Facts and Figures of the Project

PROJECT ID: 833017

TOPIC: SU-INFRA01-2018-2019-2020 | Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe

FROM: 2019-06-01 to 2021-11-30 | 30 months

CONSORTIUM: 21 international partners


SecureGas focuses on the 140.000Km of the European Gas network covering the entire value chain from Production to Distribution to the users, providing methodologies, tools and guidelines to secure existing and incoming installations and make them resilient to cyber-physical threats. Three business cases, addressing relevant issues for the Gas sector and beyond (e.g. oil), have been identified so that to ensure the delivery of solutions and services in line with clear needs and requirements, focused on: risk-based security asset management of gas transmission and distribution networks; impacts (economic, environmental and social) and cascading effects of cyber-physical attacks on interdependent and interconnected European Gas grids; integrity and security, through the operationalization of resilience guidelines, of strategic installation across the EU Gas network.

SecureGas tackles these issues by implementing, updating, and incrementally improving extended components, integrated and federated according to an High-Level Reference Architecture built upon the SecureGas Conceptual Model, a blue print on how to design, build, operate and maintain the EU gas network to make it secure and resilient against cyber-physical threats. The components are contextualized, customized, deployed, demonstrated and validated in each business case, according to the scenarios defined by the end-users. Related services provided by SecureGas will be offered to the end-users via a Platform as a Service (PaaS), that allows modularity, flexibility, cooperation and third-party interoperability, thus securing a long-lasting impact, supporting the project exploitation strategy. A multidisciplinary consortium (Gas operators, technology providers, research institutions, sector-related associations), supports the project implementation across Construction, Demonstration and Validation phases, as well as a Stakeholder Platform ensures inputs, advise, and a wider Diffusion of the project outcomes.

The Project

SecureGas is an EU-Funded project to increase the security and resilience of the European gas network, by taking into account physical and cyber threats.

According to EGIG (European Gas pipeline Incident data Group) a total of 1366 incidents from 1970-2016, have been recorded to gas pipelines and infrastructure. Among the various causes, the leading ones are Third Party Interference (TPI), such as ground works, malicious acts and sabotages, and ground movements.
On the other hand, looking at cyber threats, although the numbers of incidents reported so far is less, the results can be devastating as well. Attacks such as Night Dragon and Shamoon have caused considerable financial damage to oil and gas companies. Global figures estimate that cybersecurity breaches in oil and gas and power cost operators $1,87 billion up to 2018.

In line with the European Energy Security Strategy, the European Programme for European Critical Infrastructure Protection (EPCIP), the EU’s reliance on gas imports and the EU Regulation 2017/1938 on Security of Gas Supply, the project focuses on the 140.000km of the European gas network covering the entire value chain from production to distribution, providing methodologies, tools, and guidelines to secure existing and incoming installations and make them resilient to cyber-physical threats.

Over the course of the project, SecureGas will define a blueprint on how critical gas infrastructure should be planned, designed, built, operated, and maintained to cope with cyber-physical security threats. This will serve as baseline for defining a High-Level Reference Architecture (HLRA), that will be used as guideline for adapting, customizing, integrating technological components that will be finally demonstrated in a set of Business Cases. The resulting outcomes will be offered as services for the security and resilience of the EU gas network through a Platform as a Service (PaaS) model, that allows modularity, flexibility, cooperation, and third-party interoperability.



The provision of a comprehensive scenario and event analysis of all aspects of interdependent physical (natural, anthropogenic, man-made; accidental) and cyber threats to the European Gas Critical Infrastructure (CI) network and the cascading risks resulting from such complex threats.


The demonstration of systemic (multi-hazards, multi-threats) security risk and resilience management approaches, including the combination of physical and cyber threats, their interconnections, cascading effects and emergent behaviour (unexpected systemic behaviour).


The implementation of improved, integrated, and incremental solutions (e.g. the project extended components) to prevent, detect, respond and mitigate physical and cyber threats for Gas CI and their customization to specific installations (e.g. the project business cases).


The deployment and validation of customized solutions to achieve the security and resilience of all functions and services performed by the installations, in particular of functions that ensure the integrity neighbouring populations and the environment, building on functionalities as provided by C and D.


The establishment of a trustworthy mechanism for sharing information among rescue teams, security teams and monitoring teams, the population, to improve the safety of their operations in an emergency, in line with the need for a convergent approach in safety and security.


The identification and development of viable and effective (in terms of economic and organizational efficiency) security paradigms, tested via the implementation of the business cases.

Towards a Resilience-Based Management of Gas Assets and Infrastuctures

Resilience sits in an intricate interplay among individuals, communities, institutions and infrastructures. Therefore, it is not appropriate considering resilience as a mono-disciplinary topic, but rather as a “Concept” which is characterized by 4 main resilience capabilities – Plan/Prepare, Absorb, Recover and Adapt – and 4 main socio-technical system dimensions – physical, information, cognitive and social – to be defined and described for each of the 4 capabilities. 

