Fortifying the Power Grid: JSC Prykarpattyaoblenergo’s Role in Advancing Cybersecurity through the eFORT Project

Early stage of constructing a testbed

The power system is the backbone of the economy, with every sector reliant on a stable supply of electricity. Any disruption can significantly impact essential services such as finance, communication, heating, gas, and water supply. With the proliferation of digital devices and advanced communication systems, the threat landscape for power grids has expanded, posing increased risks of cyber-attacks, data breaches, and other security challenges.

As one of the leading Distribution System Operator (DSO), effort partner, JSC “Prykarpattyaoblenergo” recognizes the critical importance of cybersecurity. This is why they are actively participating in the eFORT project, funded by the European Union, to enhance the resilience and reliability of power grids against cyber threats, physical failures, and data protection issues.

Their commitment to innovation and security is demonstrated by their extensive infrastructure: over 26,000 kilometres of power transmission lines, more than 6,700 transformer substations, and the transmission of approximately 2.7 billion kilowatt-hours of electricity annually across nearly 14,000 square kilometres. With a dedicated team of over 3,000 employees, they ensure the provision of reliable power to homes and businesses in the Ivano-Frankivsk region of Ukraine.

Detailing of certain equipment of the test stand

The eFORT project aims to develop technological solutions for detecting, preventing, and mitigating risks and vulnerabilities within power systems. JSC “Prykarpattyaoblenergo” plays a pivotal role as a demonstration site for testing a cutting-edge software/hardware solution designed to encrypt data exchange between high-voltage substations and the grid operator. This includes the Secure Box, which will be tested in a laboratory setting that mimics the operational environment of our high-voltage substations. The testing encompasses both state-of-the-art equipment provided by Schneider Electric and older, yet widely used, equipment in Ukraine’s power grids.

Currently, the DSO is focused on creating and configuring the test bench to emulate the entire substation control chain—from the grid dispatcher’s computer with an active SCADA scheme to the high-voltage switch at the substation. The primary focus is on the command transmission link from the central dispatch centre to the remote substation, where the Secure Box will be installed and tested.

 Part of the schematic of a real power grid in the SCADA system for testing

Another significant aspect of JSC “Prykarpattyaoblenergo ‘s involvement in the eFORT project is the development of enhanced security designs for high-voltage substations using BIM technology. In collaboration with iSolutions, they conducted a comprehensive three-dimensional scan of the Iltsi Substation 110/35/10kV, generating a highly detailed point cloud. Based on this data, CIRCE will create a detailed 3D model of the substation to showcase the benefits of the latest BIM methodology in improving substation security design.

In today’s world, JSC “Prykarpattyaoblenergo” is acutely aware of the severe threats posed by attacks on power grid management systems, which can result in significant financial losses and even human casualties. Their active participation in the eFORT project not only contributes to the advancement of critical infrastructure protection technologies but also strengthens the resilience of energy companies against future cyber challenges. This initiative allows DSO to gain valuable experience from the European Union in critical infrastructure protection, reinforcing our commitment to safeguarding the power grid.

Through these efforts, JSC “Prykarpattyaoblenergo” is at the forefront of enhancing cybersecurity in the power sector, ensuring a more secure and reliable power supply for the future.

Contact us

Follow us on:

Empowering Energy Security: Cuerva’s Innovations in the eFORT Project

Welcome to an insightful exploration of Cuerva’s pivotal role within the eFORT project, aimed at fortifying the security and resilience of European energy networks. In this article, we invite you to join us on a journey through Cuerva’s contributions to this groundbreaking initiative. We’ll delve into the innovative solutions and collaborative endeavours driving the enhancement of energy grid security, showcasing Cuerva’s commitment to innovation and sustainability in the energy transition.

As a valued partner in the eFORT project consortium, Cuerva brings expertise, dedication, and a user-centred approach to the table. Throughout this article, we’ll uncover Cuerva’s multifaceted engagement, from pinpointing vulnerabilities to implementing robust security measures. Join us as we explore how Cuerva’s involvement in the eFORT project is shaping a more resilient energy future for Europe.

The objective of the European-funded Project eFORT is clear: enhance the resilience and security of European energy networks. This entails strengthening defences against potential failures, cyber-attacks, and privacy breaches.

To achieve this objective, CUERVA is deploying a comprehensive suite of solutions designed to identify, prevent, and remediate any vulnerabilities within the system. What’s noteworthy is that these efforts will not remain confined within the confines of closed doors. Instead, they intend to showcase these solutions at various levels, including Transmission System Operators (TSOs), Distribution System Operators (DSOs), and end users alike.

