Securing the European Electricity Supply Against Malicious and accidental thrEats

Executive Summary:
Threats for the supply of electricity have changed dramatically throughout the last decade: additional to the natural and accidental ones, the new threat of malicious attacks needs to be considered. Such attacks might be jointly imparted so as to affect large portions of the European grid, make repair difficult and cause huge societal impact. The outstanding importance and the far more complex level of interconnectivity of electricity distribution / transmission / generation – compared to the supply through other energy carriers - makes the development of a highly focused toolkit for its protection an essential and urgent task. SESAME developed a Decision Support System (DSS) for the protection of the European power system and applied it to two regional electricity grids, Austria and Romania. This DSS enables to:
• identify the vulnerabilities and to detect their origins,
• estimate the damage / impact of real or simulated network failures,
• identify the possible measures for prevention of outages and acceleration of automatic restoration,
• rank these measures according to their effectiveness and their cost-benefit ratios,
• carry out contingency analyses of the transmission / distribution network and generation facilities.
There did not exist State-of-the-Art approaches incorporating all of these core dimensions of the problem: the increase in complexity of the security of energy supply requires a comprehensive and multi-disciplinary solution.
SESAME brought together the most distinguished experts in the fields of power network security, technology policy and regulatory economics, impact assessment of disasters, network simulation software and knowledge engineering.
SESAME project developed a comprehensive decision support system to help the main public actors in the power system, TSOs and Regulators, on their decision making in relation to network planning and investment, policies and legislation, to address and minimize the impacts (physical, security of supply, and economic) of power outages in the power system itself, and on all affected energy users, based on the identification, analysis and resolution of power system vulnerabilities.
In addition, it also developed a best practice and comprehensive regulatory and policy framework for the security of electricity systems, which is based around three main dimensions – i.e. economic analysis, technology and innovation policy, and regulatory schemes at both national and the EU level.

Project Context and Objectives:
SESAME context
Within a couple of weeks in 2003 a series of blackouts has left over 110 Mio. people in Italy, Sweden, Denmark, UK, Canada and the US without electricity. Not only social and economic life came to a stop for more than 24 hours in the American North East, as a consequence of the large scale incidents hundreds of thousands were caught through the collapse of private and public traffic and had to spend their nights far-off their homes. Even after electricity supply had been restored, Detroit had to ban drinking of municipal tap water for 72 hours. The threat of epidemics had reached a critical level after the water pipes could not be rinsed during the blackout, leading to further more critical situations, e.g. in the medical system.
The threats for the supply of electricity have changed dramatically throughout the last decade; additional to the traditional natural (lightning, flood,…) and accidental ones (component failure, untimely intervention of protections,..), a new threat represented by (highly organised) malicious attacks needs to be considered in the light of the development of national and international terrorism and crime. All energy grids are exposed to threats of different kinds, like physical attacks to key assets (e.g. substations), cyber attacks to its control systems, and use of electromagnetic bombs to deafen key control stations. Such attacks might be jointly imparted so as to affect large portions of the European grid, make repair difficult and cause huge societal impact. Pressure to ensure security of critical interconnected infrastructures is very strong in the US, where there is a pungent push from the US government and an influential awareness by the main stakeholders.
Until now EU industry awareness and readiness lagged behind, although the feeling that the issue is becoming crucial is now growing. It is believed that exposure to malicious threats is massively growing, to the point that intelligence sources estimate today a disruptive attack is more likely to target Europe than the US. The European Commission is striving to improve this state of affairs, has published several Communications on this subject and is currently funding EPCIP, a European Programme for Critical Infrastructures Protection.
The outstanding importance and the far more complex level of interconnectivity of electricity distribution / transmission / generation – compared to the supply of other energy carriers – makes the development of a highly focused toolkit for its protection an essential and urgent task.
This project developed a Decision Support System (DSS) for the protection of the European power transmission, distribution and generation system and applied it to two regional electricity grids. The architecture of the software system was developed in a fully generic approach, such that the tool can also be applied to protect other interconnected energy networks, by the replacement of the electricity-specific part of the calculation kernel.

This Decision Support System enables the user:
• to identify the vulnerabilities of the analyzed grid and production plants and to detect their origins,
• to estimate the damage / impact of real or simulated network failures precisely,
• to identify the possible measures for prevention of outages and acceleration of automatic restoration and
• to rank these measures according to their effectiveness and their cost-benefit ratios,
• to carry out contingency analyses of the transmission and distribution network and the generation facilities.

The increase in complexity of the security of energy supply topic requires a comprehensive and multi-disciplinary solution. Furthermore, new scenarios emerged in the electricity industry recently, in terms of energy production and energy policy, with some very new features that prompt for a deep update of the techniques for securing the electricity supply to millions of Europeans, both industrial and households. The scenario is characterized by the following ever increasing trends:
• the utilization of grids increases massively, making them operating close to their limits, given the fast economic growth of the eastern European member states and limited social acceptance of new infrastructural elements for grid reinforcement;
• the massive expansion of wind power (and photovoltaic) plants throughout Europe puts transmission networks under further stress due to the low predictability of the supplied generation;
• the increasingly unreliable supply of energy carriers for electricity production – such as natural gas from Russia.
• the paradigm change in electricity production from centralized (a small number of large size power plants connected to the loads through the transmission system) to distributed (a large number of small size generators and prosumers - consumers / producers - connected through the distribution system and connected to the transmission grid);
• the massive increase of electricity utilization which makes the European transmission network an attractive target for malicious attacks,
• the liberalization of the European electricity market introduces a multitude of decision makers interacting over and around the power grid and puts further pressure to reduce costs of the transmission systems; only a foresighted regulatory policy may achieve cost reductions while keeping the current level of security of supply.

Objectives of SESAME
There is a large arsenal of technical, organizational and educational measures to improve the security of all parts of the network substantially. Nevertheless, the increasing financial pressure on the network system operators (SOs) (partly due to market liberalization) leads to the dangerous development that these measures are currently not implemented to a sufficient extent, which leaves the European power infrastructure highly vulnerable to malicious attacks and accidental incidents.
Since the vulnerabilities of the grid – that is where protective measures of a technical and organizational nature are needed – can hardly be detected with sufficient precision by the existing tools, only large-scale packages of preventive measures can guarantee substantial improvement of the grid security. In contrast to this, if the specific vulnerabilities of the grid were precisely known, highly targeted actions can be implemented to improve the security of the grid at the same level – or even better with lower investments. The much lower implementation costs of the latter alternative will then massively improve the likelihood of their implementation, and therefore vulnerability detection enhances the security of power supply a lot.
Additional to identifying and rating the vulnerabilities, in many cases the selection of the most effective measure for removing this vulnerability is a highly complex task, which requires massive information and data input – usually not available to decision makers (from system operators or regulatory authorities).

