Barbara joins Sec2Grid Project to accelerate and improve the process of discovery, detection and mitigation of vulnerabilities in grid devices, as a basis for the specification of cybersecurity management requirements in a Smart Grid system.
Cybersecurity in the electricity grid has become a key element impacting the entire value chain in the electrical sector that only through innovation and adoption of disruptive technologies can be solved. State-of-the-art technologies in digitalization and smart devices now co-exist with legacy technologies that have been designed without considering cybersecurity criteria or with obsolete measures. And so, there is a need of a long-term vision when designing devices, bearing in mind the technological obsolescence of many equipments.
This is why both, the cybersecurity infrastructure that supports the Smart Grid and the elements within, must have the capabilities for the generation, validation, deployment and installation of cybersecurity updates throughout their lifecycle. The equipment of today must continue to be cybersecure at the end of its useful life.
The Sec2Grid project addresses this challenge by proposing a comprehensive operational cybersecurity management system that relies on the verification of updates through digital twins and other innovative technologies.
One of the key aspects of cybersecurity is to perform active cybersecurity incident management, that detect vulnerabilities and correct them early during system operation. This helps reduce the window for cyber attackers greatly.
On-going management of cybersecurity incidents becomes even more important when we refer to critical infrastructures like a Smart Grid, as the impact of a cyberattack can cause serious damage. Bear in mind electrical infrastructures are strongly interconnected and a cyberattack that causes an interruption of service in one part of the electrical system can trigger a chain reaction generating a cascade effect in other parts of the system affecting other critical sectors that require energy supply.
Equipment manufacturers, technology providers, cybersecurity service companies and operators need a communication framework to share early warning information and cooperate in crisis management.
Active incident management in the Smart Grid is a major technological challenge for several reasons:
- Firstly, they are environments with many heterogeneous devices where the technological mix abounds, which adds more complexity to the inventory of components and the management of updates.
- Secondly, it is common for these devices to have time-critical execution requirements or perform critical functions, so the application of updates should not affect their performance.
- And finally, there are often legacy devices without upgrade capabilities.
The main objective of the Sec2Grid project is to provide to the entire electricity value chain with the ability to respond in a coordinated and in a real-time fashion to cybersecurity incidents, affecting the Smart Grid.
Real-time requirements imply that some elements of the electrical infrastructure must respond in milliseconds (or even less) to events which add more complexity to the introduction of cybersecurity mitigation and diagnostic measures, due to the impact they can have on temporal behaviour.
The Sec2Grid project addresses this challenge and proposes new mechanisms by which devices can assess their own cybersecurity status. This also presents the added difficulty of interoperability and deployment in heterogeneous devices.
Barbara as a leading Edge Platform in the electricity sector will be in charge of orchestrating the entire infrastructure for the verification, deployment and continuous monitoring of cybersecurity updates, as well as Predictive Artificial Intelligence models.
Cybersecurity incidents often imply the need to perform updates in the equipment deployed in the field. To this end, it is proposed to perform the verification and validation of the updates through Barbara´s technology based on a virtualization model that will facilitate the implementation of a strategy of continuous updates.
Once the updates have been deployed, it is essential to perform ongoing system monitoring to ensure the behaviour is, as expected. This last point will be addressed from an artificial intelligence perspective to facilitate rapid adaptation to continuous upgrades.
The end result of the project will be the implementation of an Edge infrastructure that supports a federated threat intelligence and a comprehensive cybersecurity incident management service.
This infrastructure will be composed by cognitive identification and early threat detection agents, a virtualized validation and verification system for cybersecurity updates, and a continuous deployment system for cybersecurity updates.
Finally, the results of the innovation will be taken as a basis for the specification of the cybersecurity management requirements for a Smart Grid System. The particular features of the Smart Grid makes it necessary to define a common strategy and develop global tools to address the cybersecurity updates of the numerous and heterogeneous electronic devices in an agile way.
After an upgrade installation, is vital to ensure the continuity of operations. For the latter, the necessary infrastructure will be designed to detect anomalies that allow not only to report any discrepancy with the expected operation of the equipment, but also to anticipate them through predictive models based on Machine Learning and Artificial Intelligence.
To this end, the possibility of distributed data processing is considered fundamental, allowing less centralized and lighter structures and more secure and almost real-time responses. Also, during the verification of the update in a virtualized environment, the models that will later govern the detection of anomalies can be trained.
The Sec2Grid project is led by Iberdrola, the fourth largest electricity company in the world in market capitalization dedicated to the production, distribution and energy retail. Its role is key to the coordination of the entire value chain and the design of collaborative technology solutions across equipment manufacturers and technology providers such as BARBARA.
Barbara's Industrial Edge Platform is designed to deploy Artificial Intelligence at the edge in a cybersecure manner a. It enables the execution of Artificial Intelligence in the field, so that stakeholders can abstract from connectivity and communication frameworks, cybersecurity and IT infrastructure and focus on executing and managing their algorithms.
Barbara's Edge platform provides the infrastructure that enables:
• Cybersecure artificial intelligence at the Edge.
• Remote deployment and management of cybersecure edge nodes and their algorithms.
• Intellectual property protection of artificial intelligence deployed at the edge.
• The coexistence of multi-author algorithms at the edge.
If you also want to Be Smart Grid Ready, request a demo.
Hazitek is an R&D&I program of SPRI aimed at promoting Research and Development Projects, both in SMEs and in large companies and associations of Basque companies.
The R&D project carried out by INGETEAM POWER TECHNOLOGY S.A., entitled "New intelligent electronic devices for an electrical distribution network more secure against cyber-attacks" has been co-financed by the Basque Government and the European Union through the European Regional Development Fund 2021-2027 (ERDF).
SEC2GRID is a project that aims to provide the entire value chain of the electricity sector with the capacity to respond in a coordinated and rapid manner to cybersecurity incidents affecting the Smart Grid. It is a multi-year (2022-2024) strategic industrial research collaboration project involving the following entities and/or agents of the Basque Science, Technology and Innovation Network.