• Define and agree on commonly accepted methodologies and procedures for risk identification across assets, systems, networks and systems of systems​
• Define and agree on commonly accepted risk classification procedures, including Security Tiers where assets, systems and networks could be characterized based on metrics such as risk severity, probability and cascading effects. The Security Tiers could be also used for insurance purposes​
• Define and create risk and cybersecurity repositories, frequently updated from external risk /malware repositories and participants’ experience

• Define common hardware/software systems for enhancing interfacing legacy assets and systems (SCADA/RTU)​
• Techniques for data acquisition of legacy components in order to exploit historical data information that could be significant to any subsequent AI-driven methodology applied on the energy smart grids

IT-network level: SDN-based Threat Detection, Mitigation and Prevention​

• Increasing network visibility and scalability, managing easier the EPES network​
• Using SDN statistics for threat detection​
• Isolating and corrupting in real-time the malicious/anomalous network flows ​
• Forming alternative network paths in order to avoid malicious/anomalous activities​
• Redirecting the malicious network traffic to EPES honeypots for collecting valuable information about the malicious activities.​

Energy-grid level: Electricity-related Threat Isolation & Mitigation Mechanisms​

• Intentional and proactive islanding/isolation mechanisms in case of emergency, forming islands/microgrids/nanogrids.​
• Energy management, balancing the energy supply and demand for each island/microgrid/nanogrid​
• Electrical grid restoration after the emergency

Laboratory facilities and simulation environments in order to adopt common testing mechanisms​

• scarce data availability is a common obstacle when it comes to AI/ML techniques endorsement, technologies used by all cluster projects​
• Zero-knowledge proof techniques should be applied to resolve the issues of model validation, e.g. based on inter-DLT technologies​

Real life pilots that could be used as common testing facilities​

• Confidentiality issues​

Definition and adoption of common Certification and Validation Procedures​

• considering existing standards, different legislations and national frameworks 

European energy data exchange reference architecture​

• Use it as reference to position CyberEPES activities related to the protection of the Energy Data Space​
• Feedback on cybersecurity aspects in relation to the architecture report​

Use case repository​

• Analyze cybersecurity implications for use cases in the repository​
• Contribute to the repository with use cases from the CyberEPES cluster (non-disclosure issues to be evaluated)​

BRIDGE report on Cybersecurity and Resilience​

• Additional feedback from projects on particularities of the energy network​

• Organizational/ Multi-Organizational Incident Response Teams establish trusted communication channels in order to exchange information, adhering to certain privacy constraints​
• Identification of MeliCERTs potential improvements 

Action plan on the digitalization of the energy sector (Roadmap)​

• Input/feedback on the following areas of the plan: ​
• «Developing a European data-sharing infrastructure»  in relation to the cybersecurity of the data-sharing infrastructure​
• «Enhancing the cybersecurity of the energy sector» in relation to threats and countermeasures proposed by the cluster​

Network Code on Cybersecurity​

• Current text for public consultation​

• Define of training procedures and cybersecurity courses that could be provided to under graduate and post-graduate students, MSc students or lifetime training professionals​
• Definition and implementation of simulation and cyber ranges’ platforms as a horizontal action to support the upskilling of current human resources​
• Coordination of multilevel dissemination ranging from academy and research team, to stakeholder and decision makers​
• Coordination of common submissions to standardization bodies

• alignment to relevant regulations and recommendations by the European Commission​

Key issues:​

• Protection auditing against personal data breaches​
• Data protection transparency and accountability​
• Data protection in the energy supply chain​
• Privacy preserving monitoring

CyberSEAS (Cyber Securing Energy dAta Services) aims to improve the overall resilience of energy supply chains, protecting them from disruptions that exploit the enhanced interactions, the extended involvement models of stakeholders and consumers as channels for complex cyber-attacks, the presence of legacy systems and the increasing connectivity of energy infrastructures, data stores and services retailers.

Defensive toolkit for cyber protection for EPES stakeholders.

Provide a cyber-shield armour to European EPES to survive coordinated, large scale cybersecurity and privacy incidents; guarantee the continuity of operations and minimize cascading effects in the infrastructure itself, the environment and the end-users at reasonable cost.

SDN-microSENSE intends to provide a set of secure, privacy-enabled and resilient to cyberattacks tools, thus ensuring the normal operation of EPES as well as the integrity and the confidentiality of communications.

artificial Intelligence threat Reporting and Incident response System

The EU-funded IRIS project will address the challenges of IoT- and AI-driven ICT systems through a collaborative-first approach centred around computer security incident response teams (CERTs/CSIRTs).

Artificial intelligence for next generation CYBERsecurity

The Ecosystem Framework of next generation AI-based services for critical system robustness, resilience, and appropriate response in the face of advanced and AI-powered cyberattacks.

DYNABIC goal is to increase the resilience and business continuity capabilities of European critical services in the face of advanced cyber-physical threats