In summary, there are mainly two issues (beside financial limitations), why the protection from large-scale power outages is not driven forward on the same comprehensive level in all European countries:
• Information based barriers
• Hindering market mechanisms

We briefly review hereinafter the main prerequisites for tackling these two issues, so as to highlight the key objectives of SESAME:
a) Information based barriers
Implementation of measures for the protection of power grids incorporates some highly complex prerequisites. These mainly are:
1. Identification of vulnerabilities in the grid,
2. Identification of the origins of the vulnerability – detection of the threats,
3. Obtaining the possible protective measures to eliminate the vulnerabilities,
4. Identification of the most appropriate of the possible countermeasures on base of their effectiveness and cost-benefit ratios.
Each of these tasks involves highly elaborated analyses/models and needs tremendous detailed data as input. With the currently available instruments – corresponding to the State-of-the-Art – the comprehensive completion of these steps implies severe problems. There are several tools on the market that address single aspects in grid security. Among these, the more recent is dynamic security assessment (DSA). Along with the detection of the vulnerabilities, a crucial element is the identification of the most appropriate measure for the protection of the grid against cascading effects and malicious attacks and sabotage. A measure is considered as most appropriate, if it maximizes the utility from the trade-off between effectiveness and cost-benefit. Both variables cannot be determined with sufficient precision under the instruments representing the State-of-the-Art.
This project took up the strengths of the DSA systems, developed an integrated prototype security assessment tool and directly linked the outcomes of this vulnerability assessment tool to the detection of the most effective measure for the improvement of the European power supply system.

Objective 1:
The main output of SESAME is a prototype software package, which enables the user to undertake all necessary analyses of the 4 steps explained above. As output of the tool, the (a) vulnerabilities of the analyzed grid and production plants are fully detected, their origins are given, the (b) impact / damage of real or simulated network failures are precisely estimated, the possible countermeasures are identified and the most appropriate of these (c) measures for prevention of outages and acceleration of automatic restoration are suggested, which are derived from (d) precise contingency analyses of the transmission and distribution network.


b) Hindering market mechanisms
In the liberalized electricity market, the regulatory policy of a member state is the main authority that defines whether security of electricity supply becomes a central business objective of the operating of Transmission and Distribution System Operators (TDSOs) or not.
New technologies and innovation in the energy sector can greatly enhance the ability of the system to prevent and cope with security threats and incidents. It is important that the regulatory and policy framework concerning security of energy infrastructure, while recognizing decision-makers discretion, is also informed by sound economic principles. Moreover, most regulatory authorities in Europe are relatively new and in need of learning from best practices and of developing security of energy infrastructure measures.
Some European countries have established regulatory systems that set incentives for TSOs to improve the security of supply and penalize their failure, however in these regulatory schemes, network system operators are not provided with sufficient incentives for building a secured infrastructure. This leads to market mechanisms, in which investments in the security of the critical infrastructure are in contrast to the system operators’ business objectives – and are therefore disregarded. This is a fatal erroneous trend that harms the security of the European power supply on the long-term.

Objective 2:
The development of a comprehensive regulatory framework for the security of electricity systems, which is based around three main dimensions – i.e. economic analysis,
technology and innovation policy, and regulatory schemes at both national and the EU level.

Project Results:
The main S & T results/foregrounds of the SESAME project are physical simulation model (detachable and independently executable Incident Response System and Vulnerability Identification System), impact assessment (Blackout-simulator.com) which together form the Decision Support System (e-SCOPE4SESAME) and regulatory/policy framework. In the following content the above mentioned components will be described in details.

Scientific Background of the Incident Response System and Vulnerability Identification System:

Starting from reading history of blackouts, we could be inspired to form the threat catalogue and find a way to represent what happened to each of them as well as lessons learnt from them (D1.1). After we have the threats catalogue, the second step was to determine the most imminent threats to the European transmission grids as well as to identify the vulnerability of the power systems against them in terms of the evolution of the chain of threats; also quantitative and qualitative evaluation systems need to be developed to assess the threats (D1.2). Although deliverable D1.2 provided systematic ways of evaluating threats, data acquisition to apply them is very demanding. Therefore, Deliverable D1.3 also the first milestone of the SESAME project, was designed to detect the system vulnerability from the topological point of viewing (vulnerability identification), considering also the engineering features of power systems. In such a way, we could maximally accomplish the vulnerability analysis framework both from operational and structural points of view. With the help of the threats catalogue and vulnerability identification module, users of the software could be able to decide the affected network components. To evaluate the most effective countermeasures against different threats (represented by loss events, composed by a set of affected network components), a survey of deployed countermeasures, including preventive control, emergency control and restoration, and investment countermeasures were conducted (D1.4). Some of them would be selected to be implemented in the DSS. As a final deliverable and another milestone, an incident response system is made to assimilate the outcomes from the previous deliverables and milestone (D1.4). It also serves the physical system simulation core of the whole DSS. The physical impacts, as the outcome of the incident response system, would be passed to the economic assessment module (WP2, including multiple folds of consideration as well, such as impacts to households, industrial, etc.) to calculate the economic loss due to a specific loss event. Then the threats and countermeasures can be ranked by performing cost-benefit analysis through comparing the cases with and without countermeasures.
A new fashion to describe the major outages around the world by employing an encrypted code system is designed, which will be used in the later steps as a fundamental piece of database for knowledge tank. Lessons and recommendations were drawn carefully from the results of the analysis of the considered blackouts.
34 different blackout events were selected based on their importance, impact magnitude, closeness to the contemporary power systems situation and availability of their documentation. Major historic power outages were represented by the framework proposed in Deliverable D1.1. Statistical analysis was performed based on the proposed approach. The most possible threats and chain of threats were identified.
A detailed description of blackout impacts is achieved as providing historic examples for social impacts, psychological impacts, economic impacts, impacts on power system interconnection policy and organization, impacts on power system operation, impacts on communications, impacts on banking and finance, on food distribution, on water treatment, supply and distribution, impacts on manufacturing, transportation, emergency services, environmental safety, nuclear safety, government services, hospital Services and National Defense.
New threats and opportunities from changing paradigms in power systems were discussed as an outlook for the future power system. The threats which impact the power system have been listed and classified into 3 general categories: Natural, Accidental and Malicious. Definitions and catalogues of each threat were introduced and enlisted several historic examples which led to blackouts or may have triggered some havoc (calamitous) chain of events in the grid. How threats can be implemented and affect the security of power system was explained as the mechanism in terms of technical issues.
The vulnerability in the power system was analyzed through some statistical analysis of either threats or the chain of events. All threats which we had listed were qualitatively evaluated. Analytic network processing was applied to produce the final results in terms of threats ranking by considering the ranking problem as a multi-criteria decision making problem. As the input, a questionnaire was designed and distributed among TSOs in Europe. Experts’ evaluation of the threats inside their power systems with respect to likelihood, impacts, and preparedness were gathered. The threat probability with their consequences causing a first cascade of events was quantified. This is the piece which links the threats to the actual events in power systems. In other words, it maps the threats with the triggering events that may propagate and cause blackouts. For natural and accidental threats, this model is sufficient to assess loss event frequencies for the loss of single components.
The assessment calculation kernel was described for detecting the vulnerability of the system. The structural vulnerability identification was introduced according to the extended topological analysis based on complex network theory. The proposed extended topological method, electrical specificity was introduced into traditional pure topological method, and three metrics: entropy degree, electrical betweenness and net-ability are proposed to examine the criticality of the components (buses and lines) in power grids.
The Decision Support System aims at providing a tool that could be used to facilitate the decision-making process for policy makers or decision makers at two levels, namely, TSOs and Regulators. The detailed specification and functions of the Decision Support System were given.

