RESCUE

RESCUE aims to develop advanced mathematical and computational foundations, methods, and technologies for incident response to protect utilities from state-sponsored cyber attacks and cyber secure the Control Room of the Future. It improves operational resilience of integrated cyber-physical energy systems to such threats by combining innovative technologies, incident response strategies and human factors, and by building trained human capital for grid operators to deal with the ever-growing cyber threats. This research considers both present and future developments up to 2030 in digitalisation of energy systems and cyber security threats.

In the context of digitalization, Information and Communication Technologies (ICTs) and Operational Technologies (OTs) are crucial for keeping the future operational energy systems manageable, resilient, and secure. The energy systems are increasingly dependent on ICT-OT networks for business operations and real-time monitoring and control of physical facilities. Utility ICT-OT systems have evolved from isolated, monolithic structures to open, networked environments. It is well recognised that they are vulnerable to cyber attacks. This raises some questions: What is the impact of the 2015-2016 cyber attacks conducted in Ukraine on the integrated Dutch energy system? How to mitigate such cyber attacks by combining innovative technologies, incident response strategies, and human factors and by building human capital? How to make the Cyber-Physical energy System (CPS) more secure and resilient to cyber threats?

In this project, an integrated CPS model and co-simulation platform will be developed. The multiple models in CPS capture the cross-sector coupling of the electrical power grid with gas, heat, water, and ICT-OT infrastructure systems, alignment between energy sector and ICT and telecommunications, and digitalization in operational energy systems. They are all combined in an integrative modelling framework based on which methods and tools are developed to assess and enhance the resilience and cyber security of future energy systems. Cyber attacks on Control Room of the Future are simulated at cyber layer and impact on energy system operation is analysed at the physical layer. Mathematical and computational foundations are proposed for incident response. This project combines the technological-engineering perspective of CPS resilience and cyber security with the analysis of how human factors contribute to incident response and cyber attack mitigation.

•    To develop a digital twin for cyber resilience analysis, planning, and operation of integrated CPS. It allows the real-time simulation of cyber attacks at the cyber system layer and impact analysis at the physical layer in an integrated co-simulation environment.
•    To enable the power system operators to assess and improve the grid operational resilience to cyber attacks and plan the cyber secure operation of integrated CPS. 
•    To develop operational technologies and strategies aiming at improving grid resilience.
•    To develop incident response strategies based on security games combined with an Intrusion Detection and Prevention System (IDPS).
•    To study the interaction between operators and technology in the Control Room of the Future. 
•    To facilitate an effective system operator response to incidents.
•    To build a demonstration and training facility based on a cyber range in CRoF and real-time digital twin. 
•    To develop open-source technologies that are demonstrated and transferred to end users in industry, i.e., utilities, through vendors and consultants. 
•    To develop joint training for control room operators and cyber security workforce at TSOs and DSOs.

Delft University of Technology, Centrum Wiskunde & Informatica (CWI), Netherlands eScience Center (NLeSC), Siemens Netherlands N.V., TenneT TSO BV, DNV Netherlands BV, European Network for Cyber Security Cooperatief UA

I. (Ioannis) Semertzis

Ioannis Semertzis joined the Intelligent Electrical Power Grids group as a doctoral student in November 2021. He received his Diploma in Electrical and Computer Engineering from Democritus University of Thrace, Greece in 2019 and his MSc. in Electrical Power Engineering from TU Delft in 2021. During his master thesis in TU Delft, he proposed a quantitative risk assessment methodology, for assessing the likelihood and impact of cyber attacks on cyber-physical energy systems. His areas of interest are cyber-physical energy systems, digital twins, and cyber security for critical infrastructure.

S. (Sho) Cremers

Sho Cremers got his BSc. in artificial intelligence from the university of Groningen in 2019. He also got his MSc. in computer science with artificial intelligence technology track from TU Delft in 2022. He is a guest PhD researcher at TU Delft since September 2022 working on the “Resilience and cyber security of integrated cyber-physical energy systems (RESCUE)” project. His current research interests include cybersecurity of power grid with a focus on incident response, game theory, and multi-agent systems.

R. (Ronak) Shah

Ronak Shah began his doctoral studies in January 2023. His research focuses on the human factors of cybersecurity in critical infrastructure, especially the PowerGrid. He is a certified Design thinker with a background in information technology and digital transformation. He examines how social and technical factors interact in the context of cyber physical systems and how human intelligence can be effectively utilized to detect and respond to cyber threats.