Month: August 2025

eFORT Intelligent Platform(D4.3) Released: A Practical Step Towards Resilient, Cyber-Secure Grids

The eFORT consortium has delivered D4.3 – eFORT Intelligent Platform, a working demonstrator that helps operators make sense of substation data in real time and react faster to incidents. Built and hosted by the eFORT partner, SIA, on SIACloud, the platform securely ingests field telemetry and intrusion-detection events, normalises them, and provides an operator-friendly view with alerts and supporting tools. From September onwards, the demonstrator will be exercised with real data from the demo sites, allowing partners to validate functionality under realistic conditions and fine-tune where needed.

What the platform does

  • Secure data ingest, one place: Field devices and partner tools send JSON to the platform over HTTPS/VPN using opaque company tokens (no JWT, no signing).
  • Two data families, one view: The platform handles RTU telemetry (equipment status and measurements) and IDS events (e.g., IEC 61850 GOOSE anomalies).
  • Actionable alerts: Entries are flagged as alerts when (i) an engineered threshold is breached, (ii) the anomaly-detection model sees unusual behaviour, or (iii) an incoming IDS event is explicitly marked as alarm. Operators can see what triggered each alert at a glance.
  • Operator-first UI: Clear dashboards, an alerts panel (view/acknowledge), and utilities for islanding-related data management round out day-to-day operations.
  • Interoperability by design: Field data are aligned with IEC 61850 logical-node naming, while security controls follow IEC 62351 recommendations at transport and access layers.

How it fits within effort

The Intelligent Platform is the integration point where different eFORT partners outcomes meet practical operation: RTU telemetry and IDS insights feed a unified backend; operator workflows are exercised through the UI; and Communication & dissemination activities can showcase a tangible, running artefact. Importantly, the build balances demonstrator pragmatism (simple token model, curated feature set) with a clear path to production (role-based access, company scoping, and a cloud architecture that can scale).

What’s new or distinctive

  • Clarity for integrators: The ingest contract is intentionally simple. This keeps partner implementations straightforward while preserving a clean operator experience.
  • Standards in practice: With support from Schneider Electric, the team validated logical-node conventions and security profiles using representative IEC 61850 traffic, helping to ensure a smooth bridge between legacy substation protocols and modern cloud APIs.
  • Environments ready for pilots: SIACloud provides three dedicated environments (LAB, INT, DEMO), reachable via site-to-site VPN. The demonstrator is already deployed and will host upcoming pilot data.

What’s next

From September 2025, the partners will run the demonstrator with real datasets and network conditions from the demo sites. The focus will be on confirming end-to-end ingest, checking alert fidelity, and collecting operator feedback. Minor software/documentation adjustments may follow, but the goal remains the same: a usable, realistic platform that improves grid visibility and response.

Learn more

Deliverable 4.3 is accompanied by a User Manual (operator-focused), an Administrator Manual, a Technical System Documentation and an Integration Manual for API clients. Together, they provide the “how-to” needed for pilots while keeping the demonstrator footprint clear and reproducible.

Contact us

contact@efort-project.eu 

Follow us on:

New Study by CERTH and CIRCE for Power System Resilience Enhancement

The new Conference publication by CERTH and CIRCE, entitled “Power System Resilience Enhancement and Restoration Strategies” has been presented in the 25th International Conference on Environment and Electrical Engineering (EEEIC), held in Chania Crete, in July 2025. 

The motivation behind this research is the fact that the ongoing energy transition promotes digitized and decentralized systems which can be vulnerable to cyber and physical disruptions. Therefore, it is critical to have a plan against such threats. 

In this context, the CERTH-CIRCE cooperative paper, which will also be published IEEE’s website, presents a multi-layered approach for power system resilience enhancement and restoration, comprising:

  • CERTH/ITI’s real-time cyber monitoring tool, eSIEM, which collects data and calculates each asset’s health, also utilizing vulnerabilities databases, hypothesis reports and past mitigations action databases.
  • CIRCE’s oscillation dumping controller, for high voltage applications, which, according to PowerFactory simulations, can eliminate coordinated attacks that would propagate in the entire power system and challenge its stability, even causing a blackout, and
  • CERTH/CPERI’s black start optimization algorithm, in case a blackout happens, for medium voltage applications, considering a back-up generator, photovoltaics, a battery, critical and regular loads. The optimizer is verified with PowerFactory, proving the effectiveness of the proposed solution.

