Smart Grid Protection Against cybeR attacKS (SPARKS) was a €4.8M European project co-ordinated by the Austrian Institute of Technology.  Dr Kieran McLaughlin from CSIT lead research into vulnerabilities in the control system protocols (SCADA) used to automate many of our electricity sub-stations and manage smart grid infrastructure.  In April 2015, SPARKS gave a public demonstration of a multi-stage malware attack against a simulated electricity company.  Spear-phising and standard malware was used to infect IT systems in the company giving a foothold for further reconnaissance before pivoting into the OT (operational technology) network segments that control the flow of electricity.  This attack used specialist software prepared in CSIT following detailed investigation of SCADA protocols.  By performing a man-in-the-middle attack we demonstrated that control room staff would be oblivious to the actual state of sub-station equipment.  Real attacks against Ukrainian electricity companies occurred in December 2015 and closely followed the SPARKS model.  Shortly afterwards CSIT staff travelled to Brussels to give the demo to members of the European parliament.  This spurred on development of the first piece of cybersecurity legislation – the EU NIS Directive which came into force in the UK in May 2018.  The Network and Information Systems Security Directive is specifically directed at cyber protection of critical infrastructure and operators of essential services.

CSIT went on to develop SCADA specific intrusion detection systems and in the final SPARKS project demonstration we coupled this with novel resilience functions which successfully protected grid operations even in the face of active cyber attacks.  The project also successfully produced a book, Smart Grid Security: Innovative Solutions for a Modernized Grid. Published by Elsevier in 2015.