Our daily life is based on a by-now obvious principle: we can always take advantage of electricity, water, means of transport, telecommunication, ATMs, commodities.
Yet on the night of September 28, 2003, a fallen tree in Switzerland triggered an incredible domino effect, leaving Italy and part of Switzerland “blocked and isolated”. On that night, we became aware of the limits in which we find ourselves in the absence of electricity.
Today, more than ever, the dynamism of the modern world enriches and complicates the scenario. If on the one hand it allows us to correlate the various critical infrastructures, on the other it enriches them with a massive deployment of intelligent objects that we commonly include in the broader concept of the Internet of Things (IoT).
The union between the IoT and the electrical infrastructures creates a wide variety of worlds, ranging from the automation of the smart city or factories, paving the way for new smart electricity networks interconnected and firmly intertwined with other systems.
The electricity grid is by definition critical, since it is fundamental to a myriad of services of primary importance for any nation. In this important infrastructure, old generation equipment and software coexist with the new generation IoT devices. The latter have been designed to innovate, but very often they are implemented with little attention to security checks. Many of these objects have made the electrical system both effective and extremely vulnerable.
In the PHOENIX project, CyberEthics Lab. identifies the fundamental principles, based on the European legislation such as the General Data Protection Regulation and the NIS Directive on cybersecurity of critical infrastructures, for the protection of the energy consumers privacy, for the definition and implementation of a cybersecurity strategy for smart electrical networks efficient, and for adequately identifying zero-day vulnerability scenarios.
Its innovative character gives PHOENIX the ability to scientifically determine the normal operating condition for each particular environment – which includes millions of online connections in continuous evolution – and, at the same time, to early-detect system anomalies that could be extremely harmful, taking human activities (intentional and unintentional, internal and external) into account, in order to quickly mitigate them.
The researchers of CyberEthics Lab. have therefore developed a series of strategies aimed at defining a framework (ethical and legal in the first place, but at the same time technological) capable of protecting both the energy providers security and the consumers privacy, while avoiding, at the same time, interruptions in the flow of energy on the electricity grid at European level that could cause serious damages.
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 832989.