DEFENDER will adapt, integrate, upscale, deploy and validate a number of different technologies and operational blueprints with a view to develop a new approach to safeguard existing and future European CEI operation over cyber-physical-social threats, based on a) novel protective concepts for lifecycle assessment, resilience and self-healing offering “security by design” and b) advanced intruder inspection and incident mitigation systems.
Moreover, DEFENDER will create a culture of security, where trusted information exchange between trained employees and volunteers will complement cyber-physical protection, while preserving the privacy of the citizens involved.
To achieve its vision, DEFENDER will implement the four strategies:
- Assess Risk. This strategy gives to energy sector asset owners, utilities and service providers a thorough understanding of their current security posture, enabling them to continually assess evolving cyber/physical threats and vulnerabilities, their risks, and potential countermeasures.
- Protective measures to reduce risk by design. New protective (proactive) measures will be developed to reduce system risks (including vulnerabilities and emerging threats). These measures will be built into next-generation CEI and will help the electricity infrastructures stakeholders to offer CEI “defence in depth and by design” and offer components that are interoperable, extensible, and able to operate even in a degraded condition during a cyber incident.
- Manage Incidents. Managing incidents is critical, as physical disasters can be generalized, cyber assaults can be sophisticated and at the end any system can become vulnerable to emerging threats as absolute security is not possible. When protective measures are not applied or fail to prevent an incident, detection, remediation, recovery, and restoration activities should minimize its impact and quickly return to normal operations.
- Build a Culture of Security. Post-incident analysis and forensics enable CEI stakeholders to learn from the incident. Integrated with reliability practices, risk management practices will be periodically reviewed and challenged to confirm that established security controls remain in place, while physical and cyber-security best practices should be disseminated at pan-European level.