The detection and the prevention of the cyber-attacks, which target the Electrical Power Energy Systems (EPESs) is an issue of great significance since the impact of the EPES in financial and automation domains is very high.
The Cross-Layer Energy Prevention and Detection System (XL-EPDS) is the framework that developed in the SDNmicroSENSE project and associated with detection and the prevention of cyber-attacks. The contribution of the CERTH concerns the development of methods, mechanisms and technics that will expand the capabilities of the tools that associated with the XL-EPDS. More specific, CERTH will expand the capabilities of the Cross-Layer Security Information and Event Management tool (XL-SIEM), the intrusion detection tool and the privacy protection policies, (Figure 1).
The XL- SIEM monitors, controls and correlates the operations that take place at the control centre, substations and smart meters. CERTH will take into consideration the heterogeneity of the various devices or technologies of an EPES and will contribute to the integration of security agents that capture data related to industrial communication protocols (Modbus and DNP3).
The intrusion detection tools provide specific detection techniques for the cyber-attacks. CERTH will develop machine learning mechanisms for the detection of cyber-attacks in an EPES based on the big data analysis and the deep inspection in the network traffic of the EPES.
Moreover, CERTH will contribute to the examination of privacy protection policies and the implementation of privacy protection mechanisms that based on the above policies. The contribution to the Authentication and the Authorization module will arise from the development of an access control system that will determine the appropriate privileges of the user.
Self-healing and management methods that will be activated in case of critical state constitute another important framework of the SDNmicroSENSE project. CERTH will contribute to the extension of the standard Multi Agent System (MAS) for microgrids that constitute a tool of the Energy Restoration and Management Processed. CERTH will provide a system that is compatible Software Defined Networking architecture (SDN) and will leverage the software networking capabilities in order to optimize the network traffic between the agents, (Figure 2).
A contribution of the CERTH in application layer concerns the co-development of the Electrical Data Analysis Engine (EDEA) which takes as input the cyber-attacked parts or units of the EPES network. Afterwards this engine will suggest the isolation of the affected components and will provide alternative network paths for the data flow, (Figure 3).
The development of an energy trading system between stakeholders of an EPES ecosystem constitutes an important part of the development procedure of the SDNmikroSENSE. More specifically, CERTH aims to develop an energy trading system between stakeholders of an EPES. The system will take into account the energy supply/demand forecast as well as the security status of the energy metering equipment of each participating stakeholder. Then it will conduct an e-auction where the stakeholders will be able to submit a bid and eventually based on an auction’s protocol, the winner will be awarded the amount of energy that was declared by the seller party during the establishment of the e-auction.