Skip to content

Cyber & Physical Incident

Detection Standard Format

The Incident Detection Message Exchange Format (IDMEFv2) is a universal format to describe events and incidents detected on cyber and/or physical infrastructures.

Latest Posts


IDMEFv2 can describe any incident cyber and/or physical as well as natural and man made hazards.


IDMEFv2 has been design with simplicity in mind. It needs to be understand all the way to the security operator.


Extension is simple through attachment class and attributes extension.

Critical Infrastructure Security

Learn how IDMEFv2 solves many security monitoring problems encountered in CPS (Cyber Physical Systems) critical infrastructure.

Smart Systems

Learn why IDMEFv2 is well adapted for smart systems incident detection.


“”The use of the IDMEFv2 format was essential for our experiments. About thirty technical modules of our system architecture are able to communicate each other thanks to this format in a very effective and seamless way. We are looking forward to supporting a future standardization.“”

Gabriele Giunta – project coordinator and expert in security of critical infrastructure – ENGINEERING

Our security monitoring systems are still extremely compartmentalized. The format IDMEFv2, by its universality, therefore fills a void in incident detection. Ultimately, it should make it possible to improve incident prevention/detection/reaction, in particular on sensitive sites and critical infrastructures, while reducing monitoring security costs thanks to the obvious possibilities of convergence and pooling”

Gilles Lehmann – Cyber & Physical Security Architect – Telecom Sud Paris

The IDMEFv2 format should help bringing together the management of cyber and physical security to prepare IS players and managers to face ever more agile threats. It’s a real technological rupture with endless possibilities

Philippe Tourron – Project coordinator and CISO & SSI risk and crisis trainer at APHM (Public Hospital in Marseille)