Internal meetings to make important decisions regarding UCs

Internal meetings to make important decisions regarding UCs

Partners from IMP, EMSS and SCC gathered together for an internal meeting in order to discuss about further implementations and development regarding UC12 “Emergency & Restoration -Over-Frequency Protection module” and UC19 “Emergency & Restoration -System Split module”.

The goal of UC12 is to replace individual controllers on generators, mimicking the response of the entire power system to over-frequency conditions and to ensure effective over-frequency protection, while the goal of UC19 is automatic detection and faster coordination during disturbances, ensuring faster and more efficient crisis response.

The main topic for UC12 was planning the future activities and dynamic of work. Also, some details were agreed about testing. Regarding the UC19, discussion was about needed inputs (frequency from PMU and topology) for detection of system split and improvements of coordination platform for a better signalization of smart notifications. Furthermore, it was agreed that the structure of notifications in some steps of coordination should be modified in order to be aligned with the business process.

Outcomes of this meeting will be reflected in future R²D² development.

Further information:

info@r2d2project.eu

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


R2D2 tools and activities: updated by HEDNO

R2D2 tools and activities: updated by HEDNO

HEDNO recently participated in an insightful workshop held in Ljubljana, focusing on the critical issue of grid resilience against extreme weather events. This event marked a significant collaboration between HEDNO and its partners, ETRA, ICCS and UCY.

ETRA is leading the development of the EMMA – GIMAN tool, an innovative solution that contributes to the reliability of the physical assets and to expedite a faster grid recovery. Meanwhile, ICCS and UCY play a key role in developing the C3POtool, which is crucial for simulating the cascading effects of extreme weather events on the grid infrastructure.

The workshop focused on the synergistic communication between these two innovative tools, showcasing their potential in mitigating the impacts of weather-induced disruptions. HEDNO’s role was crucial, as the organization provided vital insights into the data requirements necessary for the effective operation of both EMMA – GIMAN and C3PO tools.

HEDNO also participated in another critical workshop with S2 partner regarding the potential deployment of CARMEN tool in HEDNO’s premises. CARMEN is a threat hunting tool specialised in analysing traffic, detection of anomalies, fighting Advanced Persistent Threats (APT) and zero-day vulnerabilities by using machine learning.

While the discussion was in its early stages, the outcome was very fruitful, mostly involving potential VM requirements for the host of the CARMEN tool, server and hypervisor specs, the established communication protocols specialised in traffic analysis , the data volume and frequency that will be made available for analysis, the use of syslog for information displayed,  as well as potential challenges to be aware of for the effective use of the tools.

HEDNO has already proceeded with equipment installation on the pilot site infrastructure for the scope of the R2D2 Project. Technologies, which have already been installed on the pilot, are the following ones:

Surveillance cameras at HV/MV substation for protection against physical attack

HEDNO has already successfully proceeded with the procurement and installation of 4 CCTV cameras, which have been installed on Magiko HV/MV substation. All CCTVs have been presented to partners during the 2nd R2D2 plenary meeting, which was held in Xanthi in June 2023. CCTVs are expected to contribute to physical substation security, by providing real time images to EMMA product, which will conduct image analysis, followed by possible alerts to the DSO.

Thermal camera at HV/MV substation

A thermal camera has already been procured by the local department of HEDNO, which will be used for both infrastructure inspection in parts of the aerial distribution network, as well as for inspection in certain parts of Magiko HV/MV infrastructure.

Re-usability of past EU Projects’ equipment

9 SLAM metering devices installed on HEDNO Xanthi premises during X-FLEX Project, will also be part of R2D2 Project, as data from those high-frequency metering devices are expected to contribute to C3PO algorithms and energy data tokenization on the edge.

5 AMI devices installed on certain MV/LV substations in the pilot site during X-FLEX Project, are expected to share data to C3PO algorithms during the R2D2 Project.

HEDNO successfully organized the 2nd R2D2 Project plenary meeting, which was held in Xanthi city during 07-08 June 2023. The purpose of the meeting was twofold:

The first day was dedicated to partners’ presentations around the Project progress, where all pending issues were successfully discussed.

Another day was dedicated to the Xanthi pilot visit, so as all participants could be informed about the technologies and infrastructure utilized from HEDNO, for the scope of the Project.

Firstly, a visit to the local department of HEDNO took place, where the basic HW infrastructure, such as SCADA system was presented, followed by an on-site demonstration of assets that were installed in the pilot, such as SLAM metering devices and AMI in a secondary underground substation.

Furthermore, an on-site visit to Magiko HV/MV substation was scheduled, where the basic infrastructure of the primary substation of the pilot was shown, followed by a demonstration of the 4 CCTVs installed in the perimeter of the substation building.

Further information:

info@r2d2project.eu

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


SCC Participates in MVS Security Webinar Organized by ENTSO-E

SCC Participates in MVS Security Webinar Organized by ENTSO-E

On 25th April, SCC, a partner in the R²D² project, participated in the MVS Security Webinar organised by ENTSO-E. This working group monitors the information security status of all entities that access the OPDE platform, where confidential data about the forecasted power system network state is exchanged. This exchange of network models is fundamental to all RCC tasks, so predefined information security control measures must always be met. This group ensures compliance with these measures for all participants in the process.

The group holds regular monthly online meetings to share updates on ongoing information security activities, discuss potential security issues, and review the status of the annual audit process. During these meetings, the R²D² tool OPDE Risk Register, which provides new functionalities to improve the submission and communication of OPDE risks, is also discussed.

OPDE Risk Register Tool

SCC presented the R²D² project and its OPDE Risk Register Tool. This tool is designed for Regional Security Coordinators (RSCs), like SCC, to periodically communicate their risks to ENTSO-E, a requirement for RSCs. Currently, this process is done in a nearly “homemade” manner, which is prone to errors and failures. The OPDE Risk Register tool streamlines this process by allowing risks to be communicated and updated directly to ENTSO-E through a repository interface, thereby automating and accelerating the process and eliminating the need for emails and attachments.

Live Demonstration and Expert Feedback

During the webinar, SCC saw a live demonstration of the tool. Information security experts in attendance had several questions related to:

  1. Integrating external tools with the central OPDE Risk Register tool;
  2. Including risks related to other security plans, not just the OPDE Security Plan;
  3. Different ideas about the relationship between risks and communication regarding those risks.

An ENTSO-E representative expressed satisfaction with the tool’s functionalities and mentioned that the OPDE Risk Register would be considered as a potential tool for official use. The presentation was recorded, and further comments from other ENTSO-E experts are expected after they review the video in the coming months.

The MVS Security Webinar provided a valuable platform for discussing the R²D² project and the OPDE Risk Register Tool. SCC’s participation highlighted the importance of secure and efficient risk communication processes within the ENTSO-E network. The feedback from information security experts will be crucial in refining the tool and ensuring it meets the stringent requirements of the energy sector.

Further information:

info@r2d2project.eu

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


Impact assessment regarding UC “Validation of network model integrity”

Impact assessment regarding UC “Validation of network model integrity”

During the R²D² plenary meeting in Ljubljana, representatives of GUARD (Priit Anton and Mihkel Väljaots), EMSS (SrđanSubotić) and SCC (Dušan Prešić) took the opportunity to organise a side meeting to discuss future demonstration activities and impact assessment regarding UC “Validation of network model integrity”.

The goal of this UC is to increase cyber security and maintain network model integrity by using KSI Blockchain technology to create a signature file – a unique cryptographic proof that protects the integrity, signing time and signing identity of the network model so that TSOs and RCCs could be sure that some third actor (or error) did not change metadata of the network model during its transfer of storage.

The meeting was very fruitful since two demonstration scenarios (green and red) are sketched. Also, several attack points are detected based on the current business process that is implemented on the TSO and RCC side regarding the processing of network models.

Finally, some potential financial impacts were discussed during the meeting, including reputational impact for TSOs or RCCs in case of network model integrity issues.

The outcomes of this meeting will be reflected in future R²D² deliverables.

Further information:

info@r2d2project.eu

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


Cyber Noesis honoured with the Gold Cyber Security Award 2024

Cyber Noesis honored with the Gold Cyber Security Award 2024

We are delighted to announce that Cyber Noesis has been honored with the Gold Prize at the Cybersecurity Awards 2024 in the category of Cyber Security Projects &Services / IoT Security, for its involvement in the R2D2 project.

