The U.S. Department of Energy’s (DOE) Innovation for Increasing Cybersecurity for Energy Delivery Systems (CEDS) program assists energy sector asset owners by “developing cybersecurity solutions for energy delivery systems through integrated planning and a focused research and development effort.”
Under the CEDS program, SEL has partnered with utilities and national laboratories across the country to identify, design, and test new solutions for protecting critical infrastructure from cyber attacks, including the following:
A framework uses widely available security functions and protocols, like IPsec (to form a secure communications channel) and Syslog (to exchange security log messages). Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the entire system.
A whitelist antivirus solution for control systems establishes a security baseline and automatically searches for and denies deviations from that baseline. Exe-GUARD can be integrated with substation-hardened computers and communication processors, minimizing the need for frequent decommissioning, security patches, and signature updates.
A low-power, small-sized dongle (or plug-in device) provides strong authentication, logging, alarming, and secure communications for intelligent electronic devices (IED) in the field operating at the distribution level.
A managed switch for the control system local-area network (LAN) uses whitelist filtering and performs deep packet inspection. Watchdog provides "all layer" inspection.
A cryptographic daughter card (CDC) incorporates into a serial bump-in-the-wire device and is easily applied to legacy or existing control system equipment without reconfiguration or reprogramming.
The CDC, which provides message integrity by wrapping original SCADA messages with a unique identifier and authenticator before sending, is validated under Federal Information Processing Standard (FIPS) 140-2.
An integrated cyber-physical access control system will simplify the process of managing access to energy delivery facilities.
The world’s first control system-focused, software-defined networking flow controller will allow utilities to centrally manage their local-area networks more securely, providing real-time awareness of cyber activity and rerouting network traffic in response to cyber intrusions.
A software-defined data radio will integrate existing SEL cybersecurity features for more secure "last mile" wireless communications used with remote energy delivery infrastructure, such as distribution substations.