All existing control methods against failure either operational or restoration countermeasures, and all long time investment countermeasures including preventive, system reinforcing and system flexibility increasing countermeasures were listed in general and those which could be statically modeled were selected and they were all modeled with explanations of the modeling procedure and implementation algorithms. Besides, the possibility of extending the model to embrace most of them was also discussed.
A framework is designed to simulate the cascading failures, considering the triggering events caused by threats on power systems, the load scenarios, configuration of the network, remedy resources, etc. Besides the modeling of the propagation of the failure, the reaction of the system to the chain of events, such as protection actions, countermeasures, etc., were simulated to provide the possibility of checking and evaluating system status for further assessment and investigation. In this framework, the system frequency control system was modeled considering all the following countermeasures: frequency primary control, frequency secondary control, manual load shedding, under frequency load shedding and over/under frequency load shedding. A module was designed to model the under voltage load shedding countermeasure. Power system protections were modeled considering generator frequency relays, generator voltage protection, bank capacitor and conductors’ protections, line power flow protections, current relays of all types of transformers, DC lines and FACTS devices protections. A module named Human Intervention Model provides the maximal flexibility to extend the functionalities of the DSS or interfere the simulation sequence. User’s expertise and experience can be easily passed to the simulation through it. Similar to other dynamic simulators, it allows the user to set new values for all adjustable equipment parameters, specifying at which time after loss event they should be executed.
A framework was created to simulate the optimal operational decision which is made by human in case of observing any attacks to power system. It full fits the load and system restoration simulation requirements, it tries to simulate the optimal establishment of new system equilibrium and it also models black start procedure. For each of mentioned objective, an appropriate model was created:
New system equilibrium model: It continues the simulation of cascading failures by minimizing the load shedding if the chain of events simulator has not reached a feasible solution. It establishes a base for the system restoration and it quickly achieves the optimal operational status.
Load restoration model: It maximally picks up load according to their importance and their sensitivities of contrition to the acceleration of system restoration. Specifically, a 3-step procedure of load restoration has been adopted due to priorities of load (prioritized loads, shedable loads, and interruptible loads): Step1: restore all the shedable loads and try to restore as much as possible interruptible loads; Step2: restore all prioritized loads and try to restore as much as possible shedable loads; Step3: try to restore as much as possible loads regardless to their priorities.
Black start model: It establishes an operational status in the totally blackout islands, waiting for the integration to the main network later. Optimal sequence and generation level of black start generators are derived in this simulation model and back up supports with the reconnection of the “ties” between isolated areas.
A module for the physical network modeling named Incident Response System, was created and implemented to simulate the failure cascades in the power system in a static fashion. The general evolution of the system is divided into two main sub modules as automatic decisions and human decisions. For the former one, chain of events simulator is utilized and for the former, human decision making model is used. Owing to this, one can get closer result to the reality in power system. As an outcome, the blackout in the system can be delivered with information of system topology changes, equipment reconfigurations, etc. It is deemed as the benchmark for economic assessment. More than that, we listed possible countermeasures for preventive and restoration control in general, and discussed the possibility of extending our model to embrace some of them.

Implementation of Incident Response System and Vulnerability Identification System:

Test Cases: a realistic Austrian transmission network case was designed based on the public available information. It can be also used by the scientific community or research institutes to study the security of Austrian grid.
Incident Response System: a simulation tool that can be either a standalone simulator or a module for the DSS, which mainly focuses on simulating the system’s physical performance as well as extra operational costs incurred after disturbances caused by threats. It chronologically simulates the development of the failures and the restoration of the system in a static fashion, with/without considering a wide range of deployed or planned countermeasures. It can be therefore used to identify the most effective counteractions to reduce the system operational vulnerability. It was implemented in MATLAB environment.
Vulnerability Identification System: a simulation tool that can be either a standalone simulator or a module for the DSS, which entitles users to explore the structural weakness of the system, potentially exposed to the threats, from the topological point of view. It was implemented in MATLAB.

Impact Assessment:

In the public eye direct economic losses are usually at the top of the list when it comes to the effects of power outages. They are a direct result of the failure, e.g. repair costs for defective electrical infrastructure facilities. However, direct economic losses are usually limited and subordinate to indirect economic losses. These indirect costs also arise in direct connection with the failure, yet they belong to that part of the total losses resulting from the absence of electricity supply in the aftermath of the failure. Examples are the loss of productive activity, or lost value added. Through multiplier effects due to the marked dependence of some industries on the flawless functioning of other economic sectors, these indirect costs make up a significant proportion of the total costs
SESAME and in particular WP 2 chose a highly advanced approach to elicit these cost.
The most extensive Task in this WP was the conduct of a survey among over 8,300 households in the entire European Union (more than 250 in each of the 27 EU member states). The purpose of this survey was to better understand the driving factors of peoples’ perceptions with regards to electricity supply security, infrastructure development and the utility derived from uninterrupted power supplies. Thus, the major research intentions can be described as follows:
1. To identify the perceptions of households about the effects a long-lasting blackout would have on their daily life.
2. To gauge households’ acceptance of (or resistance to) new local infrastructures aiming to improve the reliability of the power system.
3. To identify the willingness of the population to contribute monetarily to the protection of the power system and to derive the value of the monetary contribution that populations might be willing to make to avoid experiencing a blackout.

