Empowering Energy Security: Cuerva’s Innovations in the eFORT Project

Welcome to an insightful exploration of Cuerva’s pivotal role within the eFORT project, aimed at fortifying the security and resilience of European energy networks. In this article, we invite you to join us on a journey through Cuerva’s contributions to this groundbreaking initiative. We’ll delve into the innovative solutions and collaborative endeavours driving the enhancement of energy grid security, showcasing Cuerva’s commitment to innovation and sustainability in the energy transition.

As a valued partner in the eFORT project consortium, Cuerva brings expertise, dedication, and a user-centred approach to the table. Throughout this article, we’ll uncover Cuerva’s multifaceted engagement, from pinpointing vulnerabilities to implementing robust security measures. Join us as we explore how Cuerva’s involvement in the eFORT project is shaping a more resilient energy future for Europe.

The objective of the European-funded Project eFORT is clear: enhance the resilience and security of European energy networks. This entails strengthening defences against potential failures, cyber-attacks, and privacy breaches.

To achieve this objective, CUERVA is deploying a comprehensive suite of solutions designed to identify, prevent, and remediate any vulnerabilities within the system. What’s noteworthy is that these efforts will not remain confined within the confines of closed doors. Instead, they intend to showcase these solutions at various levels, including Transmission System Operators (TSOs), Distribution System Operators (DSOs), and end users alike.

As mentioned above, Cuerva plays a pivotal role in this project. They are not mere spectators but active participants, deeply involved in the implementation process. From pinpointing system vulnerabilities to establishing sophisticated security measures, their commitment spans every aspect of the project. Ultimately, their aim is to ensure the energy grid’s robustness, reliability, and inclusivity for all stakeholders.

Cuerva’s engagement in the project operates on multiple fronts. Within the realm of Internet of Things (IoT), their focus lies in assessing vulnerabilities within the CUERVA Living Lab. Using a methodical approach, they identify potential weaknesses and develop strategies to mitigate attacks on distributed resources. This entails crafting action plans to preemptively thwart such threats and devising cybersecurity algorithms tailored to address specific issues. Additionally, they simulate various failure scenarios stemming from these attacks to evaluate the power grid’s responsiveness and resilience.

  • On the user front, their responsibilities include overseeing user management and ensuring secure access to the system. Moreover, they actively monitor user activity and facilitate the seamless integration of custom Distribution System Operator (DSO) systems into microgrids and network segments, enhancing overall security and operational efficiency.
  • At the industrial level, they conduct rigorous testing of the SecureBox within the framework of the Intrusion Detection System/Intrusion Prevention System (IDS/IPS). This involves closely monitoring the status of smart meters, including the timely deployment of security patches and the prompt detection of alarms and emergency functions. By seamlessly integrating these components into existing infrastructures, they ensure robust monitoring capabilities and enable swift responses to potential threats.
Here you can see an image of the Flow diagram between the data that the substation provides to the SecureBox, how it is sent to the intelligent platform and closing the loop the developed algorithm can protect the substation.

To tackle the identified challenges and leverage the associated opportunities, Cuerva is adopting a comprehensive strategy that addresses both user-centric aspects and critical infrastructure, including digital substations. This approach is aimed at fortifying the security and privacy of communication networks, modernising distribution automation infrastructure, and developing cutting-edge tools for threat detection and response.

Key Challenges and Opportunities at the User Level with High Distributed Energy Resources (DER) Penetration:

  • – Addressing privacy and security concerns within communication networks.
  • – Reinforcing subsystems within Power Electric Systems to accommodate the presence of distributed resources.
  • – Upgrading distribution automation infrastructure to bolster security measures.

Key Challenges and Opportunities related to Critical Infrastructure and Digital Substations:

  • – Conducting a thorough analysis of threats and assessing the impact of attacks such as malicious documents (maldocs), Remote Access Trojans, or IoT malware on system stability.
  • – Identifying and evaluating security technologies applicable to digital substations to enhance the overall robustness of automation systems.
  • – Updating IoT devices in the network, including devising plans for renewal and scalability.
  • – Ensuring seamless connectivity of remote access points, current transformers (CT), and substations.
  • – Developing tools for detecting and responding to attacks or intrusions.
  • – Strengthening security measures in automated digital substations.- Implementing automated response mechanisms to mitigate potential threats.

