The Pilot #3 will be deployed at ELES, the Slovenian Transmission System Operator for High Voltage power network. Individual parts of its HV transmission network are within the scope of critical infrastructure and thus essential for the continuity of the operation of the electricity Power system on the national and EU level. The operation of ELES infrastructure is split among different information centres, each of them responsible for managing either physical, either technical, or IT/cyber-security, by using dedicated tools to process the data and provide services under their responsibility. In DEFENDER pilot, ELES will participate with the Corporate security centre, ICT centre and one HV switchyard, which is equipped with state-of-the-art physical security solutions. The latter one will be made available for enabling DEFENDER deployment and for later extensions of ELES security management tools.
This pilot aims at demonstrating how and to a what extent the deployment of DEFENDER security framework may enable an overarching approach to CEI security by leveraging on a joint management of physical and cyber security risks and threats. In other words, thanks to DEFENDER cyber-physical security framework, ELES will be able to appropriately manage very different types of security threats in the most appropriate way. Thanks to DEFENDER, ELES will be provided with effective demonstration on how different security departments may cooperate by leveraging on unified security threat models and on interoperable security socio-technical sub-systems.
The DEFENDER project will develop and demonstrate a framework concept on how CEI operators should respond to detected threats with the risk mitigation or other tactical interventions. Upon defining the countermeasures and procedures for various physical and other threats, a subset of scenarios will be selected to be made available to the DEFENDER framework. The latter will allow to validate (i) aggregation and interoperability of structured and unstructured network measurement data, (ii) prediction of trends deviations and anomalies and (iii) complex modelling of events correlations, with a view to detect potential threats and trigger the necessary countermeasures via DEFENDER.
Furthermore, customized pilot applications will be developed to support semi-automatic threat mitigation and thus empower personnel to collaborate and take effective actions. In the context of this work different models of human resources participation will be considered, to evaluate the impact of human factor (HILT will be leveraged), create appropriate environment for building a culture of security in CEI, and assess situational and operational awareness. Different risks that the project will earlier define, will then be tested through pilot ELES facilities. This testing framework will also include comprehensive technical and cyber security solutions that can improve the integrity of the management of security risks and threats.