Periodic Reporting for period 1 - SDN-microSENSE (SDN - microgrid reSilient Electrical eNergy SystEm)
Reporting period: 2019-05-01 to 2020-12-31
Cyberattacks have become increasingly sophisticated, stealthy, targeted and multi-faceted. As a result, incidents like power outages, brownouts and blackouts are likely to happen and they may affect not only the energy domain but all the interconnecting devices and infrastructure. Therefore, new security measures are needed, not only from the IT point of view, but by combining the arsenals from both domains: the IT and the power infrastructure domain. SDN-microSENSE aims at providing and demonstrating a secure, resilient to cyber-attacks, privacy-enabled, and protected against data breaches solution for decentralised Electrical Power and Energy Systems (EPES). The project employs a set of advanced cutting-edge technologies targeting at:
1. Performing collaborative and distributed risk assessment involving all energy actors
2. Strengthening EPES domains with self-healing capabilities based on islanding and fast grid recovery processes exploiting renewable sources
3. Enabling effective energy exchange between microgrids and residential prosumers
4. Implementing a large-scale cybersecurity solution by integrating innovative components for detecting and preventing cyberattacks, privacy violations and various threats
5. Building a decentralised security information and event management (SIEM) tool for decision support concerning anomaly detection and response enhanced with advanced machine learning capabilities
6. Realising an end to-end privacy framework that involves all types of users and stakeholders to protect against data breaches
7. Demonstrating and validating all tools/systems/processes through detailed real-world scenarios (in differents countries such as Norway, Greece, Spain or Bulgaria )with emulated/simulated cyberattacks
8. Contributing to international standardisation activities for promoting sustainable and compatible EPES cybersecurity approaches. All designed, developed, and tested technologies should consider the latest related research findings and maintain high compliance with current industrial standards (e.g. IEC standards).
1. Performing collaborative and distributed risk assessment involving all energy actors
2. Strengthening EPES domains with self-healing capabilities based on islanding and fast grid recovery processes exploiting renewable sources
3. Enabling effective energy exchange between microgrids and residential prosumers
4. Implementing a large-scale cybersecurity solution by integrating innovative components for detecting and preventing cyberattacks, privacy violations and various threats
5. Building a decentralised security information and event management (SIEM) tool for decision support concerning anomaly detection and response enhanced with advanced machine learning capabilities
6. Realising an end to-end privacy framework that involves all types of users and stakeholders to protect against data breaches
7. Demonstrating and validating all tools/systems/processes through detailed real-world scenarios (in differents countries such as Norway, Greece, Spain or Bulgaria )with emulated/simulated cyberattacks
8. Contributing to international standardisation activities for promoting sustainable and compatible EPES cybersecurity approaches. All designed, developed, and tested technologies should consider the latest related research findings and maintain high compliance with current industrial standards (e.g. IEC standards).
During this period, the SDN-microSENSE consortium has worked hard to fulfil all obligations agreed and stated in the Grant Agreement (GA). More specifically, regarding the work carried out during months from M01 to M20, the main activities have been:
Regarding Project Management (WP1), many coordination activities have taken place by setting monthly and bi-annual meetings. Moreover, the Quality and Risk managers have performed a continuous deliverables quality reviews and constantly update the Risk and Mitigation action list (Risk register).
With regard to Architecture (WP2, the requirements and specifications of the SDN-microSENSE platform were collected and the overall architecture was defined, including the functional blocks and the interfaces according to the general SDN architecture and the behavioural views were also defined, describing the main workflows covered by the project’s architecture.
The key activities carried out in Risk Assessment and Management (WP3) include the definition of the Collaborative Risk Assessment Methodology and the implementation of it within S-RAF. Furthermore, interfaces between the S-RAF and the cybersecurity detection modules and self-healing technologies were identified and implemented.
In the scope of Cyber-secured & Resilient SDN-based Energy Ecosystem (WP4), the northbound and southbound interfaces for the SDN-Controller were developed, alongside with a coordination service to handle their inter-connections. The SDN enabled measurement & control units and the dashboards for comprehensive visualization were also developed as well as a self-healing mechanism to cluster the grid and apply intentional islanding.
EPES communication protocols were evaluated in WP5, in terms of their resistance to potential attacks and tools to trigger, simulate and detect threats were defined and cyber-attack detection technologies were developed. A Common Centralized Incident Repository, which collects information in a common format from all the EPES was also developed.
With respect to Standardisation & Certification (WP6), a preliminary analysis of the principles and guidelines of the European certification schemes was conducted with respect to privacy and cybersecurity, and the relative existing standards were reviewed. Finally, an initial draft of the low-level documentation about procedures and technical instructions of the project was developed.