Altogether, this research intention was unprecedented in a multi-national context like this. No previous study has aimed at such an extensive analysis regarding the “people’s position” toward measures for improving the power system, and for such a heterogeneous population with highly different social background, geographical distribution and across 22 languages (we extended the list of languages to incorporate Russian for interviewing in Latvia where ~40% of the population are Russian-speaking). As a consequence, the development of the survey design had to consider a series of challenges that were not of relevance for earlier work that assessed these questions on the national level (in Austria). Most significantly, the objective of assessing the financial value householders might place on avoiding certain types and durations of outages (research intention 3.) required the application of the research methodology called Contingent Valuation (CV), being sensitive even to minor imperfections in the survey design. Thus, a survey like this had to be understood as a “one-shot game” in the sense that even a minor oversight relating to the survey design had the potential to undermine the accomplishment of the three major research intentions in their expected and necessary comprehensiveness.
To accommodate the need for an extraordinarily comprehensive study design being homogenously applicable to 27 (partly) heterogeneous countries, the initial stages of design involved extensive communication between Kudos (in London) and JKU (Linz) in the interests of developing a questionnaire which not only fully served the objectives of the study but also fulfilled the following, important requirements:
1. Ensuring ease of comprehension by the lay-person (householder), given the slightly abstract nature of the central WTP (Willingness To Pay) testing exercise
2. Instituting a methodology which ensured adequate consideration of the topic on the part of all respondents – in this instance a stimulus ‘Booklet’ to be emailed (or alternatively posted) to all respondents ahead of the main topic questions being asked
3. Ensuring standardisation of data collected – structuring the questionnaire for CATI (Computer-Assisted Telephone Interviewing) in order to ensure the resulting data is as clean and unambiguous as possible was key to this goal
4. Establishing a clear and fluent source document (questionnaire) in English language – on the basis of which translations into 21 EC languages would be undertaken (English being the functional lingua franca of communications on this study). It is clearly of critical importance that the thread of the questioning - not to mention the stimulus Booklet for householder consumption – was clear and accessible to both interviewer and respondent, in the interests of avoiding bias and/or misinterpretation which could affect the reliability of the results
These requirements and challenges were already known during the application and thus a relatively long time period in WP 2 was dedicated to the survey design. As part of the survey design development, we came to the conclusion that only a multi-step procedure would allow us to recruit a balanced sample and bring the typically low-focus issue of power supply security to the minds of the survey participants. Since the need for a clear and (as far as possible) concise questionnaire for the demanding topic of this survey was quite above average, we identified the need for multiple materials in addition to the questionnaire itself.

The foundation materials for the SESAME household study were the following:
1. Screener questionnaire (Recruitment Questionnaire or RQ) – to establish primary socio-economic variables and to ensure minimum suitability and willingness of the householder to answer the core questions
2. Main questionnaire - the core questions, covering experience of power outages, gauging feedback regarding likely effects of outages on the household and on broader society, establishing potential willingness-to-pay (WTP) to avoid some/any/all different permutations presented (8 outage scenarios)
3. WTP values grids for the 8 outage scenarios: set of 8 price-points for each member state, in local currency, which were rotated across the entire 250+ households surveyed: the values required careful development and checking to ensure they were equivalent not only across currencies but also taking into Eurostat household incomes data, across all 27 members states
4. Stimulus booklet – which was either emailed or posted to each respondent after screening/recruitment (RQ) and prior to the start of the Main interview (Main questionnaire)
5. Email (or letter) to accompany the stimulus and recap the objectives of the survey.
The survey was piloted in May 2012 amongst 25 households in Poland and the same number in the UK. As a great first result we were able to observe that the respondents understood the questionnaire and that their answers were consistent in such a way that we did not find contradictions between their answers and we were able to obtain from the initial data the necessary information. On the other hand, it emerged that recruiting participants from social classes with lower education and lower income was challenging. The pilot served to make apparent that the topic of reliable power supply is less of immediate concern and/or interest for this social class and recruiting a sufficient number of these households would require considerably more effort than expected. A second pilot phase of the survey – this time in the UK only – was undertaken to target these lower income social segments to ensure that the survey was equally understandable by this audience, and that the core premises of the study were as valid at lower incomes as we had established they were at high and medium incomes.
We had determined that the number one priority in the surveying process was to obtain robust data of the highest possible quality and that we needed to strengthen the effort to obtain participants from all social classes. To achieve this, we decided that a pilot of 25 households was necessary in each of the member states to control for certain quality criteria. This was not foreseen in the application and thus the initial and predicted pace of the survey would be likely to be slower in the interests of socio-economic coverage and in order to ensure fully-robust data.
Nevertheless, for some countries we observed an extraordinary gap between socio-demographic characteristics as provided by Eurostat and the socio-economic characteristics of participating households. For each of these countries we undertook all necessary steps to examine the origin of the gap and assess whether we needed to adapt the survey process to it or not. Our effort resulted not only in numerous contacts with Eurostat and national statistical agencies but also included conversations with the Austrian Trade Commissioners of several countries.

The most important in-field challenges to the intentionally planned recruiting process were
1. Some markets: lower internet penetration meaning that stimulus materials frequently needed to be delivered by standard mail (instead of electronically as an email attachment). We were conscious of this as a potential slowing factor at the outset, but in practice this vital component of the study slowed down fieldwork considerably in certain markets due to
a. Slower / less-efficient internal postal services
b. Greater incidence of stimulus booklet being lost in the post (requiring re-sends or the need to recruit replacements)
c. The need not to under-represent rural segments of national populations (tending to have lower levels internet penetration) required more postal deliveries to these rural regions across all markets to some extent, and markedly more such deliveries in certain markets – resulting both in slow conversion (lengthy deferment of completion of the Main survey) and sometimes in non-conversion and the need to recruit replacement participants
2. Two-part interview with stimulus – the nature of the stimulus and the need to impose a pause between the qualification call (screening) and completion of the Main questionnaire. Whilst fieldwork costs were based on a 2-part interview, the extent and importance of the stimulus (13 page booklet) and the effect of the stimulus on the respondent were not fully understood until piloted and in some markets until the full fieldwork was in process. In reality we experienced significant drop-out (i.e. inability to resume and complete interviews) after the pause – whether because of the householder being put off by the (perceived) nature of the questioning or because of (postal) booklets not reaching the target address, and (whether sent by post or online) the failure to reconnect by phone with the screened respondent after the break-off. The need to decide at what point to abandon a recruit and find an alternative with the same profile resulted in considerable efforts being required to keep in balance the important socio-demographic quotas.
3. Household Income – difficulties in reaching and successfully interviewing lower-income respondents (lower survey interest, coupled with higher likelihood not to complete the interview after the compulsory pause to receive and consider the booklet).