In the upcoming months, Cuerva will initiate the provision of distribution network data to our technology developer partners. This real-world data will serve as the foundation for training our Intrusion Detection System (IDS) device. An IDS is a cybersecurity tool that monitors network traffic or system events to detect and prevent malicious activities. Our IDS device will operate in both network (NIDS) and host (HIDS) modes, with capabilities for both detection and prevention. It employs methods such as signature analysis and behaviour monitoring to safeguard against threats.

Cuerva will leverage this real data to train our IDS device, comparing it with compromised fictitious data to enhance its efficacy. Subsequent communications will delve into the detailed development and implementation plans for these solutions, all within the overarching framework of the eFORT project.

We firmly believe that these efforts will lead to a significant strengthening of our infrastructure, both physical and data-related, as we prepare for future challenges. These developments will serve as a cornerstone, setting precedents that can be applied across other substations and segments of the electric distribution network.

Contact us


Follow us on:

eFORT’s Innovative Approach to European Cybersecurity in Energy Grids

In a time when digital transformation is affecting the European landscape of cybersecurity rapidly, creating more secure and resilient infrastructures is at the top of the agenda in the EU. That is why eFORT, a collaborative initiative involving 23 partners and 9 countries from across the European Union, is making significant steps to strengthen cybersecurity in interconnected power grids and ensure uninterrupted energy supply. 

Learning from the Past, Preparing for the Future

Recent events, such as the cyberattack on Ukraine’s power grid in 2022 serve as a reminder of potential vulnerabilities and therefore the increasing urgency to protect and fortify power grid systems. Researchers have tied the attack to Russian cyber spies, whose hack resulted in a disruption of part of Ukraine’s power grid. This undoubtedly underscores the need for collaboration and innovative solutions to safeguard critical infrastructure and ensure resilience. Alex Stefanov from the eFORT partner, Delft University of Technology highlights, that “as the cyber threats are becoming more prominent, awareness is needed, and we need to work together to respond and be prepared”.

EU Regulations: A Pivotal Shift towards Cybersecurity

In an effort to address and prevent these and similar challenges, the EU has implemented two pivotal regulations: the Network Code on Cybersecurity and the EU Cyber Resilience Act, which act as a meaningful step for grid operators as well, influencing TSOs and DSOs. The aim of the former is “to set a European standard for the cybersecurity of cross-border electricity flows”, by including actions such as assessment, minimum requirements, cybersecurity certifications, and crisis management, to mention some. The essence of the Cyber Resilience Act is to ensure the cybersecurity of both products and software with a digital component. The purpose is to protect consumers and businesses, by establishing mandatory requirements for manufacturers and retailers, and addressing insufficient safety levels. These regulations also enable system operators in Europe to be more prepared in the face of threats, and for all relevant actors to work together efficiently. “Historically, we are doing very well – in the Netherlands we have not had a cyber-attack that has caused a blackout in the grid, and new regulations are responding to the changing environment in which we operate,” says Matija Naglic from the eFORT partner, TenneT.

Pioneering Tomorrow: eFORT’s Holistic Approach to Cybersecurity

As the Horizon-Europe funded eFORT progresses, it is pioneering a comprehensive and holistic approach to securing Europe’s energy grid. Applying new operational technologies, eFORT is demonstrating collaboration and innovation in the broader cybersecurity landscape, working against cyberattacks, physical disturbances and failures, and data privacy issues. Solutions by the project are demonstrated across four pilot sites in Europe, including Spain, Netherlands, Italy and Ukraine. Addressing vulnerabilities against failures, utilising data confidentiality procedures and blockchain layers, developing secure-by-design technologies, deploying intelligent platforms, such as intrusion detection systems and digital twin of the substation are a few of the advanced strategies eFORT is implementing.

Digital Twin Revolution: A Dynamic Shield Against Cyber Threats

The digital twin, an advanced and progressive concept, serves as a dynamic, real-time model of power grid conditions, enabling advanced cybersecurity measures, and striving for future grid operator training. Thanks to the digital twin, as Alex Stefanov explains, “every five seconds we know how the system changes, and we can use this to do power system analysis in our analysis for various scenarios on how cyberattacks can result in different cascading failures or a blackout”. This means that the digital twin solution plays a crucial role in preventing these potential failures resulting from cyber threats, as well as in restoring the power system.

Beyond Challenges: eFORT’s Vision for a Secure Energy Future

The project not only addresses immediate cybersecurity challenges but also sets the foundation for a future where innovative solutions safeguard Europe’s electrical grid system against emerging threats through a collaborative framework and shared commitment by partners.