Main Programme
The slides and videos from the symposium can be found in the programme details below. Additionally, there is a YouTube playlist that contains all of the videos that were recorded during the event.
Monday 13th March, 2017
| Time | Session |
|---|---|
| 09:30 - 10:30 | Coffee and Registration |
| 10:30 - 10:40 | Welcome Message Wolfgang Hribernik and Paul Smith, AIT Austrian Institute of Technology |
| 10:40 - 11:10 | An Introduction to the Projects The HyRiM Project [Slides] Stefan Schauer, AIT Austrian Institute of Technology The IRENE Project [Slides] Oliver Jung, AIT Austrian Institute of Technology The SALVAGE Project Oliver Gehrke, Technical University of Denmark (DTU) The SEGRID Project [Slides] Reinder Wolthuis, TNO The SPARKS Project [Slides] Paul Smith, AIT Austrian Institute of Technology The SUCCESS Project [Slides] Panagiotis Paschalidis, P3 Communications |
| 11:10 - 12:10 | Session: Smart Grid Security Risk Management Session Chair: Reinder Wolthuis, TNO An Enhanced Risk Assessment Methodology for Smart Grid [Slides] [Video] Judith Rossebø, ABB Norway and University of Oslo Identifying and Managing Risks in Interconnected Utility Networks: The HyRiM Risk Management Process [Slides] [Video] Stefan Schauer, AIT Austrian Institute of Technology Risk Assessment for Cyber-Physical Smart Grid Systems [Slides] Martin Hutle, Fraunhofer AISEC |
| 12:10 - 13:30 | Lunch |
| 13:30 - 15:00 | Session: Security Analytics and Situational Awareness Session Chair: André Herdeiro Teixeira, TU Delft Security Analytics for Smart Grid Anomaly Detection [Slides] [Video] Niamh O'Mahony, Dell EMC Research Europe Integrated Multi-domain Analysis of Smart Grid Cybersecurity [Video] Oliver Gehrke, Technical University of Denmark (DTU) DSO-oriented Operational Security Capability Model [Slides] [Video] Maarten Hoeve, European Network for Cyber Security (ENCS) The SCISSOR approach to establishing situational awareness in Industrial Control Systems [Slides] [Video] Stefano Salsano, University of Rome Tor Vergata / CNIT Intrusion Detection in Smart Grid [Slides] [Video] BooJoong Kang, Queen's University Belfast |
| 15:00 - 15:30 | Coffee Break |
| 15:30 - 16:30 | Session: Smart Grid Resilience (I) Session Chair: Gavin McWilliams, Queen's University Belfast Is my Grid Bouncing Back? A Cyber-Physical Resilience Metric for Smart Grids [Slides] [Video] Ivo Friedberg, AIT Austrian Institute of Technology A Collaborative Framework to Improve Urban Grid Resilience [Slides] [Video] Oliver Jung, AIT Austrian Institute of Technology Protection Against Cyber Attacks: Introducing Resilience for SCADA Networks [Slides] [Video] Antonios Gouglidis, Lancaster University |
| 16:30 - 17:30 | Panel Session: Data Protection and Privacy for the Smart Grid Moderator: Paul Smith, AIT Austrian Institute of Technology Panellists: Marie-Theres Holzleitner, The Energy Institute at JKU Linz [Slides] Jaap-Henk Hoepman, Radboud University Nijmegen [Slides] Nuno Medeiros, EDP Distribuição [Slides] Peter Fröhlich, AIT Austrian Institute of Technology [Slides] |
| 19:30 | Poster Session and Social Dinner at the Ottakringer Brauerei |
Tuesday 14th March, 2017
| Time | Session |
|---|---|
| 09:00 - 09:10 | Welcome Message Paul Smith, AIT Austrian Institute of Technology |
| 09:10 - 10:10 | Keynote Address: Undetectable Attacks on PMU Time Synchronization [Slides] [Video] György Dán, KTH Royal Institute of Technology |
| 10:10 - 10:40 | Coffee Break |
| 10:40 - 11:20 | Session: Smart Grid Resilience (II) Session Chair: Niamh O'Mahony, Dell EMC Research Europe Intrusion-Tolerant Eclipse SCADA [Slides] [Video] Nuno Neves, University of Lisboa Resilient Smart Grid Control [Slides] [Video] Henrik Sandberg, KTH Royal Institute of Technology |
| 11:20 - 13:00 | Smart Grid Security Solutions Demonstrations [Video] |
| 13:00 - 14:00 | Lunch |
| 14:00 - 15:00 | Social, Legal and Policy Aspects Session Chair: Oliver Jung, AIT Austrian Institute of Technology A Tool to Support Data Protection Impact Assessments for the Smart Grid [Slides] [Video] Ewa Piatkowska, AIT Austrian Institute of Technology A DSO Perspective on Future Cybersecurity and Privacy Policies [Slides] [Video] Nuno Medeiros, EDP Legal Framework and People's Perspective of Cyber Security [Slides] [Video] Johannes Reichl, The Energy Institute at JKU Linz |
| 15:00 - 15:30 | Coffee Break |
| 15:30 - 16:30 | Panel Session: Reflections on the Symposium and Future Directions [Video] Moderator: Friederich Kupzog, AIT Austrian Institute of Technology Panellists: Dimitrios Serpanos, University of Patras and Industrial Systems Institute [Slides] Karl Christoph Ruland, University of Siegen Panagiotis Paschalidis, P3 group, Berlin [Slides] |
Demonstrations
Several demonstrations were given at the symposium.