As mentioned above, Cuerva plays a pivotal role in this project. They are not mere spectators but active participants, deeply involved in the implementation process. From pinpointing system vulnerabilities to establishing sophisticated security measures, their commitment spans every aspect of the project. Ultimately, their aim is to ensure the energy grid’s robustness, reliability, and inclusivity for all stakeholders.

Cuerva’s engagement in the project operates on multiple fronts. Within the realm of Internet of Things (IoT), their focus lies in assessing vulnerabilities within the CUERVA Living Lab. Using a methodical approach, they identify potential weaknesses and develop strategies to mitigate attacks on distributed resources. This entails crafting action plans to preemptively thwart such threats and devising cybersecurity algorithms tailored to address specific issues. Additionally, they simulate various failure scenarios stemming from these attacks to evaluate the power grid’s responsiveness and resilience.

  • On the user front, their responsibilities include overseeing user management and ensuring secure access to the system. Moreover, they actively monitor user activity and facilitate the seamless integration of custom Distribution System Operator (DSO) systems into microgrids and network segments, enhancing overall security and operational efficiency.
  • At the industrial level, they conduct rigorous testing of the SecureBox within the framework of the Intrusion Detection System/Intrusion Prevention System (IDS/IPS). This involves closely monitoring the status of smart meters, including the timely deployment of security patches and the prompt detection of alarms and emergency functions. By seamlessly integrating these components into existing infrastructures, they ensure robust monitoring capabilities and enable swift responses to potential threats.
Here you can see an image of the Flow diagram between the data that the substation provides to the SecureBox, how it is sent to the intelligent platform and closing the loop the developed algorithm can protect the substation.

To tackle the identified challenges and leverage the associated opportunities, Cuerva is adopting a comprehensive strategy that addresses both user-centric aspects and critical infrastructure, including digital substations. This approach is aimed at fortifying the security and privacy of communication networks, modernising distribution automation infrastructure, and developing cutting-edge tools for threat detection and response.

Key Challenges and Opportunities at the User Level with High Distributed Energy Resources (DER) Penetration:

  • – Addressing privacy and security concerns within communication networks.
  • – Reinforcing subsystems within Power Electric Systems to accommodate the presence of distributed resources.
  • – Upgrading distribution automation infrastructure to bolster security measures.

Key Challenges and Opportunities related to Critical Infrastructure and Digital Substations:

  • – Conducting a thorough analysis of threats and assessing the impact of attacks such as malicious documents (maldocs), Remote Access Trojans, or IoT malware on system stability.
  • – Identifying and evaluating security technologies applicable to digital substations to enhance the overall robustness of automation systems.
  • – Updating IoT devices in the network, including devising plans for renewal and scalability.
  • – Ensuring seamless connectivity of remote access points, current transformers (CT), and substations.
  • – Developing tools for detecting and responding to attacks or intrusions.
  • – Strengthening security measures in automated digital substations.- Implementing automated response mechanisms to mitigate potential threats.

In the upcoming months, Cuerva will initiate the provision of distribution network data to our technology developer partners. This real-world data will serve as the foundation for training our Intrusion Detection System (IDS) device. An IDS is a cybersecurity tool that monitors network traffic or system events to detect and prevent malicious activities. Our IDS device will operate in both network (NIDS) and host (HIDS) modes, with capabilities for both detection and prevention. It employs methods such as signature analysis and behaviour monitoring to safeguard against threats.

Cuerva will leverage this real data to train our IDS device, comparing it with compromised fictitious data to enhance its efficacy. Subsequent communications will delve into the detailed development and implementation plans for these solutions, all within the overarching framework of the eFORT project.

We firmly believe that these efforts will lead to a significant strengthening of our infrastructure, both physical and data-related, as we prepare for future challenges. These developments will serve as a cornerstone, setting precedents that can be applied across other substations and segments of the electric distribution network.

Contact us

Follow us on:

Press release: eFORT project develops a digital twin of the grid to increase cybersecurity

The eFORT project, initiated in September 2022 and funded by Horizon Europe, is making significant steps in enhancing the resilience, security, and sustainability of European power grids for the present and future generations. Besides aiming to tackle both cyber-attacks and physically occurring threats, eFORT also focuses on contributing to an interconnected energy landscape and implementing their solutions by embracing a greener energy mix. 

Deepening the overall impact of eFORT, the project is developing a groundbreaking Digital Twin at the Dutch demo site, coordinated by TenneT and the Delft University of Technology. Digital Twin technology is a dynamic and innovative concept aimed at fortifying the operational resilience of interconnected power grids to cyber-attacks. This technology, while currently in progress, holds the potential to revolutionise grid security by not only preventing cascading failures but also facilitating power system restoration, in case of power outages. 

