The following FP7 and H2020 research projects will be presenting their concepts and applications to the field of critical infrastructure protection.

The HyRiM Project

Full Title: Hybrid Risk Management for Utility Networks

The main objective of this project is to identify and evaluate ‘Hybrid Risk Metrics’ for assessing and categorizing security risks in interconnected utility infrastructure networks in order to provide foundations for novel protection and prevention mechanisms.

The project will provide utility network providers with a risk assessment tool that – in adherence with, e.g., the BSI or ICNC recommendations – supports qualitative risk assessment based on numerical (quantitative) techniques. For that matter, our method will explicitly account for the infrastructure’s two-fold nature in terms of the utility network and the control network alongside it. The expected impact is thus a movement away from best practice only, towards the treatment of risk in utility networks based on a sound and well-understood mathematical foundation. The project will take an explicit step towards considering security in the given context of utility networks, ultimately yielding a specially tailored solution that is optimal for the application at Hand.

Project Website:

The MITIGATE Project

Full Title: Multidimensional, InTegrated, rIsk assessment framework and dynamic, collaborative risk manaGement tools for critical information infrAstrucTurEs

Despite the importance of Critical Information infrastructures (CIIs) and dynamic ICT-based maritime supply chains (SCs) for port operations, state-of-the-art risk management methodologies for maritime environment pay limited attention to cyber-security an do not adequately address security processes for international SCs. Motivated by these limitations, the MITIGATE project introduces, integrates, validates and commercializes a novel risk management system, which empowers stakeholders’ collaboration for the identification, assessment and mitigation of risks associated with cyber-security assets and SC processes. This collaborative system will boost transparency in risk handling, while enabling the generation of unique evidence about risk assessment and mitigation. At the heart of the risk management system there is an open simulation environment enabling stakeholders to simulate risks and evaluate risk mitigation actions. This environment will allow users to model, design, execute and analyze attack-oriented simulations. Emphasis is laid on the estimation of cascading effects in SCs as well as on the prediction of future risks. The MITIGATE system will be compliant with prominent security standards and regulations for the maritime sector (i.e., ISO 27001, ISO 28001, ISPS).

Project Website:

The SAURON Project

Full Title: Scalable multidimensionAl sitUation awaReness sOlution for protectiNg european ports

Nowadays, coordinated and increasingly complex terrorist attacks are shocking the world. Due to the progressive rely of industrial sector and many critical infrastructures (CI) (e.g., EU ports) in ICT systems, the impact of a coordinated physical attack, a deliberate disruption of critical automation systems or even a combined scenario including both kind of attacks, could have disastrous consequences for the European Member States’ regions and social wellbeing in general. Taking into account this fact and this real threat on EU ports as one of the main CI in Europe, the SAURON project proposes the holistic situation awareness concept as an integrated, scalable and yet installation-specific solution for protecting EU ports and its surroundings. This solution combines the more advanced physical SA features with the newest techniques in prevention, detection and mitigation of cyber-threats, including the synthetic cyber space understanding through the use of new visualization techniques (immersive interfaces, cyber 3D models and so on).
In addition, a Hybrid Situation Awareness (HSA) application capable of determine the potential consequences of any threat will show the potential cascading effect of a detected threat in the two different domains (physical and cyber). On the other hand, through SAURON approach the public in the surroundings and the rescue/security teams will be able to be informed on any potential event/situation that could put in risk their integrity. Thus, SAURON proposes as main objective to ensure an adequate level of both physical and cyber protection for the EU ports and limiting, as far as possible, the detrimental effects for the society and citizens of a combined attack (physical & cyber) to an EU port. Reducing the vulnerabilities of EU ports, as one of the main European critical infrastructures and increasing their systemic resilience in the face of a physical, cyber or combined threat will be also part of the SAURON main objective.

Project Website:

The SPARKS Project

Full Title: Smart grid Protection Against cybeR attacKS

The future smart grid represents a significant evolution in the way electric grids function. At the core of this change is an increased use of ICT to implement enhanced monitoring and control in the distribution network at medium and low-voltage levels. Ensuring the cybersecurity and resilience of smart grids is of paramount importance. This is the target of the EU-funded SPARKS – Smart Grid Protection Against Cyber Attacks – project.

The project aims to provide innovative solutions in a number of ways, including approaches to risk assessment and reference architectures for secure smart grids. The project will make recommendations regarding the future direction of smart grid security standards. Furthermore, key smart grid technologies will be investigated, such as the use of big data for security analytics in smart grids, and novel hardware-supported approaches for smart meter (gateway) authentication. All of these contributions and technologies will be assessed from a societal and economic impact perspective, and evaluated in real-world demonstrators.

Project Website: