HAZITEK STRATEGIC CALL FOR PROPOSALS 2022 + ALAVAINNOVA 2022

As part of the energy transition and decentralisation of energy generation from renewable sources, the incorporation of new technologies and digitalisation is transforming the electricity grid into a smart grid. This transformation involves new risks, as digitalisation exposes the energy system to cyber attacks and incidents that may be a threat to the security of the grid 1. Therefore, cyber security of the electricity grid has become a key element, that has an impact on all levels of the value chain, on other critical sectors, on users and on society. Cyber security is one of the main challenges facing the sector, it will be a fundamental factor for competitiveness and survival of companies, and it can only be tackled from innovation and incorporation of disruptive technologies.

One of the key cyber security aspects is carrying out active cyber security incident management that makes it possible to detect vulnerabilities and their consequent early correction during the operation of the system. This contributes to reducing the window of opportunity to cyber attackers, which reduces cyber security risks. The active management of cyber security incidents is more important on critical infrastructures such as the Smart Grid, where a cyber attack can involve very serious consequences.

The active management of cyber security incidents on infrastructures such as the Smart Grid represents a major technological challenge for various reasons 2. Firstly, they are environments made up of heterogeneous devices where there is a great technological mix, which complicates the inventory of components and the management of updates. Secondly, it is usual for these devices to have real-time run requirements or they carry out critical functions, therefore the application of updates must not affect their running. Lastly, legacy devices without update capacity are not uncommon.

Thus, the main objective of the Sec2Grid is to equip the entire value chain of the electrical sector with the capacity to respond in a coordinated and rapid way to cyber security incidents that affect the Smart Grid. As an overall result of the project, an infrastructure will be obtained that supports a federated threat intelligence service and integrated cyber security incident management. This infrastructure is made up of cognitive identification and early detection agents.  Finally, the results of the innovation carried out in the different work environments in the project will be taken as a basis for the specification of the cyber security management requirements that must be met by the Smart Grid systems in the future. Moreover, the lessons learned during the development of the project will be included and the keys will be identified for the deployment of this global solution on a large scale and in other sectors and markets with different threats, a virtualised validation and verification system for cyber security updates and a continuous deployment system for cyber security updates will also be included.