City:  Darmstadt
Date:  Jun 15, 2024

Design, Implementation and Evaluation of a Cyber Resilience Self-Assessment Framework for Virtual Po

The Fraunhofer-Gesellschaft ( currently operates 76 institutes and research institutions throughout Germany and is the world’s leading applied research organization. Around 30 800 employees work with an annual research budget of 3.0 billion euros. 

The increasing integration of renewable energy and other decentralised energy resources (DER) into the power grid is leading to a growing number of Virtual Power Plants (VPPs). A VPP consists of networks of distributed power generation units, flexible energy consumers, and storage systems. All these components are aggregated and managed as a single entity to deliver power to the grid or to specific consumers. In this context, utilities and VPP operators rely on wide-area communication networks to remotely control or to coordinate a variety of DER. Examples of such DER involve renewable energy plants and even battery storage systems and inverter-coupled devices including electric vehicles and heat pumps.
VPP operators are increasingly aware of the imperative to bolster up the cyber resilience of their infrastructure. This is driven by the recognition that cyber-attacks have the potential to significantly impair their operational efficiency, disrupt customer service, and pose a threat to the stability of the entire power grid. Therefore, it is of utmost importance that VPP operators have tools and mechanisms to proactively assess and improve their overall cyber resilience posture.
We are looking for motivated students who are interested in a challenging thesis in the field of cyber resilience of Virtual Power Plants (VPP). The work will focus on the design, implementation and evaluation of a cyber resilience self-assessment framework tailored to the specificities and requirements of VPP.


What you will do

Potential tasks may include the following:

  • Task 1: **Systematic Literature Review on Definitions of cyber resilience: ** Conduct a comprehensive literature review to identify existing definitions and metrics of cyber resilience, as well as examine existing approaches to measurement cyber resilience.
  • Task 2: **Develop a weighted cyber resilience model: ** Based on the findings from the literature review, develop a new method for assessing the cyber resilience of VPP’ underlying IT-infrastructure. One of the expected outputs is a weighted cyber resilience quantification function that captures core properties that are necessary for maintaining the functionality of a VPP. The quantification function should be created utilizing common features and categories across key European and international standards and frameworks, e.g., EU NIS-2 Directive, EU Cyber Resilience Act, MITRE Cyber Resiliency Metrics, NIST SP 800-160 Vol. 2, IEC TS 63189-1:2023, EN IEC 62443-3-2:2020, ETSI ES 203 682 V1.2.1 (2024-03), ETSI TR 103 990 V1.1.1 (2024-03), ...
  • Task 3: **Design and Implementation of a Self-Assessment Tool: ** Based on the findings from Task 1 & Task 2, develop a web-based tool for self-assessment of cyber resilience of VPP. Technical details such as interfaces to various VPP components, protocols for data transmission and analysis, as well as synergies and conflicts with security- and privacy-by design mechanisms should be taken into account.
  • Task 4: **Evaluation: ** Evaluate the usefulness, effectiveness and usability of the developed tool and collect feedback from end-users. Furthermore, you are expected to subsequently analyze the results of the evaluation studies and derive well-founded recommendations for the further development and optimization of the tool. Consider technical improvement opportunities to further strengthen the cyber resilience of VPPs.


What you bring to the table

  • You are studying Computer Science, Electrical Engineering or a comparable subject.

  • Interest in current developments in the field of cyber resilience.

  • Knowledge in the fields of energy systems and software development is advantageous.

  • Interest in interdisciplinary research: Cyber security engineering; Human factors in security and privacy; Usable security and privacy.

  • A high degree of initiative and team spirit.

  • Good language skills in German or English.


What you can expect

  • Professional supervision and collaboration in a dedicated team

  • Ideal conditions for practical experience alongside your studies


We value and promote the diversity of our employees' skills and therefore welcome all applications - regardless of age, gender, nationality, ethnic and social origin, religion, ideology, disability, sexual orientation and identity. Severely disabled persons are given preference in the event of equal suitability. 

With its focus on developing key technologies that are vital for the future and enabling the commercial utilization of this work by business and industry, Fraunhofer plays a central role in the innovation process. As a pioneer and catalyst for groundbreaking developments and scientific excellence, Fraunhofer helps shape society now and in the future. 

Interested? Apply online now. We look forward to getting to know you!


Fraunhofer Institute for Secure Information Technology SIT 


Requisition Number: 73381                Application Deadline:


Job Segment: Cyber Security, Electrical Engineering, Computer Science, Electrical, Engineer, Security, Engineering, Technology