LEARN MORE

FAQs

Have questions about ALiEnS-SOC? Explore the answers below to learn more about the project’s objectives, innovative technologies and its role in strengthening cybersecurity and resilience across the energy sector.

Importance of the ALiEnS-SOC project

Why did the European Commission choose to fund the ALiEnS-SOC project?

The project addresses a critical European challenge: strengthening the cybersecurity of energy infrastructure. ALiEnS-SOC develops and validates an AI-based cybersecurity framework for the national electro-energy SOC, with potential replication across Europe. Its focus is on improving detection, response, information sharing and resilience in the energy sector.

Why is the energy sector one of the most attractive targets for cyberattacks?

Energy infrastructure is essential for the functioning of society, the economy and public services. Any disruption can have serious consequences. As energy systems become more digital and interconnected, they also become more exposed to cyber threats from cyberattackers, including organised criminal groups, state-sponsored actors and other malicious entities.

How vulnerable is Europe's energy infrastructure to cyber threats?

The project recognises that the European energy sector faces growing risks due to digitalisation, interconnected systems and increasingly advanced cyber threats, as demonstrated by incidents such as the cyberattacks on Ukraine’s power grid in 2015 and 2016 and ransomware attacks affecting European energy companies. ALiEnS-SOC responds by developing technologies and cooperation models that improve prevention, detection and response. More recently, the coordinated cyberattack targeting Poland’s energy infrastructure in December 2025 highlighted that critical energy systems across Europe remain attractive targets for sophisticated threat actors, reinforcing the need for stronger cyber resilience and cross-border cooperation.

What is the current state of cybersecurity in Slovenia's energy sector?

As part of ALiEnS-SOC, a comprehensive assessment of Slovenia’s energy sector was carried out, analysing existing SOC capabilities, cybersecurity technologies, operational processes, cyber threats, regulatory compliance and cyber threat intelligence across transmission and distribution operators. The findings provide a clear roadmap for strengthening the sector’s cyber resilience.

Addressing Cybersecurity Challenges with ALiEnS-SOC

How will artificial intelligence enhance cyber threat detection and incident response?

AI will help detect anomalies, identify unusual behaviour and support faster response to cyber incidents. The project will use AI-based detection and automated response capabilities across information technology, operational technology and email environments.

How does ALiEnS-SOC bridge the gap between information technology security and operational technology security?

The project is designed for both IT and OT environments. IT (Information Technology) focuses on data processing, communication systems and business applications, while OT (Operational Technology) involves the hardware and software that monitor and control physical processes such as power generation and distribution. It will develop and validate technologies such as AI-based detection, digital twin honeypots and CTI sharing to improve visibility and response across the entire electro-energy ecosystem.

What does a Security Operations Centre (SOC) mean for the future of the energy sector?

A SOC provides a central capability for monitoring, detecting and responding to cyber threats. In ALiEnS-SOC, the national electro-energy SOC will support other SOCs at national level and contribute to cross-border cooperation.

How will the project's solutions be tested and validated in real-world energy environments?

The project will validate its technologies through two pilots: an AI Pilot with six use cases and a CTI Pilot with four use cases. These use cases will involve distribution system operators, the transmission system operator, CERTs and other key stakeholders.

How will ALiEnS-SOC improve cyber threat intelligence sharing across the energy sector?

The project will develop a CTI platform for collecting, processing, enriching and sharing cyber threat information. It will also define processes, trust levels, common standards and cooperation frameworks for national and cross-border CTI sharing.

Consortium

Why does the project bring together all Slovenian electricity distribution companies?

Their involvement ensures that the project addresses the real operational needs of the Slovenian electricity distribution ecosystem. This is essential for developing solutions that are practical, validated and relevant for the entire sector.

What role do electricity distribution companies play in developing and validating the project's solutions?

Distribution companies contribute knowledge of real operational environments, cybersecurity needs and sector-specific challenges. They also participate in use cases and validation activities, helping ensure that the solutions work in practice.

Why is collaboration between energy companies, research organisations, government authorities and technology providers essential for the project's success?

Cybersecurity in critical infrastructure cannot be solved by one organisation alone. The project requires technical expertise, operational knowledge, regulatory understanding and cooperation between public and private stakeholders.

How will the consortium ensure that the project's results remain sustainable after the project ends?

The project will develop a business model for the commercialisation and wider adoption of its solutions, including use by national and cross-border SOCs managing critical infrastructure and essential services.

Project Impact

Who are the potential end users of the solutions developed within ALiEnS-SOC?

Potential end users include energy sector SOCs, transmission and distribution system operators, CERTs, critical infrastructure operators, essential service providers and organisations involved in cyber threat intelligence sharing.

How will ALiEnS-SOC strengthen the cyber resilience of critical energy infrastructure?

The project will improve detection, interception and response to cyber incidents, reduce risks, support faster reaction and enable better information exchange between stakeholders at national and European level.

Can the project's solutions be replicated in other European countries and how will ALiEnS-SOC contribute to the future of cybersecurity in Europe's energy sector?

Yes. Replicability is one of the core ambitions of the project. ALiEnS-SOC is designed as a framework with potential application in other national and cross-border SOC environments. By combining AI, CTI sharing, cooperation frameworks and real-world validation, the project will contribute to a more resilient European energy sector and support wider European cybersecurity and critical infrastructure resilience objectives.

Cyber Defense for the Electro-Energy Ecosystem