In some countries, fresh contact lists needed to be purchased, to improve survey coverage of interlocking demographic criteria – income being the most important, but also to ensure reasonable coverage of genders, ages and geographies within each member state. The adaption of the recruitment process to achieve these objectives caused further deviation from the planned schedule. The purchase of additional contact lists was an important and ongoing process, as quality and accuracy of lists showed considerable variation from country to country and different challenges concerning the audience demographics were experienced in different markets. Whilst this element of fieldwork management was not unexpected, the extent of the required flexibility and resourcefulness in list sourcing and the lead times that this occasionally involved also inevitably had some impact on the pace of fieldwork.
As a further reaction to the partly-unsatisfactory coverage of all social classes via telephone fieldwork, we felt ultimately that it was important to broaden the scope of recruitment activity, opening our survey to those who could more effectively be reached and encouraged to take part in the survey via online self-completion. As a consequence we extended the methodology to allow for 40%-50% of the participants of any country to complete their survey online, in order to reach audiences that had proved difficult to reach in sufficient numbers via telephone. This helped to attract the participation of younger segments of populations, as well as people whose busy lifestyle made initial contact with them and/or the arrangement and fulfilment of precise appointments for the main phone interview problematic. Thus, the whole survey in all 22 languages (in reality 31 separate scripts, since markets such as Belgium operated using a specific script in French and also in Dutch) needed to be adapted into an online version. This was relatively costly in terms both of time and money given the fact that only about 125 - 150 households would complete via each format, but it allowed greater reach for household profiles that had proved hard to reach by telephone. The localisation process to adapt the survey for online self-completion was also verified by means of a pilot stage via this methodology (50 surveys), prior to full roll-out. Despite being a stage which was not originally envisaged, this was regarded as vital in ensuring that the online methodology fulfilled its specific objectives and aligned with those of the survey overall.
Additionally, for a study of this nature and importance, it was deemed necessary to collect data over and above the initial targets. This overage was important not only to balance the quotas but also – in light of the mixture of data collection methodologies employed – to ensure a fully-robust data set. This allowed for the eventuality that an occasional individual survey might be to be discounted from the data if deemed to be sub-standard in quality or otherwise outlying / deviating from the norm.

Altogether, the recruitment process as carried out was characterised by a most accurate selection process aiming at representing the majority of socio-demographic groups and living situations, including different dependencies on electricity. In particular this entailed:
1. Contact data being purchased by country, whose contacts represented the developed design criteria regarding socio-demographic characteristics.
2. Potential participants being called by phone or invited by email. Each of them answered a screener questionnaire to identify their eligibility according to the mentioned criteria. The procedure was carried out until ~125-150 participants per country had agreed to participate in a phone interview and further 100-125 had agreed to participate in the online survey. It was agreed with the phone participants a precise appointment when to call them for their main interview.
3. Eligible and willing participants got a booklet with information regarding the survey and some additional materials to graphically support the main questioning by post or via email.
4. After a pause to allow participants the opportunity to familiarise with the provided materials, the main questioning took place by phone or via an online interface.
After the collection of the data an unprecedented simulation approach was chosen in order to best elicit households’ (monetarised) change in utility in the case of a power outages. This implies econometric analyses which assess the monetary equivalent of expenditure for households to stay at the same utility level (i.e. compensating variation)
This yielded a variety of publications in peer-reviewed journals, which are listed subsequently.

In addition to the precise definition of households’ willingness-to-pay to avoid power outages, the incorporation of businesses, public entities and administration was paramount to achieve a full assessment of the effects of power outages on an entire society.
The analysis of the damages inflicted on businesses (non-households) in the case of power interruptions rested upon on two different methods. On the one hand, production data on the gross value added of businesses, industry and public administration were incorporated as a central indicator of economic activity. This is because economic activity is in most cases very closely connected to electricity supply.
The second part of the assessment of non-households is based on a comparison of typical damages per kWh not supplied in certain industries and sectors. This value of lost load (VoLL) approach assigns every unit of electricity not supplied a damage for a certain country and sector. The different VoLL values were regressed on the characteristics of the outage under scrutiny. The VoLL influencing factors were incorporated into the model to assess a broad variety of power outages which are not restricted to the characteristics of the original power outage settings (However, processing the data of this study has revealed that the VoLL in different studies varies considerably within any given industry. Thus it was important to exclude extreme outliers and install an artificial boundary to prevent the coefficients from the VoLL database to lead to negative values for certain industries).

Finally, the economic losses of individual non-households were clustered to make it possible to form complete aggregates of sectors or regions subsequently. A key factor is the utilization of control variables for holidays, weekends and after work hours. This implies for example, that a grocery's daily value added is considerably higher on workdays than on public holidays. However, damages occur on holidays as well (e.g. the lack of cooling and security appliances), which is also accounted for in the model (In total nine economic sectors were incorporated into the analysis, all of which are based on the “NACE Rev. 2” system).
Together with the previously described assessment of households, this was implemented in the SESAME decision support system (DSS). Additionally, for ease of usability and interpretation, a stand-alone version was developed and programmed. It is made available at blackout-simulator.com.
This is a free of charge tool for the assessment of power outages from 1 to 48 hours in all of Europe at Nuts2 level (264 regions in total all over the EU 27 as of 2012).
The currently free-of-charge tool is one of the main outputs of the EU FP 7 project SESAME, a collaborative research effort carried out by nine project partners from various European countries including regulatory authorities.
The elicitation of the consequences of power outages used to be a highly complicated issue which required significant scientific resources to accomplish. The developed tool makes it possible for the first time to easily assess the socio-economic effects of trans-European (as well as national or regional) power outages. What was once a multiple month research project is now a matter of two minutes and five to ten mouse-clicks.

In summary:
In the process of collecting the necessary data for the tool, a two-pronged approach was chosen during the research project SESAME:
1. Inclusion of an in-depth analysis of households’ WTP to avoid power outages was conducted using data from the above mentioned in-depth survey of households’ electricity-related preference structure
2. Incorporation of damages to businesses, institutions and public administration. In doing so every economic sector according to the NACE nomenclature of 27 EU member states (as of 2012) was included into the tool. The detailed output from the software shows that businesses as well as households face significant damages in the case of power outages.

Decision Support System:

The DSS system prototype, a Windows-base architecture using different frameworks from .NET framework, was developed. A general view of the system is a client computer side with few Microsoft tools already installed, Windows 2003 Server where the application will be installed and an Oracle database to work for.
DSS is a web application that uses Windows Presentation Foundation (or WPF) which is a graphical subsystem for rendering user interfaces in Windows-based applications by Microsoft. WPF was initially released as part of .NET Framework 3.0. Rather than relying on the older GDI subsystem, WPF uses DirectX. WPF attempts to provide a consistent programming model for building applications and separates the user interface from business logic. It resembles similar XML-oriented object models, such as those implemented in XUL and SVG.
WPF employs XAML, an XML-based language, to define and link various interface elements. WPF applications can also be deployed as standalone desktop programs, or hosted as an embedded object in a website. WPF aims to unify a number of common user interface elements, such as 2D/3D rendering, fixed and adaptive documents, typography, vector graphics, runtime animation, and pre-rendered media. These elements can then be linked and manipulated based on various events, user interactions, and data bindings.
WPF runtime libraries are included with all versions of Microsoft Windows since Windows Vista and Windows Server 2008. Users of Windows XP SP2/SP3 and Windows Server 2003 can optionally install the necessary libraries.

