EIP Status: PLANNED - This profile is currently under development. Contributions and feedback are welcome.
VAP Profile | Energy & Critical Infrastructure

EIP

Energy Infrastructure Protocol

"When the Grid Goes Dark, We Need to Know Why"

A Blackout Occurred. What Was the AI Deciding?

2021, Texas Blackout. Millions froze as the power system collapsed.

2003, Northeast Blackout. 55 million affected. Economic losses exceeded $6 billion.

Modern power grids are optimized by AI. Demand-supply balancing, renewable energy integration, fault prediction, load distribution. But when AI makes a wrong decision, there's no system to trace its rationale.

EIP cryptographically records all decisions made by AI managing critical infrastructure, enabling root cause analysis and cascade failure tracking when incidents occur.

View VAP GitHub

Why EIP is Needed

Current Challenges in Critical Infrastructure

Untraceable Cascade Failures

A single failure propagates in a chain reaction. It's impossible to identify which AI decision was the origin point.

Unclear Recovery Priorities

When AI decides "prioritize recovery for this area," there's no record of why that decision was made.

Hard to Distinguish Cyberattacks

When AI behaves abnormally, it's difficult to verify post-incident whether it was a "bug" or an "attack."

The Terror of Cascade Failures

Single Failure Occurs
AI Decides Load Balancing
Overload Transferred to Adjacent Systems
Adjacent AI Also Attempts Load Balancing
Cascading System Collapse
Wide-Area Blackout
Cause Unknown
"Which AI's decision was the first mistake?"

Real Incident Patterns (Anonymized)

Examples of failures that highlight the need for EIP

Case 1: Demand-Supply Balancing AI Misjudgment

Renewable Output Forecast
AI: Oversupply Detected
Generation Curtailment Order

Reality: Demand surged unexpectedly

Frequency drop → System separation

"Why did AI judge oversupply?"
"Was the input data accurate?"
→ Insufficient evidence, cause unidentifiable

Case 2: Suspected Cyberattack on Water System

Water Plant AI Changes Chemical Dosage
Water Quality Anomaly Detected
Emergency Shutdown

"AI's autonomous decision?"

"External intrusion?"

→ Log integrity not guaranteed, unable to distinguish

EIP Application Scope

Target Systems and Event Types

Power Grid Management

REQUIRED

Demand-supply balancing, renewable integration, load forecasting

Water Network Monitoring

REQUIRED

Water treatment control, distribution optimization, leak detection

Gas Pipeline

REQUIRED

Pressure control, leak detection, emergency shutoff

Communications Infrastructure

REQUIRED

Traffic management, fault prediction, routing

Nuclear Plant Monitoring

REQUIRED

Anomaly detection, cooling control, emergency shutdown decisions

Industrial Plants

RECOMMENDED

SCADA/DCS control, process optimization

Recorded Events (Causal Chain)

Sensor Input
Power/Flow
Pressure/Temp
Frequency/Voltage
State Estimation
System State
Anomaly Detection
Topology
Forecast Generation
Demand Forecast
Fault Prediction
Risk Assessment
Control Decision
Load Balancing
Emergency Response
Recovery Plan
Actuator Output
Circuit Breaker
Valve
Generator

EIP Architecture

Data Flow and Event Structure

System Data Flow

SCADA/EMS/DMS System
Sensors (RTU/IED)
AI/ML Engine
Control Actions
EIP Logger (Sidecar) - Records All Decision Events
Hash Chain - Cryptographically Linked
Digital Signature
Merkle Root - Periodic Anchoring
Secure Archive
Isolated from OT Environment
Air-Gap Compatible
Offline Verification Possible

EIP Event Structure (Conceptual) 

{
  "event_id": "019234ab-7c8d-7def-8123-456789abcdef",
  "timestamp_ns": 1734567890123456789,
  "event_type": "CONTROL_DECISION",
  "facility_id": "SUBSTATION_XXXX",
  "provenance": {
    "actor": {
      "type": "AI_MODEL",
      "identifier": "load_balancer_v4.2.1",
      "model_hash": "sha256:abc123...",
      "deployment_zone": "ZONE_A_CONTROL"
    },
    "input": {
      "sensor_readings": {
        "frequency_hz": 59.95,
        "voltage_kv": 274.5,
        "load_mw": 1250.3,
        "renewable_output_mw": 320.0
      },
      "input_hash": "sha256:def456..."
    },
    "action": {
      "decision": "LOAD_SHED_ZONE_C",
      "confidence": 0.92,
      "rationale": {
        "primary_factor": "FREQUENCY_DEVIATION",
        "alternatives_considered": [
          {"action": "IMPORT_FROM_REGION_B", "rejected_reason": "TIE_LINE_CONGESTED"}
        ]
      },
      "expected_impact": {
        "load_reduction_mw": 150,
        "affected_customers": 12500
      }
    }
  },
  "prev_hash": "sha256:789xyz...",
  "signature": "ed25519:..."
}

