Essence: a project to evaluate the effects of emerging security standards for critical infrastructures

The project aims at providing a quantitative assessment of the impact of existing and evolving security standards for critical infrastructures. This is done in terms of evaluating the enhancement of the system's efficiency and reliability in comparison with the necessary financial cost for carrying out the corresponding investment. For this purpose, an adequate simulation of an ICT-enabled power grid has been developed incorporating also known vulnerabilities, while two different use cases have been consolidated namely: a) attacks against generation, and b) attacks against power substations. Furthermore, the outcome of the attacks has been measured for both household and non-household loads and the evolution of the phenomena has been studied. It has found that the cost of the investment required for the application of the security standards is significantly lower in comparison with the potential financial losses of the power companies due to a cyber threat. Hence, the general conclusion is that power companies are reluctant to invest on the enhancement of their ICT resilience. European