The CYPRESS project focuses on addressing the Cyber-Physical Risk associated with the bulk Electric Energy Supply (EES) system, which is becoming increasingly complex due to the growing integration of information and communication technologies. This transformation brings significant benefits but also introduces novel vulnerabilities, particularly in terms of cyber-threats. The overarching aim of CYPRESS is to develop the knowledge, methods, and tools necessary to ensure the security of electric energy supply systems, accounting for these cyber-physical risks and integrating them into a coherent probabilistic risk management framework. To achieve this, the project is structured around three main research themes: i) the development of novel models and benchmarks for the simulation and testing of cyber-physical systems, ii) the assessment of these systems’ vulnerabilities, and iii) the enhancement of their resilience to threats.
Work Package 3 (WP3), titled ”Mitigation of cyber-physical security risks,” is a key part of this effort. WP3’s main objective is to develop strategies and decision-making tools to help reduce the risks associated with cyberphysical vulnerabilities in power systems. Within WP3, Task 3.2 (T3.2) specifically targets the development of real-time operation strategies that incorporate cyber-threats into power system operations, providing tools and techniques for the immediate detection, assessment, and mitigation of such threats.
The T3.2 sub-task investigates decision-making aids for real-time operations, extending traditional power system operational frameworks to include cyber-physical considerations. This includes strategies for system observability, monitoring cyber-physical interactions, and ensuring resilient recovery from attacks. Methods developed in T3.2 are built on previous work in preventive and corrective risk management and are designed to be implemented in the transmission system operator (TSO) and distribution system operator (DSO) environments. These methods will allow for the continuous monitoring and response to cyber-physical risks as they arise, optimizing both preventive measures and corrective actions in line with Objectives 1-3, while Objective 4 focuses on ensuring the resilience of cyber-physical infrastructures even when partially compromised, through novel design, algorithms, and protocols.
The document is structured as follows:
- Chapter 1: Introduction
- Chapter 2: Diagnostic Agents and Cyber-Space Observability (Objective 1)
- Chapter 3: IT Anomaly Detection (Objective 2)
- Chapter 4: Cyber-Operator Characterization (Objective 3)
- Chapter 5: Design of Cyber-Attack Resilient Cyber-Physical Systems (Objective 4)
- Chapter 6: Conclusion
This deliverable underlines significant advancements in enhancing cybersecurity resilience, encompassing realtime cyber-space observability, robust IT anomaly detection, comprehensive cyber-operator characterization, and innovative approaches for designing cyber-attack resilient systems. It introduces frameworks and techniques that proactively address vulnerabilities, strengthen operational integrity, and provide practical solutions to safeguard cyber-physical infrastructures. The insights gained through T3.2 are expected to contribute to enhancing the resilience and security of future power systems, providing valuable tools for operators to mitigate cyber-physical risks in real-time and under uncertain conditions.
Author Contributions
Author, Affiliation
Laurent Mathy, Université de Liège
Benoît Knott, Université de Liège
Tohid Behdadnia, KU Leuven
Dave Singelée, KU Leuven
Can Özkan, KU Leuven
Xinhai Zhou, KU Leuven
Shahabeddin Kamyab, Université Libre de Bruxelles
