Cybersecurity in Energy Systems: Are we Prepared ?
The energy transition introduces complex cybersecurity challenges as power systems increasingly rely on interconnected communication networks that integrate both IT and Industrial Control System (ICS) layers. These layers are essential for managing critical infrastructures, such as power grids, which makes securing them from cyber threats of paramount importance. As the integration of digital technologies into the energy sector grows, so does the potential for cyberattacks targeting vulnerabilities within these networks.
In this Deep Dive session we combine expert lectures with demonstrations to explore AI-driven cybersecurity techniques for risk assessment, early stage anomaly detection and penetration testing.
Programme
- 10.00h: Introduction on cybersecurity in energy systems by prof. Geert Deconinck, EnergyVille/KU Leuven
It was in the news lately: are foreign nation states able to take over our power systems? Can they hack peripheral devices (such as photovoltaic inverters) and bring down the electrical grid? In this introductory presentation we position cyber security for power systems in the context of critical infrastructure protection and the broader EU policies. Then we introduce how risk assessment needs to be combined with detection and mitigation techniques to make our systems more robust. We focus on how the different stakeholders in a decentralised power system all have a role to play when we want our energy system to become more dependable . - 10.30h Cybersecurity: risk assessment in power systems by Amirreza Jafari Anarjan, EnergyVille/KU Leuven
Power system communication networks, integrating IT and ICS layers, face complex cybersecurity challenges that require a specialized approach for comprehensive risk assessment. This research presents the development of a dedicated cybersecurity risk assessment toolbox tailored specifically for power systems. The toolbox addresses the lack of existing solutions by providing all essential features for realistic risk assessment in this domain. Key innovations include automatic extraction of attack paths by systematically mapping MITRE ATT&CK techniques to each attack step. This comprehensive tool fills a critical gap in cybersecurity frameworks for power systems, offering enhanced risk visibility and protection against sophisticated cyber threats targeting critical infrastructure. - 11.00h: Early-Stage Anomaly Detection in IT-OT Power Grid Communication Networks Using Wavelet Transform and Hybrid Deep Learning by Tohid Behdadnia, EnergyVille/KU Leuven
In this workshop presentation, we introduce a machine learning-based methodology for earlystage anomaly detection in IT-OT power grid communication networks. Our approach models the IT-OTnetwork as a traffic dispersion graph and applies wavelet transform to decompose the real-time traffic throughput of each information node into its constituent sub-bands to extract time-frequency features.These features are then weighted and prioritized using a graph attention mechanism and fed into a bidirectional long short-term memory for temporal analysis, ultimately classifying the nodes as normal or abnormal. Our experiments confirm the methodology’s precise detection and localization of active cyberattack sites, outperforming existing state-of-the-art anomaly detection models. - 11.30h: Demonstration of penetration test by Can Ozkan, EnergyVille/KU Leuven
Penetration Testing of Industrial Control Systems (ICS): Securing Critical Infrastructure Summery: This 30-minute workshop provides a hands-on exploration of penetration testing of devices, particularly those designed for Industrial Control Systems (ICS). As ICS environments are vital to the operation of critical infrastructure such as power grids, water treatment facilities, and manufacturing plants, securing these systems from cyber threats becomes paramount. Participants will be showcased sample vulnerabilities of ICS equipment, including PLCs, and gain practical experience with tools and methodologies, in particular, enumeration and exploitation phases of penetration testing, used to test and secure these systems. - 12.00h: Network lunch
Practical details
This Deep Dive session takes place within the framework of the European EDIH-EBE project. EDIH-EBE offers companies access to expertise, data and testing facilities at strongly reduced prices. In this session we offer you a combination of an expert panel and a demonstration.
When: 5 December 2024, 10.00-13.00h
Where: EnergyVille 1, Genk
Pricing: €650 €100 + €136.50 VAT
To make use of this discount, your company should fulfill some conditions:
- you are an SME or medium-sized company
- your company has no financial difficulties
- your company has used max. 300k de-minimis state aid during the last 3 financial years
- Your company is prepared to complete a ‘digital maturity test’. You will be contacted by the EDIH-EBE office by phone to conduct a basic questionnaire to evaluate the digital maturity of your company. This only takes 30 min.
If you subscribe to this event, you will receive a detailed offer.
More Deep Dive sessions coming soon!
Do you want to stay up to date on our Deep Dive sessions? Subscribe to the EDIH-EBE newsletter.