Regulatory Compliance Mapping

International Standards and Regulations

Regulation Jurisdiction Requirements EIP Support
EU NIS2 Directive EU Critical infrastructure cybersecurity, incident reporting Full Support
NERC CIP Standards North America Power system cybersecurity, audit trails Full Support
EU AI Act Annex III EU Energy management AI classified as high-risk Full Support
IEC 62443 International Industrial control system security Complementary
NIST Cybersecurity Framework USA Critical infrastructure protection framework Aligned

NERC CIP Detailed Mapping

CIP-005: Electronic Security Perimeter OT/IT Separation
CIP-007: System Security Management Full Event Logging
CIP-008: Incident Reporting Tamper-Proof Evidence
CIP-009: Recovery Plans State Reconstruction
CIP-010: Configuration Management AI/Model Tracking

EU NIS2 Directive Support

Risk Management Measures Risk Factor Logging
Incident Handling Root Cause Evidence
Business Continuity Recovery Support
Supply Chain Security Vendor AI Tracking
24-Hour Reporting Obligation Instant Export

OT Environment Adaptation

Designed for Operational Technology Constraints

IT Environment (General Systems)

  • Always connected to internet
  • Regular updates possible
  • Cloud services available
  • Easy restart/maintenance

OT Environment (Critical Infrastructure)

  • May be air-gapped (no internet)
  • Updates difficult (24/7 operation)
  • Real-time required (millisecond control)
  • Availability priority (99.999% uptime)
  • Legacy system coexistence (10-30 years)

EIP OT-Adapted Design

Air-Gap

Offline sign/verify

Real-Time

Async logging

High Avail.

Fail-safe design

Legacy

Sidecar approach

Long-Term

20-40 year retention

Zero Latency

Async processing

Use Cases

How EIP Transforms Incident Response

Use Case 1: Cascade Failure Root Cause Analysis

Phase Without EIP With EIP
Blackout Occurs Multiple systems collapse simultaneously Same
Initial Investigation "Don't know where it started" Identify first event by timestamp
Causal Tracing "Log formats differ across systems" Trace chain with unified format
AI Decision Verification "Unknown if AI input was correct" Verify with input data hash
Cause Identification Speculation-based report Prove "System A AI used incorrect topology"
Prevention Vague improvements Specific model/data quality fixes

Use Case 2: Cyberattack Forensics

Anomaly Detected: AI Issued Unexpected Control Command

EIP Evidence Analysis

Input Data Integrity Check Normal
Model Hash Verification Mismatch!
Signature Verification Invalid Signature
Conclusion: Model Tampering Attack
Preserve Evidence & Submit Incident Report

Use Case 3: Recovery Priority Justification

Major Blackout Occurs

AI Recovery Priority Decision:

TOP Hospitals & Medical Facilities
HIGH Communications Infrastructure
MED Commercial Facilities
SEQ Residential Areas
Citizens complain: "Why is our area last?"

EIP Evidence Explanation

  • System state at time of decision
  • Rationale for load priorities
  • Alternatives considered and rejection reasons
  • Regulatory compliance alignment

Fulfill Transparent Accountability

Technical Specification Summary

Key Technical Parameters

Timestamp

μsec

IEEE 1588 PTP

Throughput

10K/sec

Max Rate

Hash

SHA-256

Cryptographic

Signature

Ed25519

+Dilithium PQC

OT Env

Air-Gap

Offline OK

Retention

20-40Y

Regulatory

Tolerance

Fail-Safe

Control OK

Latency

Zero

Async

Roadmap

EIP Development Timeline

2026 Q2

EIP Draft Specification v0.1 Release

2026 Q3

Technical Validation with Utilities

2026 Q4

NERC/FERC (NA), ENTSO-E (EU) Briefing

2027 Q1

EIP v1.0 Official Release

2027 Q2

IEC TC 57 Collaboration Start

2027+

IEEE/IEC Standardization Activities

VAP/VSO Relationship

Framework Hierarchy

VAP

Verifiable AI Provenance

Universal Framework for All Domains

VSO

VeritasChain Standards Organization

Standards Body

VCP

Finance

v1.0 Released

DVP

Automotive

Planned

MAP

Medical

Planned

EIP

Energy

In Development

PAP

Public Sector

Planned

Related Industry Standards

Integration with Existing Standards

Standard Role EIP Relationship
IEC 61850 Substation Automation Communication EIP complements AI decision layer
IEC 61968/61970 (CIM) Power System Information Model EIP events reference CIM objects
DNP3 / Modbus SCADA Communication Protocols EIP operates above protocol layer
OPC UA Industrial Communication Standard Integrates as EIP event source
IEEE C37.118 Synchrophasor Measurement PMU data recorded as EIP input

Get Involved with EIP

EIP is currently under development. We welcome participation and feedback from utilities, regulators, and infrastructure operators.

View VAP GitHub Participate
"When the power grid collapses, the question isn't 'whose fault is it?' — it's 'why did it happen?'"
— VeritasChain Standards Organization
"The grid never forgets. Neither should our audit trails."

This work is licensed under CC BY 4.0 International