To outsiders, energy is often considered a mundane industry that changes slowly, if at all. The reality is that the energy industry has been experiencing just as much digital transformation as most other modern industries, as energy producers and operators rush to digitize manual and mechanical processes so that they can better manage physical controls and improve operational performance.
While digital transformation is helping companies in the energy industry become more agile and efficient, it has also increased the industry’s overall cyber-attack surface.
Fortunately, the U.S. Department of Energy (DOE) is working to find ideas that will hopefully help reduce that attack surface. In March, the agency released the DOE Multiyear Plan for Energy Sector Cybersecurity. The plan aims to strengthen current energy delivery systems by helping companies in both private and public sectors prioritize their security activities and implement cybersecurity processes. It also hopes to develop “game-changing solutions that will create inherently secure, resilient, and self-defending energy systems for tomorrow.”
With those ends in mind, the DOE recently announced awards of up to $28 million aimed at the research, development and demonstration of next-generation cybersecurity technologies for the critical energy infrastructure. The funding comes from the Office of Cybersecurity, Energy Security, and Emergency Response’s (CESER) Cybersecurity for Energy Delivery Systems (CEDS) Division.
Research partnerships will create and (hopefully) make available innovative technologies that help prevent, detect and mitigate cyber attacks. “The teams will pursue innovative approaches such as redesigning the current architecture that exposes the energy grid to cyber threats so that existing and future energy delivery systems can detect adversarial actions and adapt to survive while continuing to support critical functions,” the DOE said in its news announcement.
Here are a number of the award winners:
Cyber Resilient Flexible AC Transmission Systems (FACTS)
The project team will leverage power grid physics, computer science and power engineering principles to develop methods and defense-in-depth cybersecurity solutions for FACTS and related devices to mitigate risks from cyber attacks directed towards FACTS controllers, stations and the power grid. The result of the project will be cybersecurity-enhanced FACTS controllers via a firmware update.
Time-Sensitive Quantum Key Distribution
The project team will integrate Time-Sensitive Networking (TSN) with Quantum Key Distribution (QKD) to increase availability, strengthen integrity and reveal attempted intrusions in real time for power grid communications.
The Ambassador Project
The project team will develop security orchestration for a software-defined networking (SDN) flow controller that will provide complete network visibility, situational awareness, automated flows creation and active defense measures for detected threats in the operational network.
Deep Cyber-Physical Situational Awareness for Energy Systems: A Secure Foundation for Next-Generation Energy Management
The project team will develop a next-generation secure energy management system (EMS) that can detect malicious and abnormal events through fusion of cyber and physical data and algorithms, effective integrated analytics and visualization.
Automated Configuration Analysis Tool for the Oil and Natural Gas Environment
The project team will develop an automated configuration analysis tool for ONG that provides a secure means to examine device configurations, audit system settings, define security policies and obtain reporting.
Previously, the CEDS program developed and transitioned 35 technologies that made their way into the energy industry. You can read more about those successes in this report: CEDS R&D: From Innovation to Practice – Redesigning Energy Delivery Systems to Survive Cyber Attacks.
*** This is a Security Bloggers Network syndicated blog from Cybersecurity Matters – DXC Blogs authored by Cybersecurity Matters. Read the original post at: https://blogs.dxc.technology/2018/10/11/u-s-doe-seeks-innovative-cybersecurity-technologies/