The Digital Twin involves a sophisticated communication aspect and dynamic system modelling.

“Accurately capturing the condition of the system in real-time helps in creating a power system analysis for different scenarios, that can be used for mitigating cascading failures.”

as Alex Stefanov from TuD explains.

This technology acts as a proactive defence mechanism, utilising artificial intelligence tools such as graph neural networks and machine learning techniques, and by foreseeing potential threats, it can safeguard the resilience of the grid in the face of cyber-attacks.

Up until now, the eFORT project has completed foundational work and proof of concept, progressing toward implementation in a realistic test network. 

“While digital twin technology enables many advantages, the primary emphasis of the eFORT project is not only the building of a digital twin itself but rather the development of digital twin-based applications”

says Matija Naglic from TenneT.

The eFORT project, with its comprehensive approach, is not merely addressing challenges but actively shaping the future outlook of European grid resilience.

Contact us

Follow us on:

eFORT’s Innovative Approach to European Cybersecurity in Energy Grids

In a time when digital transformation is affecting the European landscape of cybersecurity rapidly, creating more secure and resilient infrastructures is at the top of the agenda in the EU. That is why eFORT, a collaborative initiative involving 23 partners and 9 countries from across the European Union, is making significant steps to strengthen cybersecurity in interconnected power grids and ensure uninterrupted energy supply. 

Learning from the Past, Preparing for the Future

Recent events, such as the cyberattack on Ukraine’s power grid in 2022 serve as a reminder of potential vulnerabilities and therefore the increasing urgency to protect and fortify power grid systems. Researchers have tied the attack to Russian cyber spies, whose hack resulted in a disruption of part of Ukraine’s power grid. This undoubtedly underscores the need for collaboration and innovative solutions to safeguard critical infrastructure and ensure resilience. Alex Stefanov from the eFORT partner, Delft University of Technology highlights, that “as the cyber threats are becoming more prominent, awareness is needed, and we need to work together to respond and be prepared”.

EU Regulations: A Pivotal Shift towards Cybersecurity

In an effort to address and prevent these and similar challenges, the EU has implemented two pivotal regulations: the Network Code on Cybersecurity and the EU Cyber Resilience Act, which act as a meaningful step for grid operators as well, influencing TSOs and DSOs. The aim of the former is “to set a European standard for the cybersecurity of cross-border electricity flows”, by including actions such as assessment, minimum requirements, cybersecurity certifications, and crisis management, to mention some. The essence of the Cyber Resilience Act is to ensure the cybersecurity of both products and software with a digital component. The purpose is to protect consumers and businesses, by establishing mandatory requirements for manufacturers and retailers, and addressing insufficient safety levels. These regulations also enable system operators in Europe to be more prepared in the face of threats, and for all relevant actors to work together efficiently. “Historically, we are doing very well – in the Netherlands we have not had a cyber-attack that has caused a blackout in the grid, and new regulations are responding to the changing environment in which we operate,” says Matija Naglic from the eFORT partner, TenneT.

Pioneering Tomorrow: eFORT’s Holistic Approach to Cybersecurity

As the Horizon-Europe funded eFORT progresses, it is pioneering a comprehensive and holistic approach to securing Europe’s energy grid. Applying new operational technologies, eFORT is demonstrating collaboration and innovation in the broader cybersecurity landscape, working against cyberattacks, physical disturbances and failures, and data privacy issues. Solutions by the project are demonstrated across four pilot sites in Europe, including Spain, Netherlands, Italy and Ukraine. Addressing vulnerabilities against failures, utilising data confidentiality procedures and blockchain layers, developing secure-by-design technologies, deploying intelligent platforms, such as intrusion detection systems and digital twin of the substation are a few of the advanced strategies eFORT is implementing.

Digital Twin Revolution: A Dynamic Shield Against Cyber Threats

The digital twin, an advanced and progressive concept, serves as a dynamic, real-time model of power grid conditions, enabling advanced cybersecurity measures, and striving for future grid operator training. Thanks to the digital twin, as Alex Stefanov explains, “every five seconds we know how the system changes, and we can use this to do power system analysis in our analysis for various scenarios on how cyberattacks can result in different cascading failures or a blackout”. This means that the digital twin solution plays a crucial role in preventing these potential failures resulting from cyber threats, as well as in restoring the power system.

Beyond Challenges: eFORT’s Vision for a Secure Energy Future

The project not only addresses immediate cybersecurity challenges but also sets the foundation for a future where innovative solutions safeguard Europe’s electrical grid system against emerging threats through a collaborative framework and shared commitment by partners.

