computer security domains and are interpreted in many different but equally viable ways. However, this makes the topic appear fragmented and inconsistent, making it challenging to identify and communicate relevant research. Therefore, this article contributes to a unified baseline by presenting the results of a systematic literature review. The review targeted attack simulations published between 1999 and 2019, specifically those exploring which specific steps result in successful attacks. The search initially produced 647 articles, later reduced to 11 key contributions. Despite being scattered across application domains, their general aims, contributions, and problem statements were remarkably similar. This was despite them generally not citing each other or a common body of work. However, the attack simulations differed in implementation details, such as modeling techniques, attacker decision-making, and how time is incorporated. How to construct a fully unified view of the entire topic is still somewhat unclear, particularly from the 11 articles. However, the results presented here should help orient practitioners and researchers interested in attack simulations regarding both present and future work. Particularly since, despite the seemingly implausible sample, the cumulative evidence suggests that attack simulations have yet to be pursued as a distinct research topic.

 

The complete article can be reviewed and found at the following link: https://doi.org/10.1016/j.cose.2022.102681

Workshop

As a participant in the 2nd ECSCI Workshop on Critical Infrastructure Protection, we cordially invite you to attend this event:

This workshop will present the different approaches to integrated cyber and physical security in different industrial sectors, such as energy, transport, drinking and wastewater, health, digital infrastructure, banking and financial market, space and public administration. The peculiarities of critical infrastructure protection in each one of these sectors will be discussed and addressed by the different projects of the ECSCI cluster that will present their outcomes, discussing the technical, ethical, and societal aspects as well as the underlying technologies.

Specifically, novel techniques will be presented for integrated security modelling, IoT security, artificial intelligence for securing critical infrastructures, distributed ledger technologies for security information sharing and increased automation for detection, prevention and mitigation measures.

The workshop will include keynote speeches, 23 projects presentations, roundtable and panel discussions, and thematic presentations. It is intended for scientists and experts in the field of critical infrastructure protection, CISOs, CIOs, CERTs, CSIRTs, CSOs, cyber and physical security experts representing the different sectors and policymakers for critical infrastructure protection.

Click here for more information: https://www.finsec-project.eu/second-ecsci-virtual-workshop

Heathcare

Our colleagues from NTUA published their article entitled “A Cybersecurity Culture Survey Targeting Healthcare Critical Infrastructures” in the MDPI’s Healthcare journal which can be found at the link: www.mdpi.com/2227-9032/10/2/327

The abstract is as follows:

Recent studies report that cybersecurity breaches noticed in hospitals are associated with low levels of personnel’s cybersecurity awareness. This work aims to assess the cybersecurity culture in healthcare institutions from middle- to low-income EU countries. The evaluation process was designed and performed via anonymous online surveys targeting individually ICT (internet and communication technology) departments and healthcare professionals. The study was conducted in 2019 for a health region in Greece, with a significant number of hospitals and health centers, a large hospital in Portugal, and a medical clinic in Romania, with 53.6% and 6.71% response rates for the ICT and healthcare professionals, respectively. Its findings indicate the necessity of establishing individual cybersecurity departments to monitor assets and attitudes while underlying the importance of continuous security awareness training programs. The analysis of our results assists in comprehending the countermeasures, which have been implemented in the healthcare institutions, and consequently enhancing cybersecurity defense, while reducing the risk surface.

Congrats!