As our society is becoming increasingly dependent on Critical Infrastructures, new technologies are needed to increase our detection and response capabilities. Detecting and responding to cyber-attacks by a highly motivated, skilled and well-funded attacker has been proven highly challenging. One of the most vulnerable and high-impact Critical Infrastructure is the smart grid since the collapse of an energy production utility may cause human lives, millions of euros, denial of a very important and common good such as energy and days or even months of recovering.
In order to overcome this issue, SPEAR comes to provide effective solutions in detecting, responding and taking countermeasures against advanced cyber threats and attacks targeted to modern smart grids.
The SPEAR project aims at developing an integrated platform of methods, processes, tools and supporting tools for:
- timely detection of evolved security attacks such as APT, Denial of Service (DoS) and Distributed DoS (DDoS) attacks using big data analytics, advanced visual-aided anomaly detection and embedded smart node trust management, which will be integrated in an advanced SIEM;
- developing an advanced forensic readiness framework, based on smart honeypot deployment, which will be able to collect attack traces and prepare the necessary legal evidence in court, preserving the same time user private information;
- implementing an anonymous smart grid channel for mitigating the lack of trust in exchanging sensitive information about cyber-attack incidents;
- performing risk analysis and awareness through cyber hygiene frameworks, while empowering EU-wide consensus by collaborating with European and global security organisations, standardisation bodies, industry groups and smart grid operators;
- exploiting the research outcomes to more Critical Infrastructures domains and creating competitive business models for utilising the implemented security tools in smart grid operators and actors across Europe.
Collaborating Companies or Organisations
Tecnalia is one of the 17 partners of the project, among which there are big industries European Dynamics Luxembourg S.A., Schneider Electric France SAS), SMEs (Eight Bells LTD, Incites Consulting SARL, Sidroco Holdings Limited, 0 INFINITY Limited), Energy industries (Public Power Corporation S.A., ENEL IBERIA S.R.L, VETS Lenishta OOD), research centers (Centre for Research and Technology Hellas, Fundacion Tecnalia Research & Innovation, Pukhov Institute for Modeling in Energy Engineering of the National Academy of Sciences of Ukraine) and universities (University of Western Macedonia, University of Surrey, Gottfried Wilhelm Leibniz Universität Hannover, Technical University of Sofia).
Tecnalia will design and develop the first layer of the OT SIEM for modern smart grids as well as AMI honeypots that support game model strategies in order to prevent the function of anti-honeypots by the attackers. Tecnalia will also implement an anonymous communication channel for data exchange among smart grid operators and stakeholders.
Tecnalia will support to the Substation Scenario Use Case together leaded by Schneider.
This project, under reference nº H2020-787011, has been financed by the European Commission under the H2020 program.