Interview with eFORT’s technical coordinator

The eFORT project is not just about securing the electrical grid; it’s about securing the future of our societies. As Europe strives for a more sustainable and interconnected energy landscape, the eFORT project and the people behind it strive to ensure that Europe’s power system remains secure, reliable, and sustainable in the long run.

In this interview Jesús Torres, eFORT’s technical coordinator and Director of the ICT integration group at CIRCE, shares his insights about the eFORT project.

Can you tell what eFORT is about?

This electricity system faces a broad variety of threats, both in terms of cybersecurity and physical or other kinds of threats, such as extreme weather events, manmade hazards or equipment failures. Digital transition is already a reality, and a key to this critical system. At the same time, according to the European Commission, cyberattacks have increased by 400% in the last few years.

In eFORT, we address these issues and aim to make the electricity system more secure, reliable and sustainable in the future. For this purpose, we will develop a very comprehensive and versatile range of technologies, with a security-by-design approach. These technologies will help us to identify, prevent and mitigate risks and vulnerabilities in power grids.

What is unique about the eFORT approach?

In the project, we encounter a high diversity of information system and tools, which we address by setting up the rules for the eFORT integration platform from the very beginning. Instead of a central platform setting up the rules for our demo sites, users and data management, we do it the other way around. Our focus is on the users, systems and needs in each demo, and ensuring their interoperability with data collection and representation in our central systems. This will enable us to develop a common framework and to produce significant contributions to the regulations activities of the European Commission.

How will the solutions be demonstrated?

To test the solutions, we will deploy four demo sites which are located in the Netherlands, Ukraine, Spain and Italy.

The demo in the Netherlands, hosted by TU Delft, represents a complete section of the transmission area of our power system. It consists of a digital twin for this section and a real size and self-contained control room of the futures, a great field to set up training activities.

There is also a demo site in Spain, which covers the distribution system. It sets the focus on distributed energy resources and the users in terms of demand response control incentivization. For that, we will also test and validate security responses and resilience of IoT devices.

The Italian site is a complete section of medium and low voltage of the distribution network. This demo is more focused on automation and resilience action of the grid, and electrical behavior in terms of blackout recovery, resilience and oscillation response.

And finally, the Ukrainian demo is entirely focused on digital substation. We will set up new technologies to capture and analyze real events and digital traffic of the substation in order to enable, deploy and test intrusion detection system and new machine learning based mechanisms to get advanced security response.

Why do does eFORT address the issues on an European level?

In Europe, the interconnection between states in the energy sector is a really significant aspect of the power system. These critical services are becoming more and more dependent of digital networks and they need to be protected.

Two recent directives have been enacted by the European Commisison to standardize and establish a minimum set of rules, and to have a common framework to respond to the risks. eFORT aims to contribute to the standardization, and international coordination is crucial because we are talking about cross-border applications.

Finally, unfortunately, the aggression against Ukraine has shown how attacks on critical infrastructure, and in particular on energy infrastructures, have now a hybrid nature, both cyber and physical, and are considered key actions to damage the stability and resources of a country.

How will the project benefit European citizens?

Securing and enhancing the resilience of the electrical power system has a direct impact on the everyday lives of European citizens. A few specific examples of this impact are safe energy supply, more stable prices, and reduced dependence on specific energy sources. This also paves the way for a greener energy mix that is carbon reduced and more climate friendly, embracing renewable energy sources.

Additionally, the prevention of incidents and risks, while often unnoticed, plays a critical role in ensuring the continuity of services. Proactive measures ensure the resilience and security of the electrical grid, and the successful prevention of accidents, even if it is considered a silent success.

eFORT’s approach is to ensure that the power grid can handle the fluctuating nature of renewables and maintain stability in the face of unique challenges, regardless of the energy source.

Press release: eFORT project to enhance European electrical grid security and resilience

The Horizon Europe funded eFORT project, launched in September 2022, aims to improve European grid security on both cyber and physical levels. The project was prompted by a multitude of challenges to the grid, posed by climate change, green transition, and human-induced hazards.

To address attacks and disruptive events, eFORT aims to provide a clear picture of vulnerabilities and major threats and develop a set of solutions. The solutions include an intelligent platform and the use of digital twins for the Control Room of the Future to train future grid operators. As part of the project, data confidentiality procedures and blockchain layers will be used to increase security and privacy in grid data management.

