On 11 May, SDN-microSENSE project members gathered at SINTEF Energy Research in Trondheim to test Use Case 1: Investigation of Cyberattack Scenarios and Methodologies Against EPES. We took the opportunity to talk to Project Coordinator Alfredo González Naranjo (Ayesa) and Sokratis Katsikas (the Norwegian University of Science and Technology – NTNU) about the aims of the use case, the value of European collaboration, and the importance of cybersecurity for electrical power and energy systems (EPES) in an increasingly digital society.
This is the second out of third parts
Launching real cyberattacks in a simulated environment
SDN-microSENSE has developed a number of tools that can counterattack a cyberattack on the electrical grid. All these tools have been tested individually with great success. In Use Case 1, which is led by NTNU and hosted by SINTEF, they are tested as a complete collection to ensure that they work together without conflicts or errors.
SDN-microSENSE project members in the Norwegian Smart Grid Laboratory in Trondheim, which hosted the simulated grid environment. Image: Sondre Aksnes Yggeseth
The tests take the form of launching cyberattacks at a simulated electrical grid that mirrors the real environment. The tools must be able to both detect the
attack and provide the necessary measurements to help mitigate the attack.
“This is the value of the facilities that NTNU and SINTEF have,” says Sokratis. “You can test the tools in a realistic environment without compromising the real one. Then, when you deploy the tools, they are already more or less tested.”
This form of testing enables the research to be taken to a higher technology readiness level (TRL) than would’ve otherwise been possible – and unlocks opportunities for close collaboration with industry as a result.
“Academic research usually goes up to TRL 3 (Experimental proof of concept), at most TRL 4 (Technology validated in lab),” explains Sokratis. “Industry wants TRL 7 (System prototype demonstration in operational environment) and upwards. Initiatives like this help bridge that gap.”
“Once the solution has been integrated into the portfolio of the industry partners, it increases their number of cybersecurity solutions,” says Alfredo. “This is an important point for industrial partners because it’s a way to expand their potential customer base, services, new tools, and so on.”
“Because there are a lot of tools involved in the use case, there’s a lot of integration to consider and a lot of communication channels between them. So it’s very difficult to test all the different paths,” says Alfredo.
However, this also means that if Use Case 1 is successful, it is reasonable to assume that the other use cases will be too. Various spin-off projects have already been launched that will continue to build on the work started in these use cases.
The blog is also published in the website of SINTEF