Environmental Security Technology Certification Program (ESTCP)

Objective
The objective of this project is to successfully demonstrate an Intrusion Tolerant Cyber-secure defense-in-depth of an electrical power plant against attacks representative of Tier V/Nation-state actors. This project will demonstrate to the Department of Defense (DOD) and commercial energy providers a new capability to mitigate and recover quickly from online and insider cyber activities directed against SCADA (Supervisory Control and Data Acquisition) infrastructure. The intrusion tolerant focus of our demonstration will show how new technologies employed in a defense-in-depth configuration enable a utility grid SCADA system to “fight through” an attack without disruption of services. This combination of emerging and existing technologies will both improve current methodology and best practices and set new guidelines and techniques for capitalizing on emerging technologies and processes tested by the Defense Advanced Research Projects Agency (DARPA) and the Director, Operational Test and Evaluation (DOT&E).

READ MORE: https://serdp-estcp.org/Program-Areas/Energy-and-Water/Energy/Microgrids-and-Storage/EW-201607

Critical Energy Infrastructure Cyber Defense-in-Depth Project EW-201607

“Critical Energy Infrastructure Cyber Defense-in-Depth” by  Mr. Kevin Jordan
Industrial control systems (ICS) within critical energy infrastructure are vulnerable to nation state actors and subject to advanced persistent threats.  Currently, the “Code of Best Practices” approach is being used to defend against ICS intrusion.  This presentation includes a discussion of the shortcoming of this approach, and how a fault and intrusion tolerant approach would mitigate the risks associated with even the most sophisticated cyber threats.  We are engaged in a public-private partnership sponsored by the ESTCP to demonstrate an approach to secure ICS of an electric utility. 
Our approach will incorporate five technologies in a layered defense from the Internet to the generator.  Our demonstration if successful will show how fault and intrusion tolerant systems can ensure greater resiliency and enable critical ICS to continue to function effectively under attack.

Executive Summary of the Results
Unauthorized access to an Operations Technology (OT) network of a US utility company by a cyber adversary is a worst-case scenario for critical infrastructure protection. And yet, we face this pervasive threat daily on a national scale. An active and aware cyber defense-in-depth of critical infrastructure is crucial to closing this vulnerability. To address this capability gap, Resurgo, LLC, as the Prime Contractor, and its partners: Johns Hopkins University, Spread Concepts LLC, Pacific Northwest National Laboratory, Sandia National Laboratories, and the Hawaiian Electric Company, conducted the first ever successful test of an aware, fault and intrusion tolerant defense of an OT network in a functional machine-in-the-loop emulation of a utility control system. This fault and intrusion tolerant experiment, sponsored by the Environmental Security Technology Certification Program (ESTCP) and entitled “Critical Energy Infrastructure Cyber Defense-in-Depth”, was conducted at the Pacific Northwest National Laboratory (PNNL), 27 March through 7 April 2017. The aligned sensor experiment was conducted simultaneously with funding provided by the Assistant Secretary of Defense for Research and Engineering (ASD(R&E)) Cyber Transition to Practice (CTP) Program. 

READ MORE: FITGrid Defense of Utility Grid