Cybersecurity in Energy Systems: Are we Prepared ?

EventEvenement

The energy transition introduces complex cybersecurity challenges as power systems increasingly rely on interconnected communication networks that integrate both IT and Industrial Control System (ICS) layers. These layers are essential for managing critical infrastructures, such as power grids, which makes securing them from cyber threats of paramount importance. As the integration of digital technologies into the energy sector grows, so does the potential for cyberattacks targeting vulnerabilities within these networks.

In this Deep Dive session we combine expert lectures with demonstrations to explore AI-driven cybersecurity techniques for risk assessment, early stage anomaly detection and penetration testing.

Programme

  • 10.00h: Introduction on cybersecurity in energy systems by prof. Geert Deconinck, EnergyVille/KU Leuven
    It was in the news lately: are foreign nation states able to take over our power systems? Can they hack peripheral devices (such as photovoltaic inverters) and bring down the electrical grid? In this introductory presentation we position cyber security for power systems in the context of critical infrastructure protection and the broader EU policies. Then we introduce how risk assessment needs to be combined with detection and mitigation techniques to make our systems more robust. We focus on how the different stakeholders in a decentralised power system all have a role to play when we want our energy system to become more dependable .
  • 10.30h Cybersecurity: risk assessment in power systems by Amirreza Jafari Anarjan, EnergyVille/KU Leuven
    Power system communication networks, integrating IT and ICS layers, face complex cybersecurity challenges that require a specialized approach for comprehensive risk assessment. This research presents the development of a dedicated cybersecurity risk assessment toolbox tailored specifically for power systems. The toolbox addresses the lack of existing solutions by providing all essential features for realistic risk assessment in this domain. Key innovations include automatic extraction of attack paths by systematically mapping MITRE ATT&CK techniques to each attack step. This comprehensive tool fills a critical gap in cybersecurity frameworks for power systems, offering enhanced risk visibility and protection against sophisticated cyber threats targeting critical infrastructure.
  • 11.00h: Early-Stage Anomaly Detection in IT-OT Power Grid Communication Networks Using Wavelet Transform and Hybrid Deep Learning by Tohid Behdadnia, EnergyVille/KU Leuven
    In this workshop presentation, we introduce a machine learning-based methodology for earlystage anomaly detection in IT-OT power grid communication networks. Our approach models the IT-OTnetwork as a traffic dispersion graph and applies wavelet transform to decompose the real-time traffic throughput of each information node into its constituent sub-bands to extract time-frequency features.These features are then weighted and prioritized using a graph attention mechanism and fed into a bidirectional long short-term memory for temporal analysis, ultimately classifying the nodes as normal or abnormal. Our experiments confirm the methodology’s precise detection and localization of active cyberattack sites, outperforming existing state-of-the-art anomaly detection models.
  • 11.30h: Demonstration of penetration test by Can Ozkan, EnergyVille/KU Leuven
    Penetration Testing of Industrial Control Systems (ICS): Securing Critical Infrastructure Summery: This 30-minute workshop provides a hands-on exploration of penetration testing of devices, particularly those designed for Industrial Control Systems (ICS). As ICS environments are vital to the operation of critical infrastructure such as power grids, water treatment facilities, and manufacturing plants, securing these systems from cyber threats becomes paramount. Participants will be showcased sample vulnerabilities of ICS equipment, including PLCs, and gain practical experience with tools and methodologies, in particular, enumeration and exploitation phases of penetration testing, used to test and secure these systems.
  • 12.00h: Network lunch

 

Practical details

This Deep Dive session takes place within the framework of the European EDIH-EBE project. EDIH-EBE offers companies access to expertise, data and testing facilities. In this session we offer you a combination of an expert panel and a demonstration.

When: 13 February 2025, 10.00-13.00h

Where: EnergyVille 1, Genk

Pricing: free

DMA: We ask SMEs and medium-sized companies to complete a ‘digital maturity assessment’ as required by the EU. You will be contacted by the EDIH-EBE office to conduct a basic questionnaire to evaluate the digital maturity of your company. This only takes 30 min.

More Deep Dive sessions coming soon!

Do you want to stay up to date on our Deep Dive sessions? Subscribe to the EDIH-EBE newsletter.

Name(Required)