Results from the project will be tested and validated in four distinct demo cases across Europe. These include transmission networks in the Netherlands, remote distribution grids in Northern Italy, and digital substations in Ukraine and microgrids in Spain. The comprehensive approach aims to ensure the applicability of the eFORT solutions to a wide range of grid scenarios.

The project combines a unique set of expertise in the fields of physical protection and cybersecurity of the grids. Bringing together a consortium of 23 leading organizations, comprising key players in the energy industry, universities, research institutes, and consultancies, eFORT aims to enhance the resilience and security of European energy systems, benefitting all layers of society. The €9 million project is funded by the European Union Horizon Europe Research and Innovation Programme, Grant Agreement number 101075665.

Quick facts:

  • Duration: 1 September 2022 – 31 August 2026
  • Demonstration sites: Escúzar, Spain; the Netherlands; Sarentino Valley, Italy;
    Iltsi, Ukraine
  • eFORT is funded by the European Union Horizon Europe Research and Innovation Programme, Grant Agreement number 101075665.

For media inquiries and further information, please contact the project coordinator:

Fundacion CIRCE





eFORT at ARES conference 2023

ARES conference (International Conference on Availability, Reliability and Security) was organized in Benevento Italy in 29 August – 1 September 2023 to bring together researchers and practitioners in the field of IT security and privacy.

In conjunction with the conference, eFORT co-organized a workshop Electrical Power and Energy Systems Safety, Security and Resilience together with sister projects ELECTRON and RESIli8.

eFORT was represented in the workshop and event by the Dutch applied research organization TNO. Yoram Meijaard (Cybersecurity Consultant) was a panelist in a panel discussion with the topic “Main challenges regarding current and future cybersecurity in the Electrical Power and Energy Systems (EPES) sector”.

Moreover, Swarna Kumarswamy-Das (Cybersecurity Scientist, TNO, the Netherlands) presented on Incident Response and Resilience Actions in EPES.

See the full presentation:

More information about the conference:

eFORT joins BRIDGE and attends the 2023 General Assembly in Brussels

We are pleased to announce that eFORT is now a member of BRIDGE. This week, we will participate in the hybrid General Assembly for the first time. eFORT will be represented online by the coordinator CIRCE, SUITE5, RINA-C, and Smart Innovation Norway, and in Brussels by Elvira Sánchez from the European Network for Cyber Security.

BRIDGE is a European Commission initiative which brings together Horizon projects in the fields of Smart Grids, Digitalisation, Energy Storage and Islands to create a structured view of cross-cutting challenges to innovation. Since the establishment of BRIDGE, it has had more than 90 member projects.

As part of BRIDGE, the project representatives meet regularly to discuss and develop analyses and reports aimed at resolving common problems. The outputs also support the elaboration of EU directives.

Being part of BRIDGE is an exciting opportunity for eFORT to gain and exchange knowledge with other projects. eFORT will be represented in all four working groups: Business Models, Consumer and Citizen Engagement, Regulation and Data Management.

More information about the BRIDGE initiative:

bridge brochure

eFORT joins the European Cluster for Securing Critical Infrastructures

We are happy to announce that eFORT is now a member of the European Cluster for Securing Critical Infrastructures (ECSCI).

ECSCI creates synergies and fosters emerging disruptive solutions to security issues via cross-project collaboration and innovation. Its research activities focus on how to protect critical infrastructures and services, highlighting the different approaches between the clustered projects and establishing tight and productive connections with closely related and complementary EU Horizon projects.

One of the key components of eFORT is collaboration and engagement with relevant stakeholders, initiatives and projects. As part of ECSCI, the eFORT partners seek to collaborate with the cluster projects to reach our common goals and to maximise our impact.

The cluster has published joint scientific publications, open books, contributed to standards and regulations on critical infrastructures. It also organises national and international workshops.

For more information on the cluster projects, results, events and contacts, please visit the ECSCI website:

Follow eFORT on Linkedin and Twitter to stay updated.

eFORT presented at Barcelona Cybersecurity Congress

During the 21st century, the number of blackouts in the electrical power and energy systems has been increasing in Europe. The issues can be caused by physical failures, such as storms, but also increasingly often by cyberattacks.

BCN Cybersecurity Congress eFORT electric grids

Dr. Gregorio López from the eFORT partner Comillas University presented eFORT’s approach to improving cybersecurity in electrical grids at the Barcelona Cybersecurity Congress on 2 February 2023.

He discussed the recent demand side attacks and MadIoT attacks (manipulation of demand via Internet of Things). In addition, he presented some of the recent literature and research questions concerning the topic.

See Dr. Gregorio López’s full presentation below.

Follow eFORT on Linkedin and Twitter to stay updated.