On Thursday, February 8, 2024, the Cyber Security Awards 2024 Winners Ceremony took place at the Sofitel Athens Airport, attended by the Greek Minister of Digital Governance, Dimitris Papastergiou. The awards focus on cybersecurity and digital security management including the fields of Critical Infrastructure and Public Infrastructure.

Further information:

info@r2d2project.eu

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


R²D²: A New Member of the EU Cluster for Securing Critical Infrastructures

R²D²: A New Member of the EU Cluster for Securing Critical Infrastructures

R²D² is set to make significant contributions to the European Cluster for Securing Critical Infrastructures (ECSCI) by focusing on strengthening the security and resiliency of power systems. ECSCI, which comprises a cluster of European projects, serves as a platform for sharing advancements in security and resilience within critical infrastructure.

The objective of this engagement is to facilitate the exchange of findings related to the prevention and mitigation of cascading events, cyber-threat intelligence, and other factors influencing the resiliency and security of electrical systems with fellow cluster participants.

R²D² project coordinator, Ugo Stecchi, emphasizes the significance of this involvement, stating, “It will be a valuable opportunity to share our accumulated knowledge not only with stakeholders in the energy sector but also with experts from various critical infrastructure domains. We can exchange best practices and procedures, thus contributing to the ongoing discourse on the state-of-the-art of critical infrastructure security.”

ECSCI’s primary goal is to create synergies and promote innovative solutions to security challenges through collaborative efforts and innovation across projects. Research endeavors will center on safeguarding critical infrastructures and services, emphasizing the distinctive approaches adopted by the clustered projects and building robust connections with closely related and complementary H2020 projects. To promote cluster activities, ECSCI plans to organize international conferences and national or international workshops, engaging policymakers, industry representatives, academics, practitioners, and delegates from the European Commission.”

Further information:

info@r2d2project.eu

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


Unlocking the Power of Threat Hunting in OT Environments

Unlocking the Power of Threat Hunting in OT Environments

In today’s ever-evolving digital landscape, industrial systems and critical infrastructures are more exposed than ever to cyber threats. Since the arrival of the Industry 4.0 paradigm, both Information Technologies and Operational Technologies (IT and OT) coexist, and APT groups and cybercriminals take advantage of vulnerabilities in either of these two technologies to cause damage to these industrial infrastructures or to the society itself, which relies on them.

 

Threat hunting is a complex process carried out by cybersecurity experts to detect the presence of the above-mentioned Advanced Persistent Threats (APTs). This process usually entails inspecting network traffic, analyzing user and application logs, and correlating all that heterogeneous information in search of indications of the presence of any threat or potential vulnerability in the system.

CARMEN, the tool developed by S2 Grupo in collaboration with Spain’s National Cryptologic Centre to identify compromises by APTs, is one of the tools cybersecurity experts can use in the threat-hunting process. CARMEN covers both IT and OT traffic, providing comprehensive threat visibility that enables early detection of vulnerabilities and anomalies in industrial control systems. Proactive threat detection in OT environments enhances overall security, improves incident response, and minimizes operational disruptions. Furthermore, it enhances asset visibility, inventory management, compliance adherence, and cost reduction. Ultimately, this adaptation future-proofs security measures, ensuring the safeguarding of critical infrastructure in our ever-evolving digital landscape.

 

As part of the R2D2 project, S2 Grupo has begun expanding CARMENs capabilities for analyzing OT traffic by developing new capabilities for data ingestion and threat detection. These developments will include the creation of new specific protocol dissectors for CARMEN, such as MQTT, ICCP 60870-6/TASE.2, IEC 60870-5-104, or Modbus, as well as new pre-processing and aggregation capabilities to reduce the amount of information to be processed and its inner variability. These developments will enhance CARMEN’s ability to carry out a more in-depth analysis of network traffic at different levels and to improve its detection capabilities, including both signature-based and anomaly-detection-based methods.

Additionally, new capabilities aimed at APT and zero-day threat detection using Machine Learning techniques are being developed for CARMEN within the scope of R2D2. This approach is based on modeling and characterizing tactical and operational intelligence, allowing for the comparison of suspicious actions. This way, APT groups can be clustered based on the tactical and operational intelligence they employ when attacking a system. As a result, when anomalous behavior is observed and detected, it’s possible to match this behavior against each APT group cluster, assess the possibility of being under an attack carried out by one of the APT groups in these clusters, and raise an alert. Furthermore, this approach allows for alerting cybersecurity analysts about other actions typically associated with these APT groups so that they can search for any of these actions if they haven’t been noticed before or be prepared for the next stages of the attack.

This developmental milestone and new feature have received substantial acclaim, especially at events like the Navaja Negra Conference, held in Spain in October 2023. The enthusiastic approval from both attendees and experts underscores the significance of this advancement in threat-hunting technology.

Further information:

Ugo Stecchi (Project coordinator)

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


One year of R²D²

One year of R²D²

The R2D2 Project completed its first year of life during which the technical and scientific foundations were laid for the development of its four products. In these first twelve months, several activities have advanced the development of the project, in the field of the resiliency, reliability, cyber-, physical and operational security. The use cases, requirements and architecture have been defined, the software design and functional descriptions of the four products have been completed, and the development phase of the four products has finally begun. The project will be validated in four pilot sites (including TSOs and DSOs), which have completed a monitoring and survey of the available IT and OT infrastructure, and of the applicable regulation and legislation relating to the (cyber) resiliency of electrical systems. Finally, in this first year, R2D2 has been active in confirming its presence in the various forums and initiatives at European level to communicate and disseminate its objectives, and the innovations proposed by the project.

Further information:

info@r2d2project.eu

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


EMMA-SURVEILLANCE: Enhancing Substation Security with AI-Powered Visual Detection

EMMA-SURVEILLANCE: Enhancing Substation Security with AI-Powered Visual Detection

Within the context of the R2D2 project, an innovative tool known as EMMA-SURVEILLANCE is currently in development to bolster the security of critical facilities located in electrical substation transformer centers. This solution integrates an artificial vision algorithm that has been honed by retraining the well-known YOLO (You Only Look Once) model. This algorithm is equipped with the ability to efficiently detect fires, smoke, and the presence of animals in the vicinity of the substation. The purpose of identifying fires and smoke is to promptly alert personnel to potential emergencies, ensuring a swift and effective response. Furthermore, recognizing animals is of utmost importance, as many of them tend to come into contact with the substation structures, posing the risk of electrocution and causing significant disruptions to the electrical system. This model will be deployed in a stationary camera situated within the corresponding pilot substation.

In this initial phase, the algorithm has exhibited remarkable precision, achieving an F1 score of 0.84. This achievement is particularly noteworthy, especially when considering the project’s early stages. As the next steps, the plan involves expanding the dataset, with the objective of collecting more images of fires and smoke to enhance the model’s accuracy. Concurrently, the load testing phase will be initiated, assessing the model’s inference capacity when operating in a real camera and continuously processing real-time video streams. This process is critical to ensure that the algorithm can perform effectively without significant delays, thereby guaranteeing its practicality for real-time monitoring scenarios.

Some examples of recorded images of the AI-powered visual detection.

Further information:

Ugo Stecchi (Project coordinator)

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.


R²D² showcases its coming innovations at EUSEW 2023

R²D² showcases its coming innovations at EUSEW 2023

R²D², the cutting-edge energy project coordinated by ETRA I+D, will be showcasing its latest and most innovative developments at the Energy Fair during the European Sustainable Energy Week (EUSEW 2023) in Brussels from June 20th to 22nd. As part of the Horizon 2020 and Horizon EU frameworks, R²D² aims to improve the resilience and reliability of Electrical Power and Energy Systems (EPES) against growing threats and vulnerabilities that pose a risk to critical infrastructure.

Don’t miss the chance to see R²D² in action at the ETRA I+D booth during EUSEW 2023!

ETRA I+D’s expert team will be on hand to provide visitors with first-hand knowledge of the R²D² project, in addition to physical and digital promotional materials, explanatory videos, and live demonstrations of their ground-breaking innovations. The exhibition will also feature a series of “Coffee talks” scheduled over the three-day event, where project experts, invited guests, and visitors can discuss their work on energy transition and the latest developments in the field.

Further information:

Ugo Stecchi (Project coordinator)

This project has received funding from the  European Union’s Horizon Europe research and innovation programme under grant agreement No 101075714.