Secure EPES Incidents Information Sharing in PHOENIX

­­In the energy domain, cybersecurity incidents information sharing [1] among the electrical power and energy systems (EPES) utilities is crucial for the successful mitigation of critical cybersecurity such events. Today, a variety of governance models could be deployed in order to facilitate the trusted and secure communication and incidents information sharing among Computer Emergency Response Teams – CERTs, Computer Security Incident Response Teams – CSIRTs [4], Energy Information Sharing and Analysis Centres – ISACs [3] and EPES utilities. Given, on the one hand, the geographical and national separation and isolation and, on the other hand, the frequent close interaction of the above-mentioned entities, sharing of critical incidents information has proved not at all a trivial task.

In the context of effectively addressing the above described challenge, the NIS Directive [2] has been the first piece of EU-wide legislation on cybersecurity. It defines legal measures to boost the overall level of cybersecurity in EU by enhancing the preparedness and cooperation of the Member States. Among others, it instructs Member States to establish CSIRTs and a competent national NIS authority. The NIS Directive further instructs the Member States to set a Network, in order to promote swift and effective operational cooperation on specific cybersecurity incidents and sharing information about respective risks, which is an undergoing process.

Therefore, establishing combined cyber EPES protection and pan-European collaboration and communication between CERTs/CSIRTs and Utilities is fundamental. The H2020 EU-funded PHOENIX project aims to tackle this problem by devising a Secure and Trusted Incidents Information Sharing Platform – I2SP to facilitate the smooth cooperation between the afore-mentioned stakeholders, capitalizing on existing used technologies, such as MISP [5] and MeliCERTes CSP [6], on the one hand, and extending the latter capabilities by incorporating distributed ledger and blockchain technologies, as well as machine learning approaches, on the other hand, in order to empower secure critical information sharing processes leveraging on security, persistency, transparency and resiliency.

Further reading sources/references:

[1]: https://www.enisa.europa.eu/publications/information-sharing-and-analysis-center-isacs-cooperative-models

[2]: https://ec.europa.eu/digital-single-market/en/network-and-information-security-nis-directive

[3]: https://www.ee-isac.eu/

[4]: https://csirtsnetwork.eu/

[5]: https://www.misp-project.org/

[6] https://github.com/melicertes/csp


Follow the progress of the PHOENIX project:

Twitter:  https://twitter.com/H2020Phoenix

Linkedin: https://www.linkedin.com/company/phoenix-h2020/


This project has received funding from the European Union’s Horizon 2020 research and Innovation programme under grant agreement N°832989. All information on this website reflects only the authors’ view. The Agency and the Commission are not responsible for any use that may be made of the information this website contains.

Sign up to our newsletter