2021 has seen a steady rise in the number of cyberattacks and ransoms demanded by hackers. According to the Hiscox Cyber Readiness Report 2021[1], 43% of more than 6000 companies analysed had suffered a cyberattack in 2020, up 38% in the 12 months before and one over six attacks was a ransom attack. This attack is caused by an ever-evolving form of malware specifically designed to encrypt victim’s files on a device, making any files and the whole system completely unusable.

Securing electric power and energy systems against cyber-attacks and other threats is of fundamental importance to maintain an uninterrupted power supply. However, incidents may not always be avoidable, raising the need to increase the resilience of the energy infrastructure. PHOENIX is addressing this concern, investigating the fault-tolerant implementation and deployment of functions to provide self-healing capabilities to energy infrastructures.

The digitization of the energy supply chain generates new functions and services which are essential for the distributed generation model typical of renewable energies. New tools are introduced for optimizing energy production and preventive maintenance thanks to telemonitoring and remote control. The end-users have the opportunity to reduce consumptions and optimize investments too.

Europe’s largest energy storage has been successfully connected to the grid to maximizing efficiency of renewable energy and prevent blackouts. PHOENIX project will provide accessory tools for dealing with power outages and other EPES incidents.

Alessio Bianchini, Elena Sartini and Luigi Briguglio from CyberEthics Lab., partner of the PHOENIX consortium [1], are the authors of the article “Applying Privacy-by-Conception in Cybersecurity”, published in ERCIM News no.126 Special Theme “Privacy Preserving Computation” (July 2021) [2].

Critical Infrastructures (CI) may be defined as collections of cyber-physical systems whose disruptions or failures result in destructive financial and health consequences for large population segments. Electrical Power and Energy Systems (EPES) constitute some of the most essential critical infrastructures, particularly due to the high dependency of other technologies, services as well as CIs on the proper operation and availability of power networks.

When talking about data, it is important to know that any data handling is associated with a certain degree of risk of data leakage. Data can be exposed while transiting through a data transmission/exchange system or even while it is stored. Data protection and reputation mechanisms are putting in place to prevent malicious and dishonest data handling.

Attack trees have been widely recognized as a systematic method for specifying system security based on vulnerabilities. The nodes of the tree represent the different stages of an attack, while the root node represents the attacker’s main goal: to impair the normal functionality of the system.

The PHOENIX team is happy to announce that our latest work in network intrusion detection has been published online in Information, MDPI.