Integrated Cyber-attack Intrusion Detection and Resilient Control
BooJoong Kang and Kieran McLaughlin, Queen’s University Belfast; David Umsonst and Henrik Sandberg, KTH Royal Institute of Technology; Mario Faschang and Friederich Kupzog, AIT Austrian Institute of Technology
Summary — Telecontrol of systems in the field, such as photovoltaic inverters, introduces new vulnerabilities that can be exploited by attackers. Attacks could have physical — power systems — consequences, such as voltage violations, congestion or blackouts. In this demonstration, we will present a cyber-attack to a set of photovoltaic inverters, highlighting the impact such an attack could have. Furthermore, we will demonstrate an integrated solution to this challenge, which combines a SCADA intrusion detection system, targeted at detecting attacks that use the IEC 61850 protocol, and resilience control capability. The aim is to make inverters, and the overall power system, resilient to this form of attack. The demonstration will take place in the AIT SmartEST laboratory, using a combination of simulated and real power systems equipment, in order to emulate a low-voltage distribution grid.
A framework for integrated multi-domain hypothesis testing: Proof of concept
Oliver Gehrke and Kai Heussen, Technical University of Denmark (DTU); Matus Korman, KTH Royal Technical Institute Technology
Summary — One of the challenges for future grid operators will be how to combine cybersecurity-related information from domain-specific analysis tools into an overall risk assessment of different scenarios, in order to be able to prioritize and plan actions. The SALVAGE project assumes an operational context in which the risk of several cyber-security breaches are evaluated at the same time, and where there is highly uncertain information about possible security breaches. In such a context only an integrated assessment is meaningful, where a risk-oriented prioritization of potential threats and impacts is required to accommodate probabilistic information.
We will present a concept for the integration of three domain-specific analysis tools – ICT vulnerability analysis, intrusion detection based on physical component models and power system impact analysis, and demonstrate a simple proof-of-concept implementation of this concept.
Our software framework generates a number of attack hypotheses from a template, calculates their risk value by invoking the domain-specific tools, and performs a ranking of the results.
We will conclude with a discussion of the key challenges on the way towards an operational solution.
Denial-of-service attack against the DTLS server
Marco Tiloca, Swedish ICT; Hamid Rahmouni, European Network for Cyber Security (ENCS)
Summary — In many substation automation systems the IEC 60870-5-104 protocol is widely used. This protocol does not natively support data protection. The Datagram Transport Layer Security (DTLS) technology can be used to give data protection against manipulation and eavesdropping. However, the original implementation is vulnerable to different kinds of attacks. Marco Tiloca from Swedish ICT has implemented a new version of the DTLS that mitigates those attacks. This demo will show the working of the IEC 104 protocol over DTLS, and demonstrate the impact of the DDoS attack on both versions of the DTLS.
Smart Security Planner making use of asset-driven risk assessment methodology
Santiago Cáceres, ETRA Investigación y Desarrollo S.A.
Summary — The session will focus on the use of an online tool (Smart SECPLAN) developed in the project HyRiM. It works as a Risk Assessment as a Service targeted to IT and OT security experts. The tool will guide the user in the risk assessment exercise and will go further to existing methods and techniques by providing advanced analytics based on game-theory models. As a result, a prioritized set of mitigation actions will be delivered and a GANTT chart will be proposed for regular maintenance activities.
Blackout Simulator – Cost Impact Simulation of Blackouts in the Electrical Grid
Dr. Gerhard Kleineidam, University of Bayreuth – Energy Field Test Laboratory Northern Bavaria
Summary — A successful attack to the critical infrastructure of utilities or Distribution System Operators (DSO) may cause tremendous societal costs and severe damage to individuals or legal entities. Conversely, there is a financial cost to implementing security technology. Simulation is used to explore costs from power outages, in order to justify investment into reasonable security measures. The Blackout Simulator will help utilities or DSOs to plan and upgrade their grid infrastructure to grant reliability of supply. Municipalities, investors, and insurance companies could perform risk assessments by evaluating attack or blackout scenarios, which provide damage cost figures and potential losses in terms of revenue or taxes.