DEFENDER Final review took place in September 2020
The H2020 project DEFENDER (Grant n° 740898) has reached its final review September 18th. Being part of the H2020-CIP-2016-2017, the project focuses on the use of innovative technologies to handle cyber-physical attacks on critical energy infrastructures. It involves 18 partners, including several partners from the PHOENIX consortium (RWTH, SingularLogic, ASM Terni, BFP, Elektro-Ljubljana and Thales). DEFENDER has developed tools that will be used as inspirations in the project PHOENIX, including the cosimulator, the CEI Incidents Information Sharing Platform, the Incident Detection Framework and the Incident Mitigation Framework.
These tools are planned to be developed at another level in the PHOENIX project, which focuses on the cybersecurity issues, while DEFENDER relies on cyber-physical attacks, with a focus on the physical intrusions, the sensors used to detect them, and the related mitigations. PHOENIX will go one step further by focusing on the security of communication, encryption, including the Universal Secure Gateway.
DEFENDER relies on various technologies and hardware, both for situation awareness and mitigation. Among them, video-based mini drone analysis, Perimeter Laser Security sensors and Laser Fence Sensors, data gathering & fusion for attack identification, drone anti-drone hunting, communication jammer, and the DEFENDER platform. The latter includes a module for attack analysis, threat identification, incident mitigation and emergency response. Another important technology developed during the project if the Human-In-The-Loop tool for managing people interaction with CEI, while leveraging on blockchain technology for peer-to-peer trustworthiness. In particular, it allows the users to act as trustworthy sensors in the project.
In spite of the issues related to the CoVid epidemics, the project has managed to test all its technologies on the four planned trials, with two additional pre-trials in South Paris and Acco in Israel. It has shown a good integration between the components and successfully managed to detect and mitigate the attacks tested.