To address the growing threats on EPES, EnergyShield project developed an integrated toolkit that covers the complete security value chain (assess, monitor & protect, learn & share).
The most significant aspects to support value creation and growth in the electrical power domain is to build but also strengthen the capability to adequately assess the combined ICT and OT/SCADA environments of companies within the field.
The EnergyShield toolkit is an integrated complete solution that covers heterogeneous attack vectors. It receives alerts from the OT anomaly detection (AD) and from the distributed denial of service mitigation (DDoSM) tools that monitor external interfaces are both concluded by the SIEM and by the simulation within the vulnerability assessment (VA) tool. Each of the tool has distinct elements of technical innovation and features that meet the specific cybersecurity requirements (monitoring, detection, vulnerabilities assessment, learning) of the business field. Although they have been developed for different environments and with specific orientations (e.g. SBA - organizational culture oriented solution, focused on the cybersecurity concerns and personnel behaviour / reactions in critical situations, AD – a breakthrough process-oriented anomaly detection solution in OT cyber protection, providing safety for industrial assets by directly monitoring raw electrical signals (level 0 real-time monitoring); SIEM – solution offering data correlation of physical and cyber-events, with capability of handling large amounts of heterogeneous data, etc.), the innovative architectural model ensures the right communication and enhancement of each of their functionalities.
Given the particularities of the energy sector (real-time requirements, cascading effects, technology mix, specific infrastructure) and the trending needs and expectation (regulation enforcement, compliance with security requirements). Energy Shield could strengthen the security in EPES supply chain via adopting Energy Shield toolkit.
The added value of implementing EnergyShield toolkit becomes relevant through the increased resilience against cyber and privacy attacks and minimized effects of their potentially harmful outcomes. Evolving inside clusters of similar projects can only benefit the overall impact of the coordinated efforts of fighting against cyber security threats and attacks.
To increase awareness regarding these aspects, during the 3 years of implementation EnergyShield consortium organized - in collaboration with other H2020 projects - 12 events, published 33 peer-reviewed articles, released 10 whitepapers, and actively engaged within 4 clusters: ESCSI, CyberEPES, BRIDGE, Cyberwatching.eu.
By the end of the project all anticipated EnergyShield tools were released in their final version alongside with detailed reports. The toolkit is tailored to the needs of EPES operators, but many of the technology building blocks and best practices are transferable to other types of critical infrastructures.
