DENSEK – Securing The Grid Against Cyber Threats

The Distributed ENergy SEcurity Knowledge (DENSEK) project is aiming to improve the cyber security and resilience of Europe’s energy grids.
Published: Thu 30 Oct 2014

The smartening of the electricity grid with software and IT components is opening up the potential for a new level of cyber crime – affecting not just individuals or organizations but towns and cities and even parts of countries.

Protecting the grid from cyber crime

This is the background to the DENSEK project, which is now being implemented as part of the European Union initiated Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks (CIPS) program designed to protect citizens and critical infrastructures from terrorist attacks and other security incidents.

“The rollout of more and more smart components in the electricity grid, often accessible via internet, like computers, sensors and smart meters, increases the vulnerability for cyber threats,” explains program manager Bert Heerbaart. “In the near future, our total energy supply chain will be more interconnected than ever before. This interconnectedness will make the smart energy grid a very attractive target for privacy and security incidents and cyber attacks. Such threats and vulnerabilities have significant consequences for the reliability of our energy grid and could cause a European blackout.”

DENSEK was initiated in July 2013 as a two-year project with the aim to improve the cyber resilience of the electricity grid.

“The only way to prevent these kinds of disasters is to implement privacy and cyber security measures alongside our efforts to improve and interconnect the smart energy grid,” Heerbaart continues. “Steep learning curves and adoption rates will be necessary, but this can only be achieved by international collaboration among trusted parties. We must work together.”

DENSEK has three specific deliverables:

● European Energy Information Sharing and Analyses Centre (EE-ISAC),

● Situation Awareness Network, and

● Information Sharing Platform.

Project partners include the Dutch utility Alliander, which is coordinating the project, Enel’s Engineering and Innovation subsidiary and the Global Cyber Security Center from Italy, the Eindhoven-based IT security solution company SecurityMatters, and the University of Gdańsk from Poland.

Cyber security in Europe

Heerbaart, who will be giving an update on DENSEK at the upcoming European Utility Week, says that while there hasn’t been a blackout resulting from a cyber attack in Europe yet, the number of attempts and successful (smaller) incidents has been growing with at least the same speed as smart grid technologies are being rolled out

“Cyber security can still improve significantly, with many companies not prepared for a serious cyber breach,” states Heerbaart. “The first step, creating awareness, is well under way. The second step, implementing preventive measures, is now on the agenda of many energy companies but still not all. The third step, however, concerning preparedness for a successful cyber attack, is only at the agenda of a  small number of companies.”

European Energy ISAC

The overall goal of DENSEK is to establish the EE-ISAC, reliant on a trusted community of stakeholders who share information on threats, vulnerabilities and incidents. The DENSEK approach calls on us to work together in partnership with energy supply chain stakeholders to co-develop the EE-ISAC. DENSEK uses a group of key stakeholders as a reference group to gather information about their needs and requirements. The go live of the EE-ISAC is due in July 2015.

The EE-ISAC will also host the other two project deliverables. The Situation Awareness Network is developed for early stage identification and alerts of cyber attacks and threats to EE-ISAC members, enabling them to proactively take mitigating actions the moment a threat occurs anywhere in Europe.

The Information Sharing Platform will enable the EE-ISAC members to connect to one another by forming trusted groups to further discuss threats and incidents. Members will share critical information via this trusted online environment. This complements the physical meetings of the EE-ISAC where information is shared via the well-known traffic light protocol.

“Ultimately the biggest challenge is not technology,” says Heerbaart. “The biggest challenge is trust. We need to change our behaviour. We need to learn to trust and be willing to share vital information among peers and across stakeholder groups.”

Improving cyber security

“With these deliverables the European Energy ISAC will help to improve the cyber security of each member, and their preparedness in case something goes wrong. Furthermore, it reduces the amount of money energy companies would have to spend on cyber security systems in a standalone scenario, not being a member of the EE-ISAC,” says Heerbaart.

“We urgently have to prioritize cyber security on the agenda of companies rolling out smart grids in order to avoid a serious incident with potentially massive consequences. The EE-ISAC is an important step forwards on this path towards improved cyber resilience.”