The preliminary integration infrastructure and the integration plan were defined in the context of WP7, mapping which SDN-microSENSE components will participate in each pilot and how they will be deployed. Furthermore, a new version of the integration environment, QLACK.v3 was released. On the other hand, regarding Technology Validation (WP8) and since it has not started yet for this reporting period, only preliminary work has been conducted in all use cases.
Finally, a first draft of the dissemination and exploitation plan and individual exploitation plan for all partners were created in the context of WP9. The business potential of the six use cases together with the exploitable items (including advantages over competitors) and their TRLs were defined. The SDN-microSENSE consortium also participated in clustering activities with the other projects under the same call.
Regarding Project Management (WP1), many coordination activities have taken place by setting monthly and bi-annual meetings. Moreover, the Quality and Risk managers have performed a continuous deliverables quality reviews and constantly update the Risk and Mitigation action list (Risk register).
With regard to Architecture (WP2, the requirements and specifications of the SDN-microSENSE platform were collected and the overall architecture was defined, including the functional blocks and the interfaces according to the general SDN architecture and the behavioural views were also defined, describing the main workflows covered by the project’s architecture.
The key activities carried out in Risk Assessment and Management (WP3) include the definition of the Collaborative Risk Assessment Methodology and the implementation of it within S-RAF. Furthermore, interfaces between the S-RAF and the cybersecurity detection modules and self-healing technologies were identified and implemented.
In the scope of Cyber-secured & Resilient SDN-based Energy Ecosystem (WP4), the northbound and southbound interfaces for the SDN-Controller were developed, alongside with a coordination service to handle their inter-connections. The SDN enabled measurement & control units and the dashboards for comprehensive visualization were also developed as well as a self-healing mechanism to cluster the grid and apply intentional islanding.
EPES communication protocols were evaluated in WP5, in terms of their resistance to potential attacks and tools to trigger, simulate and detect threats were defined and cyber-attack detection technologies were developed. A Common Centralized Incident Repository, which collects information in a common format from all the EPES was also developed.
With respect to Standardisation & Certification (WP6), a preliminary analysis of the principles and guidelines of the European certification schemes was conducted with respect to privacy and cybersecurity, and the relative existing standards were reviewed. Finally, an initial draft of the low-level documentation about procedures and technical instructions of the project was developed.
The preliminary integration infrastructure and the integration plan were defined in the context of WP7, mapping which SDN-microSENSE components will participate in each pilot and how they will be deployed. Furthermore, a new version of the integration environment, QLACK.v3 was released. On the other hand, regarding Technology Validation (WP8) and since it has not started yet for this reporting period, only preliminary work has been conducted in all use cases.
Finally, a first draft of the dissemination and exploitation plan and individual exploitation plan for all partners were created in the context of WP9. The business potential of the six use cases together with the exploitable items (including advantages over competitors) and their TRLs were defined. The SDN-microSENSE consortium also participated in clustering activities with the other projects under the same call.
SDN-microSENSE uses advanced microgrid technologies and builds upon the pillars of software defined networking, virtualization, detection tools, deep learning and big data techniques, game-theoretic modelling and visualisation that will provide a secure platform for efficient prevention, detection and respond to sophisticated cyber-attacks as well as the efficient exchange of critical information. SDN-microSENSE is in the process of providing an appropriate framework and an all-in-one solution for energy stakeholders and operators to safeguard the secure and continuous operation of their networks, meeting their highly demanding security requirements and pushing the current state of the art. Once the project is finished, its results will greatly benefit society as a whole since other infrastructures and economic sectors are interdependent to energy systems and thus a potential paralysis of them due to domino and cascade effects will be avoided. In addition, this will also have a positive environmental impact by means of physical resources expenditure limitation and better network load balancing. SDN-microSENSE is going to radically decrease the detection and respond time to sophisticated cyber-attacks through the proposed large scale SDNmicroSENSE SIEM tool that will efficiently process the collected events using big data analytics, deep learning and visualisation, whilst providing enhanced data and network monitoring mechanisms. This is further enhanced by introducing SDN capabilities to the architecture enabling a specification-based intrusion detection methodology at different locations and areas and allowing self-healing of several grid nodes. These will contribute to the limitation of smart grids, and as a consequence of businesses’ and supply chains’ in general, disruptions positively influencing production and sales and saving high costs of response, repair, and clean actions. Finally, conclussions gathered from the execution of the pilot will help to identify new features and functionalities to be included within the whole platform developed.