In this sense Resilience can be seen as a proactive approach to enhance the ability of infrastructures to prevent damage before disturbance events, mitigate losses during the events and improve the recovery capability after the events, beyond the concept of pure prevention and hardening (Woods)

In addition to Resilience, when dealing with Emergency Phases, one cannot neglect to take into account the Disaster Risk Management Cycle (DRMC) consisting of Preparation, Response, Recovery and Mitigation or in a more detailed way consisting of Pre-disaster, Response and Post-Disaster. How the concept of Resilience is linked with the DRMC phases is a further aspect to be considered and worth of clarification. Indeed, conceptually, risk analysis quantifies the probability that the system will reach the lowest point of the critical functionality profile. Classical risk management often also only quantifies the initial loss. Risk management helps the system prepare and plan for adverse events, whereas resilience management goes further by integrating the temporal capacity of a system to absorb and recover from adverse events, and adapt accordingly. Thus, resilience, on the basis of the definitions aforementioned, is not a substitute for principled system design or risk management but is rather a complementary attribute that uses strategies of adaptation and mitigation to improve traditional risk management. Indeed, given a certain event, the customization of Resilience within the Disaster Risk Management Cycle results in an infinite or panarchy loop that SecureGas sets as the basis of a proper conceptual approach to the Resilience and Security of the European Gas CI

In practical terms this means that existing and new Gas infrastructure will have to resist to hazards and absorb their impacts more efficiently and more effectively; accommodate and recover the effects of a hazard more efficiently, timely and safely; and be designed/restored to coordinate more efficiently across the various phases of a disaster risk management cycle. 

However, this is not enough to make sure that Resilience is really built operationally and it is considered as a driving principle for an owner/operator of Critical Infrastructure. Indeed this has to deal with the Governance of an infrastructure and with the standardized way an infrastructure is governed, i.e. planned, constructed, operated and maintained. The Governance of an Infrastructure is a standardized discipline regulated by the ISO 55000:2014. The asset life begins with the conception and the initial stages of the asset design and ends with the decommission of the asset itself, moving across construction, operation and maintenance (Infrastructure Governance cycle proposed by OECD). Integrating resilience concepts and capabilities into Asset Management, allows the Operator / Manager of an Infrastructure to build a more pragmatic approach towards an optimal Governance of an Asset, improving the integration across different disciplines and cross-functional coordination.

Case Study

ENTSOG – The European Natural Gas Network (Capacities at cross-border points on the primary market) – 2015

Business Case 1

Risk-Based Security Asset Management through the Life-Cycle of Gas CI projects

Business Case 2

Impacts and cascading effects of cyber-physical attacks to strategic nodes of the Gas network

Business Case 3

Operationalizing Cyber-Physical Resilience for the Security and Integrity of Strategic Gas Installations.


In line with the policy framework, SecureGas will positively affect EU security by:

– 1 –

Adopting a Gas CI-customized model that combines resilience capabilities and the disaster management cycle and is applicable to the whole infrastructure life cycle from e.g. the threat monitoring of provisions in the gas supply contracts to the security monitoring in the operations or fast predictive simulations of disruptions including recovery.

– 2 –

Operationalizing resilience guidelines for strategic installations to protect assets’ operations (covering IT and OT) therefore producing effective infrastructure preventive action and emergency plans, minimizing recovery time and maximizing business continuity.

– 3 –

Developing comprehensive models for (economic, social, environmental) impact assessment and cascading effects to the gas network in extreme supply crisis scenarios including innovative driver factors such as the impact of solidarity mechanism introduced by the regulation to enhance regional coordination and cooperation between Member States or the effect of investments to security of gas supply using cost-benefit evaluation.

Structure of project | work plan

SecureGas approach is divided into 3 main Phases, CONSTRUCT, DEMONSTRATE, VALIDATE&DIFFUSE, defined in line with the main project principles and the need of deploying market ready solutions in real and operative environment.

Phase 1


This phase sets the requirements, define the Conceptual Model (CM), the High-Level Reference Architecture (HLRA) and extend existing components.

Phase 2


This phase consists of the business case development including, adaptation and customization of the components to pilots, pilots execution and performance evaluation.

Phase 3

Validate and Diffuse

This phase addressees the project validation, lesson learnt and guidelines provision, up to the definition of the strategies for the uptake of project outcomes in real operative conditions.


The project boasts a multidisciplinary consortium of 21 international partners.

It is made up of integrated energy company (ENI S.p.A.), gas corporation (Public Gas Corporation of Greece S.A), TSO – Transmission system operator (AB Amber Grid), and DSO-Distribution system operator (Attiki Natural Gas Distribution Company S.A.), managing all together +15000km of pipelines; technology providers active in the field of Security and Critical Infrastructure (Leonardo S.p.A., Guardtime A.S., Elbit Systems Ltd., WINGS ICT Solutions, IDEMIA Identity & Security Germany AG, EXUS, GAP Analysis S.A., Innov-Acts Ltd., ADPM Drones S.r.l. and Disaster Management, Advice and Training Consulting KG), research and academic institutions in Energy, Security and Resilience Engineering (Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung, Kentro Meleton Asfaleias, Joint Research Centre Ispra, Riga Technical University, Technologická platforma Energetická bezpečnost ČR), to support the project implementation. Finally, the Stakeholder Platform (SP), led by Agenzia per la Promozione della Ricerca Europea, will provide advice to secure a long-lasting diffusion of the project outcomes, beyond the project perimeter as well.