• info@defender-project.eu


Modern critical infrastructures are increasingly turning into distributed, complex Cyber-Physical systems that need proactive protection and fast restoration to mitigate physical or cyber incidents or attacks, and most importantly combined cyber-physical attacks, which are much more challenging and it is expected to become the most intrusive attack. This is particularly true for the Critical Energy Infrastructures (CEI).

The power transmission and distribution grid network infrastructure lies at the very heart of any CEI. A lot of existing advanced monitoring and control technologies are able to effectively deal with either physical, either technical, or cyber- security threats at individual level. However, the reciprocal interaction and related impacts of different threats types is not adequately captured and accordingly managed. Thus to maximize security, a joint cyber-physical approach to manage CEI security becomes necessary.

Strategic challenge

We should protect legacy CEI and design a new generation of more resilient and self-healing European Energy Infrastructure able to survive large scale, combined, cyber-physical-social incidents and accidents, and guarantee the continuity of operations, while minimizing their cascading effects in the infrastructure itself, the environment, the citizens in vicinity and the energy end-users at reasonable cost.


DEFENDER will adapt, integrate, upscale, deploy and validate a number of different technologies and operational blueprints with a view to develop a new approach to safeguard existing and future European CEI operation over cyber-physical-social threats, based on a) novel protective concepts for lifecycle assessment, resilience and self-healing offering “security by design” and b) advanced intruder inspection and incident mitigation systems.
Moreover, DEFENDER will create a culture of security, where trusted information exchange between trained employees and volunteers will complement cyber-physical protection, while preserving the privacy of the citizens involved.


To achieve its vision, DEFENDER will implement the four strategies:

  • Assess Risk. This strategy gives to energy sector asset owners, utilities and service providers a thorough understanding of their current security posture, enabling them to continually assess evolving cyber/physical threats and vulnerabilities, their risks, and potential countermeasures.
  • Protective measures to reduce risk by design. New protective (proactive) measures will be developed to reduce system risks (including vulnerabilities and emerging threats). These measures will be built into next-generation CEI and will help the electricity infrastructures stakeholders to offer CEI “defence in depth and by design” and offer components that are interoperable, extensible, and able to operate even in a degraded condition during a cyber incident.
  • Manage Incidents. Managing incidents is critical, as physical disasters can be generalized, cyber assaults can be sophisticated and at the end any system can become vulnerable to emerging threats as absolute security is not possible. When protective measures are not applied or fail to prevent an incident, detection, remediation, recovery, and restoration activities should minimize its impact and quickly return to normal operations.
  • Build a Culture of Security. Post-incident analysis and forensics enable CEI stakeholders to learn from the incident. Integrated with reliability practices, risk management practices will be periodically reviewed and challenged to confirm that established security controls remain in place, while physical and cyber-security best practices should be disseminated at pan-European level.