Design, Implementation and Evaluation of a Cyber Resilience Self-Assessment Framework for Virtual Po
Darmstadt, DE, 64295
Fraunhofer-Gesellschaft
Die Fraunhofer-Gesellschaft mit Sitz in Deutschland ist die weltweit führende Organisation für anwendungsorientierte Forschung. Mit ihrer Fokussierung auf zukunftsrelevante Schlüsseltechnologien sowie auf die Verwertung der Ergebnisse in...The increasing integration of renewable energy and other decentralised energy resources (DER) into the power grid is leading to a growing number of Virtual Power Plants (VPPs). A VPP consists of networks of distributed power generation units, flexible energy consumers, and storage systems. All these components are aggregated and managed as a single entity to deliver power to the grid or to specific consumers. In this context, utilities and VPP operators rely on wide-area communication networks to remotely control or to coordinate a variety of DER. Examples of such DER involve renewable energy plants and even battery storage systems and inverter-coupled devices including electric vehicles and heat pumps.
VPP operators are increasingly aware of the imperative to bolster up the cyber resilience of their infrastructure. This is driven by the recognition that cyber-attacks have the potential to significantly impair their operational efficiency, disrupt customer service, and pose a threat to the stability of the entire power grid. Therefore, it is of utmost importance that VPP operators have tools and mechanisms to proactively assess and improve their overall cyber resilience posture.
We are looking for motivated students who are interested in a challenging thesis in the field of cyber resilience of Virtual Power Plants (VPP). The work will focus on the design, implementation and evaluation of a cyber resilience self-assessment framework tailored to the specificities and requirements of VPP.
What you will do
Potential tasks may include the following:
- Task 1: **Systematic Literature Review on Definitions of cyber resilience: ** Conduct a comprehensive literature review to identify existing definitions and metrics of cyber resilience, as well as examine existing approaches to measurement cyber resilience.
- Task 2: **Develop a weighted cyber resilience model: ** Based on the findings from the literature review, develop a new method for assessing the cyber resilience of VPP’ underlying IT-infrastructure. One of the expected outputs is a weighted cyber resilience quantification function that captures core properties that are necessary for maintaining the functionality of a VPP. The quantification function should be created utilizing common features and categories across key European and international standards and frameworks, e.g., EU NIS-2 Directive, EU Cyber Resilience Act, MITRE Cyber Resiliency Metrics, NIST SP 800-160 Vol. 2, IEC TS 63189-1:2023, EN IEC 62443-3-2:2020, ETSI ES 203 682 V1.2.1 (2024-03), ETSI TR 103 990 V1.1.1 (2024-03), ...
- Task 3: **Design and Implementation of a Self-Assessment Tool: ** Based on the findings from Task 1 & Task 2, develop a web-based tool for self-assessment of cyber resilience of VPP. Technical details such as interfaces to various VPP components, protocols for data transmission and analysis, as well as synergies and conflicts with security- and privacy-by design mechanisms should be taken into account.
- Task 4: **Evaluation: ** Evaluate the usefulness, effectiveness and usability of the developed tool and collect feedback from end-users. Furthermore, you are expected to subsequently analyze the results of the evaluation studies and derive well-founded recommendations for the further development and optimization of the tool. Consider technical improvement opportunities to further strengthen the cyber resilience of VPPs.
What you bring to the table
-
You are studying Computer Science, Electrical Engineering or a comparable subject.
-
Interest in current developments in the field of cyber resilience.
-
Knowledge in the fields of energy systems and software development is advantageous.
-
Interest in interdisciplinary research: Cyber security engineering; Human factors in security and privacy; Usable security and privacy.
-
A high degree of initiative and team spirit.
-
Good language skills in German or English.
What you can expect
-
Professional supervision and collaboration in a dedicated team
-
Ideal conditions for practical experience alongside your studies
We value and promote the diversity of our employees' skills and therefore welcome all applications - regardless of age, gender, nationality, ethnic and social origin, religion, ideology, disability, sexual orientation and identity. Severely disabled persons are given preference in the event of equal suitability.
With its focus on developing key technologies that are vital for the future and enabling the commercial utilization of this work by business and industry, Fraunhofer plays a central role in the innovation process. As a pioneer and catalyst for groundbreaking developments and scientific excellence, Fraunhofer helps shape society now and in the future.
Interested? Apply online now. We look forward to getting to know you!
Fraunhofer Institute for Secure Information Technology SIT
Requisition Number: 73381 Application Deadline:
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Computer Science IEC 62443 NIST Privacy
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs