Skip to content

Physical & Cyber Incident

Detection Standard Format

The Incident Detection Message Exchange Format (IDMEFv2) is a universal format to describe events and incidents detected on cyber and/or physical infrastructures.

Latest Posts


IDMEFv2 can describe any incident cyber and/or physical as well as natural and man made hazards.


IDMEFv2 has been design with simplicity in mind. It needs to be understand all the way to the security operator.


Extension is simple through attachment class and attributes extension.

Critical Infrastructure Security

Learn how IDMEFv2 solves many security monitoring problems encountered in CPS (Cyber Physical Systems) critical infrastructure.

Smart Systems

Learn why IDMEFv2 is well adapted for smart systems incident detection.


“”The use of the IDMEFv2 format was essential for our experiments. About thirty technical modules of our system architecture are able to communicate each other thanks to this format in a very effective and seamless way. We are looking forward to supporting a future standardization.“”

Gabriele Giunta – project coordinator and expert in security of critical infrastructure – ENGINEERING

Our security monitoring systems are still extremely compartmentalized. The format IDMEFv2, by its universality, therefore fills a void in incident detection. Ultimately, it should make it possible to improve incident prevention/detection/reaction, in particular on sensitive sites and critical infrastructures, while reducing monitoring security costs thanks to the obvious possibilities of convergence and pooling”

Gilles Lehmann – Cyber & Physical Security Architect – Telecom Sud Paris

The overall security of critical infrastructures and sensitive sites has become a cross-cutting subject ifor us. The use if IDMEFv2 in our monitoring solutions is giving us a unify view of critical infrastructure security. It’s a real technological rupture with endless possibilities

Thomas Andrejak – CTO of the Defense & Security Business Unit of CS Group.