The DSS uses:
1. A Microsoft Excel 2010 Addin, used to import and export the information from the Web application.
2. A wrapper, using Matlab code, to be coupled with the Network model was developed to:
Convert the input data into Matlab structures (inputs of the Physical Model);
Overall study case data check: In this second evaluation, the consistency of the network model is checked. With this functionality, the user will be informed if the data used to define the network is consistent and if there aren’t unconnected elements, wrong associations between elements, etc.
Convert the results of the network model into CSV files.

Together with the DSS the User Manual was produced. A detailed document where is fully described the technical features, how connect to the system, the needed requirements for its correct use, the navigation through the menus and functionality of each one, the files used to upload and download information and complete examples that may be helpful to the users.

Regulatory/Policy Framework:

WP3 has been planned and progresses based on the task and objectives initially stated in the grant agreement. The results of this project have been two deliverables D3.1 and D3.2 and several reports and academic papers. Some of them have been published in peer reviewed journals and some others are in the process of being submitted to relevant journals. The results of WP3 shed light on the extent of vulnerability of European electricity infrastructure as set of heterogeneous interconnected networks. The level of integration of European power market makes the vulnerability of certain regional grid to a threat for Europe which goes far beyond the spatial limits of that region. WP3 developed the necessary elements of a comprehensive regulatory system that prepares the ground for the needed investments in the network security. The emphasis was placed on the elements of a regulatory policy which can be implemented by many of the member states without significant restructuring of their current regulatory models.
The outputs of WP3 have been two deliverables with aforementioned objectives. D3.1 has assessed the security of electricity supply indicators in Europe. D3.2 has addressed policy framework for security of electricity supply in Europe.
For these two deliverables four tasks have defined as follows:
Assessment of security of electricity supply indicators in Europe
D3.1 primarily discusses the existing security of electricity supply indicators in Europe and their relevance for judgment about the current level of security. The report also adopts a risk approach to classify the security of supply risks arising from natural, accidental and malicious threats. The security of supply threats facing the electricity systems and, in particular, the networks are classified in terms of economic, technical, topographical and social risks factors. These factors serve as the economic, technical, topographical and social indicators of security of electricity supply facing the electricity networks. This is a new approach to understanding and classifying security risks and is encompassing of all associated risks pertaining to the electricity systems.
Technology and innovation policy for security of supply in Europe

D3.2 attempts to provide regulatory and policy innovation in order to incentivize technological improvement and grid modernization as well as timely investment for improving quality of supply. This has been done by introducing a risk incorporated regulatory model which allows for price adjustment based on the efficiency and benchmarking technique. Also, we have suggested that the innovation incentives can be implemented in an output based regulatory model where the companies are evaluated based on their performance and not their costs. Three chapters of D3.2 have addressed this issue in details.
Economics of security of electricity supply-investment, regulation and the link between power sector and other critical infrastructures
D3.2 addresses elaborately the economics of security of electricity supply. The current issues and future options in economic regulation of network security across the European electricity networks are investigated in the report. The report also focuses on the need for an output-based regulatory model. We propose an alternative model within the output-based framework to regulate the quality of supply while accounting for the risks from accidental and malicious threats. We also investigate the option of incorporating network security costs within incentive regulation in a benchmarking framework. The relevant concerns and limitations associated with network security costs accounting and classification, choice of cost drivers, data adequacy and quality and the relevant benchmarking methodologies are discussed
D3.2 also investigates the effects of market regulation on the reliability of the European electricity system. This information helps regulatory bodies understand when to consider imposing quality controls. The report also explores the effects of power supply failure shocks on the system of interdependent infrastructures and tries to shed light on the nature of power loss impact in the presences of interdependencies.
Policy framework for security of electricity supply in Europe
D3.2 presents a three-step approach to this problem. First, an overview of the current legal framework for security of electricity supply in the EU is provided, with a focus on the adequacy and security of transmission networks. We consider both the EU level and the Member State level. Second, we analyzed the functions of transmission adequacy and security in the technical and institutional context of the EU power system. Based on this, we developed a policy framework that should be conducive to security of electricity supply in the multi-level and multi-country context of the EU. We organized a consultation round of stakeholders to get feed-back about the proposed framework. We used the reactions to adjust our recommended framework. In addition to the recommendations about the organization of the sector and the hierarchy of division of responsibility between member state TSOs and EU, we also made a recommendation for the scheme of economic regulation. We proposed an output regulatory model where the cost of network security can be incorporated. To be more specific:

1. We identified and classified new risks factors under economic, technical, topographical and social risks. The economic, technical, topographical and social risks factors characterize the natural, accidental and malicious threats facing the European electricity systems. This allowed us to account for the exceptional events in the European context. Our analysis suggests that factors exogenous to the sector are creating new risks to the sector post 1990.
2. The analysis in D3.1 suggests that economic risks factors of under-investment and rising electricity demand are one of the biggest risks facing the European electricity networks along with the risks of natural calamities and severe weather conditions.
3. The results of report in D3.1 also show that an ex-ante risk assessment technique that takes country-specific risks factors into account can be a useful risk assessment tool for policymakers to derive electricity supply security indicators considering the uncertainty and paucity of risk assessment tools.
4. D3.1 report concludes that the future of the risks and threats facing the European electricity networks is vastly linked to the future of the network regulation in Europe. The present regulatory treatment of network security costs using only input-oriented benchmarking is rather limited to being an informative regulatory tool than being deterministic.
5. D3.2 results show that regulation of network security may also involve looking beyond economic network regulation and also focus on the wider policy-regulation interface considering the risks facing the electricity networks.
6. D3.2 results also indicate that using an output (or quality) based regulatory framework will decrease annual outage durations by 20.7 − 27% versus an incentive-based system, especially when appropriate investment incentives to utilities are ensured.
7. We also show that quality controls ought to be considered in any new European regulatory regime, as they can lead to significant economic benefits from improvements in supply security.
8. The results of D3.2 indicate that highly inoperable industries following power outages are not necessarily the same which suffered most financially.
9. Our study suggests that the social cost of interruptions based on the indirect and induced effects due to interdependency among infrastructures better motivates investment in resiliency enhancement.
10. With respect to policy, our first recommendation is that it should be clearly indicated which level is ‘politically’ responsible for the development of the policy framework for security of electricity supply.
11. The policy framework we propose in D3.2 is a mix of EU, international and national policies and measures, which is designed such that, if some topic has an international scope, it is tried to organize it above the strictly national level, while at the same time we take into account that some institutions or aspects are still national and most likely remain so.
12. We suggest in D3.2 that forecasting and planning, as well as the risk assessment for network security should preferably be organized and done by the joint TSOs in a region. This risk assessment should be improved through the sharing of best practices, peer review or benchmarking. This joint action should be complemented by some new institutional arrangement of ‘regional’ regulatory approval (e.g. by the joint national regulators).
13. We also recommend in D3.2 that for rules (reliability standards) the current situation with national and European grid codes drafted by TSOs and approved by some public authority appears to be a workable solution.
14. We recommend in D3.2 that European grid codes should only cover topics that necessarily have an international dimension. For other instruments, such as training or stricter protocols, we suggest that regulators monitor the commitments of the TSOs in this area more closely.
15. Our analysis also shows that the general policies to protect the grid, reduce vulnerabilities and improve the resilience of the system are also useful against threats. However, where threats to the national security give rise to additional risks, the relevant authorities should cooperate with the TSOs (and relevant others) to cope with these risks as well, which would typically happen at the national level.
16. The quantitative assessments carried out by EI-JKU confirmed the regulatory pathway chosen by European member states also with respect to electricity supply security. However, especially in countries with lower levels of reliability, lessons can be learned from the countries with longer regulatory history and higher quality of supply standards.

