AI and Cyber Threat Intelligence Management in the Energy Sector

Abstract

Integrating artificial intelligence (AI) and cyber threat intelligence (CTI) into the energy sector has revolutionised the management of electrical systems and cybersecurity. This work-in-progress paper explores the current state and prospects of AI and CTI in the European energy sector, presenting a management model to ensure the ethical, transparent, and responsible use of AI within the DYNAMO project. The model leverages the ALTAI framework and the Z-Inspection® method, adhering to the requirements of the GDPR and the EU AI Act. AI is emerging as a key technology in managing electrical systems, optimising energy flow, and enhancing grid stability and operational efficiency. Examples include Siemens Spectrum Power and Schneider Electric's EcoStruxure. AI also aids in predicting electricity demand and renewable energy production, improving resource management and reducing waste. The EU AI Act classifies AI systems in the energy sector as high-risk, requiring stringent data protection, transparency, and human oversight. The ALTAI framework emphasises seven core principles: human agency, technical robustness, privacy, transparency, diversity, societal well-being, and accountability. The DYNAMO project aims to create a technical solution for small and medium-sized critical infrastructure companies to share CTI and support business continuity management. It uses the ECHO Early Warning System (E-EWS) for cyber threat information exchange. The AI governance model includes policies, processes, and technical frameworks to ensure AI systems remain ethical, secure, and responsible. Key components include encryption for secure data transfer, role-based access controls, integration of GDPR and EU AI Act requirements, and an adaptive framework with training modules and real-time feedback loops. Results indicate compliance with GDPR and EU AI Act requirements, effective response to new cyber threats, and high user satisfaction. This research underscores the importance of adaptability and regulatory compliance in AI governance frameworks. Future work includes real-world testing, iterative refinement, and broader stakeholder collaboration to further develop and validate the proposed model.