The Figure of the black start process, developed by the first author, Alexandros Kanousis, shows the steps towards power system restoration, with special focus on system stability as well as the optimal utilisation of photovoltaic production.

The authors of the research paper are Alexandros Kanousis, Maria Fotopoulou, Marta Bernal Sancho, Gonzalo Martin Sanchez Escriche, Georgios Rizos, Paschalis Gkaidatzis, Dimitrios Rakopoulos, Dimosthenis Ioannidis, and Dimitrios Tzovaras, and this study is a result of their cooperation in eFORT, especially at the stage of developing the algorithms that underpinned the project’s solutions implementation.

Contact us

contact@efort-project.eu 

Follow us on:

Progress and Next Steps of the Spanish Demo

As part of the eFORT Horizon project —aimed at strengthening cybersecurity and resilience in European power grids— project partner, Cuerva,  is leading a key demonstration in Spain. Throughout this year, the team has made significant progress in the design and preparation of three use cases to be implemented in Cuerva’s real electricity network, with the goal of validating innovative solutions in a practical environment.

Achievements So Far

During the first half of the year, the three main use cases were defined and detailed: UC1: Blockchain Market + Battery Model, UC2: SecureBox + IP + ChatBot y UC3: Risk Analysis Tools. Beyond this initial design phase, intensive technical development work has also taken place, such as the integration of blockchain technology for energy exchange, the so-called SecureBox, to provide cybersecurity and cyber-resilience to the substation, and the adaptation of the network risk analysis tool for the low-voltage grid. All this work lays the foundation for their deployment and integration in the second half of the year.

Use Case 1 – Blockchain Market + Battery Model

This use case explores the integration of blockchain technology for energy exchange through batteries connected to the grid. Additionally, virtual reality glasses will be used to intuitively visualize battery status and access relevant information.

Use Case 2 – SecureBox + IP + ChatBot

In the field of cybersecurity, progress has been made in planning the installation of two key components: a Schneider Electric RTU (Remote Terminal Unit) and the SecureBox developed by CIRCE. The integration plan and location within a real Cuerva substation, the Escúzar substation, have already been defined, with the aim of evaluating system behaviour under real-world cyberattack conditions.

Figure 1: Connection diagram of the RTU + SECUREBOX + connection to CUERVA’s substation. Use Case 2

Use Case 3 – Risk Analysis Tools

The third use case involves applying a risk analysis tool developed by Universidad Pontificia Comillas. Over the past months, Cuerva has worked on modelling a low-voltage network that will allow this tool—originally designed for high-voltage environments—to be used in a new, more distributed context.

Figure 2: diagram in DIgSILENT of part of the Jayena network. We’ll need to do something similar for Use Case 3.

What’s Next?

Cuerva advances in implementing solutions for the Spanish demo in eFORT

With the goal of strengthening the cybersecurity and resilience of European power grids, Cuerva is leading one of the key demonstrations in Spain. During the first half of 2025, the company has worked intensively on designing and preparing three use cases that will be implemented in its real electricity network.

What are the next steps?

With a solid technical foundation already in place, Cuerva’s efforts will now focus on deploying and validating the developed solutions in real operational environments:

  •  Use Case 1 – Blockchain and distributed batteries

A 3D model of the batteries will be deployed, designed for visualization through virtual reality glasses. Additionally, a user API is being finalized to integrate this functionality into control and monitoring platforms, facilitating interoperability of distributed storage with blockchain technology.

  • Use Case 2 – Cybersecurity in substations

Once version 2.0 of the SecureBox is completed by CIRCE, it will be integrated with a Schneider Electric RTU and installed in a Cuerva substation. This phase will be key to evaluating the solution’s behavior against cyberattacks under real operating conditions.

  •  Use Case 3 – Risk analysis tool

Cuerva is finalizing the modeling of a low-voltage network where the risk analysis tool developed by Universidad Pontificia Comillas will be applied. The planned tests will assess its effectiveness in this new distributed environment.

With these upcoming milestones, eFORT and its partners, including Cuerva, reaffirms its commitment to innovation, the digitalisation of the power system, and the development of a more secure and resilient energy infrastructure.

Contact us

contact@efort-project.eu 

Follow us on: