SciTransfer
DEFENDER · Project

Integrated Cyber-Physical Security System for Energy Grids and Power Plants

energyPilotedTRL 7
defender-project.eu

Imagine your power grid is like a house with dozens of doors and windows — some physical, some digital. Right now, most security systems only watch either the doors or the windows, never both at the same time. DEFENDER built an alarm system that watches everything together: cameras, drones, network sensors, and even the people inside. They tested it on real power plants, transmission networks, and renewable energy sites across Europe to catch both hackers and physical intruders before they cause blackouts.

By the numbers
4
Real-life demonstrator sites validated
20
Consortium partners across Europe
9
Countries represented in consortium
TRL 4-5 to TRL 7
Technology maturity advancement
13
Industry partners in consortium
65%
Industry partner ratio in consortium
The business problem

What needed solving

Energy companies face a growing convergence of cyber and physical threats to their infrastructure — but most security solutions only address one side, leaving dangerous blind spots. A hacker breaching a grid control system while someone tampers with a substation physically creates a compounding threat that siloed security tools cannot catch. Operators need an integrated detection and response system that sees the full picture across generation, transmission, and distribution assets.

The solution

What was built

DEFENDER built an integrated cyber-physical security platform combining drone surveillance, fixed sensors (PMUs), advanced video monitoring, AI-based threat detection, blockchain-based trust mechanisms, and an incident response toolbox. The system was validated at TRL 7 across 4 real energy sites and 1 lab emulator covering the full energy chain.

Audience

Who needs this

Large power utilities operating generation plants (thermal, nuclear, renewable)Transmission system operators (TSOs) managing high-voltage networksDistribution system operators (DSOs) running regional gridsEnergy prosumers with significant generation and storage assetsSecurity technology integrators serving the energy sector
Business applications

Who can put this to work

Power Generation & Utilities
enterprise
Target: Large energy companies operating bulk generation plants or renewable energy sites

If you are a power utility dealing with rising cyber-physical threats to your generation assets — DEFENDER developed an integrated security platform tested at TRL 7 that combines drone surveillance, sensor networks, and AI-based threat detection. It was validated on 4 real demonstrator sites including a bulk generation plant operated by ENGIE SA and a decentralized renewable energy site, covering the full energy value chain.

Transmission & Distribution Grid Operators
enterprise
Target: TSOs and DSOs managing high-voltage networks and distribution grids

If you are a grid operator struggling to protect geographically dispersed infrastructure from combined cyber and physical attacks — DEFENDER built a detection and response toolbox validated on a TSO high-voltage network (ELES in Slovenia) and a DSO distribution network (ASM in Italy). The system uses fixed sensors like PMUs plus mobile drones to give real-time situational awareness across your entire grid.

Critical Infrastructure Security Solutions
mid-size
Target: Security technology vendors and system integrators serving energy clients

If you are a security integrator looking for proven cyber-physical protection technology to offer energy clients — DEFENDER integrated TRL 4-5 technologies into a TRL 7 adaptable security system with blockchain-based trust, video surveillance, and incident response tools. With 13 industry partners in the consortium, there are multiple potential technology licensing and integration partnership paths.

Frequently asked

Quick answers

What would it cost to implement this security system?

The project data does not include specific pricing or per-unit costs. However, given the system was designed as a modular and adaptable platform validated across 4 different site types, implementation costs would vary depending on infrastructure scale. Contact the consortium for pricing discussions.

Can this scale to protect a national-level grid?

DEFENDER was validated across the full energy value chain — from bulk generation (ENGIE SA) to TSO high-voltage networks (ELES) and DSO distribution grids (ASM). The 4 real-life demonstrators across France, Italy, and Slovenia suggest the system was designed for large-scale, geographically distributed infrastructure.

What is the IP and licensing situation?

The consortium includes 20 partners across 9 countries, with 13 industry partners and 5 SMEs. IP is likely distributed among consortium members. The coordinator, Engineering Ingegneria Informatica SPA, is a major Italian IT company and the most likely entry point for licensing discussions.

How mature is this technology — is it ready to deploy?

DEFENDER explicitly aimed to bring TRL 4-5 technologies to TRL 7, which means system prototype demonstrated in an operational environment. The 4 real-life demonstrators and 1 lab emulator at RWTH Germany confirm this was tested well beyond the lab.

Does this handle both cyber attacks and physical intrusions?

Yes, that is the core value proposition. DEFENDER models energy infrastructure as cyber-physical systems, combining network security monitoring with physical surveillance (drones, cameras, PMU sensors) and a human-in-the-loop approach. The incident response toolbox covers both threat types.

What regulations does this help comply with?

Based on available project data, DEFENDER addresses critical infrastructure protection under the EU CIP (Critical Infrastructure Protection) topic. The system's design for resilience and self-healing aligns with the EU NIS Directive requirements for energy sector operators of essential services.

Can this integrate with our existing security systems?

DEFENDER was designed as an adaptable system that integrates multiple technology types — fixed sensors, mobile drones, video surveillance, and blockchain. The fact that it was validated on 4 different real-world sites with different operators suggests it was built for integration with existing infrastructure rather than replacement.

Consortium

Who built it

This is a heavily industry-driven consortium with 13 out of 20 partners from industry (65%), which signals strong commercial intent. The coordinator, Engineering Ingegneria Informatica SPA, is one of Italy's largest IT companies — a credible system integrator. The presence of major energy operators as demonstrator hosts (ENGIE SA for generation, ELES for transmission, ASM for distribution) means the technology was tested by the companies that would actually buy it. With 5 SMEs and partners across 9 countries (DE, EL, FR, IL, IT, PT, RO, SI, UK), the consortium covers both technology development and end-user validation across different regulatory environments.

How to reach the team

Engineering Ingegneria Informatica SPA (Italy) — major IT systems integrator, coordinator of the project

Order a report on this consortiumSee ENGINEERING - INGEGNERIA INFORMATICA SPA profile →
Next steps

Talk to the team behind this work.

Want an introduction to the DEFENDER consortium for licensing or deployment? SciTransfer can connect you with the right partner for your infrastructure type.

Order a report on this topicMore in Energy & Climate
More in Energy & Climate
See all Energy & Climate projects
Contact-Free Inspection Tool That Catches Hidden Wind Turbine Blade Damage Before Failure
NOTUS
Open →
Rooftop Wind Turbines Hidden Inside Buildings That Outperform Solar Panels
IRWES
Open →
Automated Wind Farm Site Assessment That Cuts Planning Time and Risk
WindSider
Open →