In a time when digital transformation is affecting the European landscape of cybersecurity rapidly, creating more secure and resilient infrastructures is at the top of the agenda in the EU. That is why eFORT, a collaborative initiative involving 23 partners and 9 countries from across the European Union, is making significant steps to strengthen cybersecurity in interconnected power grids and ensure uninterrupted energy supply.
Learning from the Past, Preparing for the Future
Recent events, such as the cyberattack on Ukraine’s power grid in 2022 serve as a reminder of potential vulnerabilities and therefore the increasing urgency to protect and fortify power grid systems. Researchers have tied the attack to Russian cyber spies, whose hack resulted in a disruption of part of Ukraine’s power grid. This undoubtedly underscores the need for collaboration and innovative solutions to safeguard critical infrastructure and ensure resilience. Alex Stefanov from the eFORT partner, Delft University of Technology highlights, that “as the cyber threats are becoming more prominent, awareness is needed, and we need to work together to respond and be prepared”.
EU Regulations: A Pivotal Shift towards Cybersecurity
In an effort to address and prevent these and similar challenges, the EU has implemented two pivotal regulations: the Network Code on Cybersecurity and the EU Cyber Resilience Act, which act as a meaningful step for grid operators as well, influencing TSOs and DSOs. The aim of the former is “to set a European standard for the cybersecurity of cross-border electricity flows”, by including actions such as assessment, minimum requirements, cybersecurity certifications, and crisis management, to mention some. The essence of the Cyber Resilience Act is to ensure the cybersecurity of both products and software with a digital component. The purpose is to protect consumers and businesses, by establishing mandatory requirements for manufacturers and retailers, and addressing insufficient safety levels. These regulations also enable system operators in Europe to be more prepared in the face of threats, and for all relevant actors to work together efficiently. “Historically, we are doing very well – in the Netherlands we have not had a cyber-attack that has caused a blackout in the grid, and new regulations are responding to the changing environment in which we operate,” says Matija Naglic from the eFORT partner, TenneT.
Pioneering Tomorrow: eFORT’s Holistic Approach to Cybersecurity
As the Horizon-Europe funded eFORT progresses, it is pioneering a comprehensive and holistic approach to securing Europe’s energy grid. Applying new operational technologies, eFORT is demonstrating collaboration and innovation in the broader cybersecurity landscape, working against cyberattacks, physical disturbances and failures, and data privacy issues. Solutions by the project are demonstrated across four pilot sites in Europe, including Spain, Netherlands, Italy and Ukraine. Addressing vulnerabilities against failures, utilising data confidentiality procedures and blockchain layers, developing secure-by-design technologies, deploying intelligent platforms, such as intrusion detection systems and digital twin of the substation are a few of the advanced strategies eFORT is implementing.
Digital Twin Revolution: A Dynamic Shield Against Cyber Threats
The digital twin, an advanced and progressive concept, serves as a dynamic, real-time model of power grid conditions, enabling advanced cybersecurity measures, and striving for future grid operator training. Thanks to the digital twin, as Alex Stefanov explains, “every five seconds we know how the system changes, and we can use this to do power system analysis in our analysis for various scenarios on how cyberattacks can result in different cascading failures or a blackout”. This means that the digital twin solution plays a crucial role in preventing these potential failures resulting from cyber threats, as well as in restoring the power system.
Beyond Challenges: eFORT’s Vision for a Secure Energy Future
The project not only addresses immediate cybersecurity challenges but also sets the foundation for a future where innovative solutions safeguard Europe’s electrical grid system against emerging threats through a collaborative framework and shared commitment by partners.