Potential Impact:

The outcomes from the SESAME project have potential impacts on the society and relevant fields both from the Decision Support System including its detachable modules and the regulatory frameworks, specifically:
1. A risk assessment tool to identify vulnerabilities in electricity transmission/distribution grids and electricity production plants: This project developed an all-line dynamic security assessment tool. This tool allows detecting vulnerabilities of the analyzed grid and production plants with no limitations, whether it is a single nation or multi-national grid. Vulnerability detection is not limited to identification of technical vulnerabilities such as too low capacities or missing redundancies, but does also detect missing communication structures in case of multi-operator systems.
2. A tool to protect the critical infrastructures against cascading effects and against deliberate acts of terrorism and sabotage: In the case of electricity transmission / distribution / generation, the protection against cascading effects and against acts of terrorism cannot be achieved by means of surveillance or military protection. It is implausible to claim, that more than 8.000 lines and more than 6.000 buses in Europe can be made absolutely secure against deliberate attacks or accidents. Protection of a power system requires measures that ensure the system to stay intact after a small number of broken lines. Therefore protection begins by the detection of small groups of lines that can cause a blackout if they fail collectively, and then identifies the most effective measures to remove this weakness by technical, organizational or educational actions.
3. Contingency analyses of the electricity network / grid and to plan automatic restoration and intelligent reconfiguration in case of failure of parts of the network: The DSS developed in this project was applied to two European electricity grids, which are both at the highest level of interest regarding continental supply security. The Austrian power grid can be seen as link between the new south-east member states of the EU and the central European power grids, which makes it especially interesting for contingency analyses of possible incidents and the ability of countermeasures to avoid cascading effects beyond national borders. The Romanian power grid is in the heart of the CEEC EU member states. EU Directive 2003/54/EC55 on market liberalization and unbundling has been ratified only recently in July 2007 there. Contingency analyses on the grid will give extraordinary insights on the vulnerabilities of networks in that region. Measures for the automatic restoration in case of failure of parts of the network will be fully incorporated in the DSS. Special focus will thereby be placed on the implementation of cross national communication structures for successful restoration.
4. Evaluation of the potential impact of a failure: The evaluation of the impact of power interruptions was carried out on two levels: (a) An analysis of the vulnerability of the European society in case of a blackout. This results in detailed data on the relationship of blackouts to other critical infrastructures (traffic, water, other energies,…), and gives estimated timetables until critical conditions emerge (appearance of limitations in the medical system, panic from lost communication, …). (b) A tool for the determination of lost economic values on the monetary scale – from material as well as non-material damage. This allows the user to obtain estimates of damage for real blackouts or for simulated blackout scenarios. Furthermore, these damage figures can be obtained for subgroups of the population or the commercial sector to identify high-risk groups and groups for which protection is more urgent than for others. Only by this proceeding, the impact evaluation is fully in line with the requirements of Directive 2008/114/EC56 on critical infrastructure protection.
Modern technology is prepared to prevent from the large majority of blackouts (or to prevent a local power interruption from becoming a large-scale power outage affecting millions of people). It is common knowledge that the problem of insufficiently protected power grids and production plants does not come from the lack of technical solutions, but mainly from the unsatisfying rate to which these technologies are implemented. These protective measures are expensive and the probability that they will ever be used is small. Since the vulnerabilities of the grid – that is where the protective measures are needed – can hardly be detected with sufficient precision under the existing tools, only large-scale preventive packages of measures can guarantee substantial improvement of the grid security. In contrast to this, if the specific vulnerabilities of the grid are precisely known, highly targeted actions can be implemented to improve the security of the grid at the same extent – or even better. The much lower implementation costs of the latter alternative will then massively improve the likelihood of their implementation, and therefore vulnerability detection enhances the security of power supply a lot. A Decision Support System, providing all required information for objective decisions and effective operation of the European multi-operator network, in this regard appears as the most needed and most effective technology for securing the European energy infrastructure.

Main Dissemination Activities

The SESAME Consortium was aware that dissemination is a key issue for the success of a project, and instantiated important resources in order to achieve this objective. The key tenets of this strategy encompass:
1. the key role of the Project Stakeholder Advisory Board, where prominent stakeholders sit, on informing the dissemination strategy and on fostering dissemination activities;
2. the need to conform all dissemination action to an overall strategy, which was first established when the first key project outcomes were achieved, by the completion of the first year of work, and then revised periodically and on the occasion of the achievement of major milestones;
3. Awareness that dissemination activities must leverage on all the other project activities, most especially on those oriented to establishing the impact of power system disruptions and on establishing the standpoints for a future comprehensive regulatory system in Europe
4. all dissemination activities were informed by a responsible person, an appointed Dissemination Manager, who would also guide the exploitation of the results of the project;
SESAME dissemination is clearly instrumental to further exploitation. SESAME dissemination strategy was mainly tailored towards the two most important stakeholder categories, transmission system operators and national regulatory authorities, in addition to other international associations and organizations, as well as Directorates General of the European Commission.
Hence, the SESAME dissemination strategy is mainly rooted into conveying the key project results to those stakeholder categories.

