Secure EPES Incidents Information Sharing in PHOENIX

Written by PHOENIX project on 18. 02. 2020.

In the energy domain, cybersecurity incidents information sharing [1] among the electrical power and energy systems (EPES) utilities is crucial for the successful mitigation of critical cybersecurity such events. Today, a variety of governance models could be deployed in order to facilitate the trusted and secure communication and incidents information sharing among Computer Emergency Response Teams – CERTs, Computer Security Incident Response Teams – CSIRTs [4], Energy Information Sharing and Analysis Centres – ISACs [3] and EPES utilities. Given, on the one hand, the geographical and national separation and isolation and, on the other hand, the frequent close interaction of the above-mentioned entities, sharing of critical incidents information has proved not at all a trivial task.

In the context of effectively addressing the above described challenge, the NIS Directive [2] has been the first piece of EU-wide legislation on cybersecurity. It defines legal measures to boost the overall level of cybersecurity in EU by enhancing the preparedness and cooperation of the Member States. Among others, it instructs Member States to establish CSIRTs and a competent national NIS authority. The NIS Directive further instructs the Member States to set a Network, in order to promote swift and effective operational cooperation on specific cybersecurity incidents and sharing information about respective risks, which is an undergoing process.

Therefore, establishing combined cyber EPES protection and pan-European collaboration and communication between CERTs/CSIRTs and Utilities is fundamental. The H2020 EU-funded PHOENIX project aims to tackle this problem by devising a Secure and Trusted Incidents Information Sharing Platform – I2SP to facilitate the smooth cooperation between the afore-mentioned stakeholders, capitalizing on existing used technologies, such as MISP [5] and MeliCERTes CSP [6], on the one hand, and extending the latter capabilities by incorporating distributed ledger and blockchain technologies, as well as machine learning approaches, on the other hand, in order to empower secure critical information sharing processes leveraging on security, persistency, transparency and resiliency.

Cookie	Type	Duration	Description
__cfduid	1	1 month	The cookie is set by CloudFare. It is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
_wpfuuid	0	10 years	Contact form UUID (Universally Unique Identifier) cookie. It allows the plugin to connect entries by the same user and does not contain or represent any personal information or entry details.
cookielawinfo-checkbox-necessary	0	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary	0	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
test_cookie	0	11 months
viewed_cookie_policy	0	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. It is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randomly generated number to identify unique visitors.
_gat_gtag_UA_152331303_1	1 minute	Google uses this cookie to distinguish users.
_gid	1 day	This cookie is installed by Google Analytics. It is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.

Secure EPES Incidents Information Sharing in PHOENIX

Energy Shield

BRIDGE

Success

Defender

NRG-5

sofie-logo

Elsa

interflex

Intergrid

NobelGrid

PROMOTioN-Logo-RZ-RGB

logo_reserve_sRGB

wisegrid-logo