As a critical infrastructure operator, we take cybersecurity as a key pillar that guarantees our mission: providing essential services. We focus at enhancing the development of secure asset management tools, increasing the efficiency and sustainability of our operations.
Optimizar y automatizar la seguridad de las tecnologías de la información y de las tecnologías de la operación
Completed
The CounterCraft company has a cyber deception platform that consists of recreating realistic virtual environments to deceive potential attackers and extract as much information as possible about them. The CounterCraft pilot had a twofold objective: on the one hand, a mock-up of a power substation connected to the internet was created, emulating the data traffic and accessible functionality as if it were a real, physical substation.
The CounterCraft tool monitored this mock-up to obtain information and profile the attackers (locations, IPs, tools and scripts, vulnerabilities, etc.). On the other hand, the information emulated by the mock-up was collected to extend this tool and thus facilitate the deployment of new realistic virtual mock-ups while Countercraft completes its range of solutions. The project was successfully completed and has provided relevant information that will undoubtedly increase the resilience of the systems, leading to further proofs of concept.
Blind exposure of public IP to the internet.
Dissemination of internet "hints" to public IP of simulated substation.
Validation in a laboratory environment emulating a real system.
Optimization and automation of OT and IT security
Active
The objective of the SLISE project is to mitigate the vulnerabilities that the new virtualization technologies adopted massively at the core of the 5G architecture (and which are already part of the technical drafts of the sixth generation) have dragged into the new paradigm of communications as a service. Specifically, research into new algorithms is proposed: incident analysis, encryption, radio attack detection identification and automated response; in a more flexible context to face the risks inherent to virtualization technologies: Network Function Virtualization (NFV), Software Defined Networks (SDN) and Network Slicing (NS). All this will be studied, defining demanding indicators that broadly cover these objectives, in a set of use scenarios that present different protection priorities and that include the use of communications in the context of critical infrastructure management, as well as the use of communications in the manufacturing industry.
Definition of requirements and use cases.
Definition of 5G system protection and detection of attacks and anomalies.
Demonstrator Deployment.
Evaluation.
Safety and wellness of people
Active
The Kymatio project is a web-based training program for professionals, dedicated to the cyber-awareness and the assessment of their alertness in an unattended and personalized way, while providing a risk management tool associated with the human element with metrics, evolution over time and action plans.
In 2021 Redeia developed the Kymatio innovation project, which consists of managing the cyber risk of the company's employees.
Nowadays, there is a firm commitment from all Redeia professionals and its subsidiaries (Red Eléctrica, Reintel, Hispasat, Redinter and Elewit) to participate in this cybersecurity awareness program to boost the state of alertness and behavior of our professionals in the face of potential threats.
• High participation, with 72% of registrants completing this cybersecurity awareness program.
• Redeia's Corporate Security team confirmed that Kymatio is the optimal solution for raising awareness, measuring cybersecurity alertness and making the company's human cyber risk management visible.
Conectividad activos y sociedad
Complete
Red Eléctrica has developed a project with the cybersecurity startup Radiflow leveraging the technology offered by its iSID industrial threat detection and management platform. This anomaly detection and OT (Operational Technology) visibility suite allows to improve the security of industrial networks through a complete visualization of the network, threat detection and management of communication policies between devices. It must be noted that the collaboration between Radiflow and Red Eléctrica was born thanks to the startup's participation in Elewit's IV Venture-Client program and that it will continue due to the fact that the solution they are proposing is being implemented in Red Eléctrica's infrastructure.
Development of a project with the objective of monitoring data traffic in Red Eléctrica environments to evaluate the Deep Packet Inspection (DPI) capabilities of OT communications protocols and cyber anomaly detection.
Throughout the project, the traffic was analyzed with the technology of the startup Radilflow and simultaneously, it was monitored using another intrusion detection solution (IDS) with OT (Operational Technology) capabilities. After analyzing the results of the project, it has been demonstrated that Radiflow's iSID technology has great analysis capabilities for industrial traffic, detecting anomalies with a much higher efficiency than the other evaluated solution.