Project Name: Cyber Securing Energy dAta Services
CyberSEAS (Cyber Securing Energy dAta Services) aims to improve the overall resilience of energy supply chains, protecting them from disruptions that exploit the enhanced interactions, the extended involvement models of stakeholders and consumers as channels for complex cyber-attacks, the presence of legacy systems and the increasing connectivity of energy infrastructures, data stores and services retailers.
CyberSEAS has 3 strategic objectives:
- Countering the cyber risks related to highest impact attacks against EPES;
- Protecting consumers against personal data breaches and attacks;
- Increasing the security of the Energy Common Data Space.
All three objectives are equally important since cyber-criminals are shifting tactics to favour multi-stage attacks in which stealing sensitive data is a precondition for the real attack and enables them to maximise damage and profits (while traditionally infrastructure cyber-attacks used to be direct attacks to the machinery and typically targeted control systems, not data). Threat actors, especially large ones such as nation-states, also carry out complex attacks that leverage supply chain dependencies, and this trend continues to grow, as highlighted in the July 2020 analysis by the Atlantic Council. Likewise, with the transition to scenarios where users are proactively involved, prosumer data is becoming more and more sensitive.
To achieve these objectives, CyberSEAS delivers an open and extendable ecosystem of 30 customisable security solutions providing effective support for key activities, and in particular:
- risk assessment;
- interaction with end devices;
- secure development and deployment;
- real-time security monitoring;
- skills improvement and awareness;
- certification, governance and cooperation.
CyberSEAS solutions are validated through experimental campaigns consisting of 100+ attack scenarios, tested in 3 labs before moving out to one of 6 piloting infrastructures across 6 European countries. Out of the 30 solutions, 20 will reach TRL8+ and 10 TRL7.
Reason for applying to HSbooster.eu services
We believe the Standardisation Booster service can be key for maximising the impact of project results in the field of certification/standardisation.
Main Standardisation Interests
In Task 8.5 Recommendations for certification, standardisation and exchange of information at the EU level, the CyberSEAS project will define a certification, standardisation and data exchange approach that – by effectively combining analytical modelling and field measurements – outperforms current strategies. The approach will be rigorous while also practical and will align with current initiatives at the European level to foster a harmonised cybersecurity certification framework. It will be applicable at component and system levels, considering complex systems resulting from the interconnection of COTS and ad-hoc components. It will be hybrid, meaning that it will effectively combine modelling and direct measurement. This task will evaluate the certifiability of technological results obtained in the project, explaining how far components and systems are from certification and drawing a roadmap to fulfil this objective.
This task is not started yet.