Our dissemination strategy basically encompassed the following strands of activity:
1. direct stakeholder dissemination;
2. dissemination through participation to international Conferences;
3. organization of workshops;
4. dissemination through a dedicated web-site;
5. dissemination through existing Interest Groups and Platforms;
6. scientific publications
7. newsletters.
Stakeholder Dissemination. The SESAME SAB is a key asset to help structuring and organizing this campaign. Beside the regular interaction with a relatively small number of key stakeholders who sit in the SAB, project outcomes were presented to a broader audience in the last phase of the project. Towards the end of the project, SESAME deployed an important dissemination campaign (based on presentations and colloquia with targeted stakeholders, the organisation of two targeted workshops dedicated to TSOs and Regulating Authorities, and a final stakeholder Conference, so as to effectively convey to stakeholders the benefits related to making use of its outcome.
Conferences and workshops. Participation to international conferences and organization of workshops was an important way to convey project results to a broad public. Moreover, as mentioned above, in the latter months the project organized international conferences, to present its outcomes to a broad stakeholders audience. Besides the conferences and workshops organized by the SESAME consortium, partners actively participated multiple important and high level international events/ academic conferences/workshops/symposiums, etc.
The participation had the goal of presenting the progress of the project achievements is instrumental to influence and receive feedback from the three target groups of potential customers: end users, service providers and manufacturers.
Dedicated web site. A SESAME web site has been put on the web (https://www.sesame-project.eu/) with the following features:
1. dedicated Web domain name for the consortium
2. publicly available part (further dissemination of the results of SESAME, public communication)
3. restricted access area (interaction and communication between the partners within the project).
4. forum
Groups and Platforms Dissemination. SESAME established cooperation links with various Bodies, other EU Projects and organizations.
SESAME has taken advantage of membership of Delft University of Technology (TUDelft) in the Consortium. TUDelft has strong linkage with NGInfra, the Dutch Next Generation Infrastructure Programme (www.nextgenerationinfrastructures.eu) an international programme which is gaining international coverage by involvement of players all across Europe and beyond. Next Generation Infrastructures promotes events related to the specific market targeted by SESAME, and related to the security issues.
Newsletters. A newsletter was sent twice a year to a huge list of stakeholders promoting the exploitation of SESAME results with activities aimed at a non-specialized general audience.

Exploitation of Results

The project coordinator supervised the dissemination/exploitation of the scientific and technical results from this project that was performed under the guidance of the dissemination manager; individual partners were responsible for the execution of the actual dissemination/exploitation activities. Newly acquired knowledge was continuously evaluated for protection, dissemination and exploitation of intellectual property rights by each partner.
The exploitation has been undertaken starting from the consideration of the potential customer base. Various typologies of customers are possible and basically all of them are represented in our consortium or SAB and the list is further extended with additional contacts, at the dissemination stage. The results of the project, both in term of expertise on the “security handling” of power systems and of the prototype SW tool, developed and tested in the two trial applications, were promoted in the dissemination activities and exploited directly and indirectly by the consortium members.
For the potential customers the SESAME results, we must first identify what is the customer base for the outcome of the project. We addressed stakeholders like: transmission and distribution system operators and their professional association (ENTSO-E), power generation utilities, national authorities in charge of the security of critical infrastructures, national regulatory authorities and their European associations (ACER, CEER, ERGEG), security bodies in general. Those might be the end users of products and services based on the outcome of SESAME.
Manufacturers of infrastructure equipment and manufacturers of IT components and services in critical infrastructures, who are involved as well in the Stakeholder Advisory Board (SAB) of SESAME, cannot be considered such as end users. However, they might consider to make use of the outcome of SESAME as a base for developing product features, tools and services which may be instrumental to strengthen penetration of their core products and services in their own reference markets.
We have used expertise as a value to be exploited. The knowledge acquired during the impact assessment would let to link technical information about energy infrastructures and their evolution regarding security issues. This connection and the manner to involve the private sector with the European security topics is part of the lesson learned of the project. Deloitte SL, as worldwide leader in information technology consulting, is focused on advising businesses on how best to use information technology to reach their business objectives. In addition to providing advice, IT consultancies often implement, deploy, and administer IT systems on businesses' behalf. The expertise obtained has allowed Deloitte to get revenues from for public security bodies and private companies use Business Consulting for designing and planning.
The IT Tool developed by SESAME is a prototype software Decision Support System intended to give advice to users about the most effective measures in order to secure a regional power infrastructure integrated in the European power grid against cascading effects through accidents or deliberate acts of terrorism. The DSS itself embodied a number of supporting data and knowledge bases and a software simulator of the power infrastructure. As such, the DSS is to some extent a platform which is customized for use by entering knowledge and data pertaining to a specific application, i.e. it requires further customization to become applicable. Primarily this was a task of the software developer, INDRA, which may use it as a base to design commercial software products, as well as a support to further extend the range of services they deliver to their broad customer base in the power sector and beyond.
Although in principle licensing of the software tool as such to third parties such as equipment manufacturers, security and IT service providers, as a base for developing their own commercial software products, could be considered, this would require extensive further development before this prospect can be concretely envisaged. The trial applications developed during work packages 6 and 7 have not a spread potential market in themselves. They are important as tangible demonstrations of the range of products and services which could be based on the IT tool as a software platform, hence to identify market players which could be interested in those products or services.
After the final closure meeting, the consortium gathered together to start planning post-SESAME dissemination and exploitation strategies. The consortium, especially Polito, has been pushing the tools also to be used to the security of regional and national transmission grids, such as Baltic region, Italian, etc. In a couple of months the Directive of Energy stress tests should be published, the consortium has already been pushing the DSS to be used as one of the testing tools. The initial contact has been made between Polito and Transelectrica. All partners were expected to check open calls at National or EU level, where they can cooperate and maybe follow up with the SESAME results. Vis-à-vis meetings would be scheduled by partners with the TSOs or/and regulators in their countries or with personal contacts to ensure the success and interest of demonstration of the SESAME outcomes to them.

List of Websites:
SESAME Website:
https://www.sesame-project.eu/

Polito
Giovanni Griva
giovanni.griva@polito.it

Deloitte
Fernando Garcia Gutierrez
fgarciagutierrez@deloitte.es

E-Control
Christine Materazzi-Wagner
Christine.Materazzi-Wagner@e-control.at

TU Delft
Zofia Lukszo
Z.Lukszo@tudelft.nl

Indra
Dolores Lucena Ferrero
dlucena@indra.es

TrEl
Simona L. Voronca
simona.voronca@transelectrica.ro

Durham University
Tooraj Jamasb
tooraj.jamasb@durham.ac.uk

Kudos Research
Chris Smith
CSmith@kudosresearch.com

EI-JKU
Johannes Reichl
reichl@energieinstitut-linz.at

JRC-IET
Marcelo Masera
marcelo.masera@ec.europa.eu