National Library of Energy BETA

Sample records for grid cyber security

  1. Cyber Security & Smart Grid 

    E-Print Network [OSTI]

    Shapiro, J.

    2011-01-01

    and interoperability ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Cyber Vulnerabilities In The Legacy Power Grid ? SCADA Security ? Supervisory Control and Data Acquisition (SCADA) systems are used extensively to control and monitor the national... & Smart Grid Jonathan Shapiro Texas Institute The Clean Air Through Energy Efficiency (CATEE) Conference Cyber Security & Smart Grid ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Cyber Security and The Smart Grid Networks...

  2. Cyber Security in Smart Grid Substations

    E-Print Network [OSTI]

    Utrecht, Universiteit

    Cyber Security in Smart Grid Substations Thijs Baars Lucas van den Bemd Michail Theuns Robin van.089 3508 TB Utrecht The Netherlands #12;CYBER SECURITY IN SMART GRID SUBSTATIONS Thijs Baars T.Brinkkemper@uu.nl Abstract. This report describes the state of smart grid security in Europe, specifically the Netherlands

  3. Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid

    E-Print Network [OSTI]

    Lee, Eun Kyu

    2014-01-01

    Electric Sector Cyber- security Organization Resource (Grid Interoperability Panel - Cyber Security Working Group.Guidelines for Smart Grid Cyber Security. Sep. 2010. [84] M.

  4. Cyber-Physical Systems Security for Smart Grid

    E-Print Network [OSTI]

    Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy

  5. Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid

    E-Print Network [OSTI]

    Lee, Eun Kyu

    2014-01-01

    Security in Wireless Smart Grid . . . . . . . . . . . . . . . .Guidelines for Smart Grid Cyber Security. Sep. 2010. [84] M.Control in Smart Grid Cyber security is one of the cross-

  6. Cyber-Physical Systems Security for Smart Grid

    E-Print Network [OSTI]

    Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy Acknowledgements This white paper was developed as one of nine white papers in the project "The Future Grid

  7. Triggering Control Methods for Cyber-Physical Systems : : Security & Smart Grid Applications

    E-Print Network [OSTI]

    Foroush, Hamed Shisheh

    2014-01-01

    myths and facts behind cyber security risks for industrialMethods for Cyber-Physical Systems: Security & Smart GridMethods for Cyber-Physical Systems: Security & Smart Grid

  8. Triggering Control Methods for Cyber-Physical Systems : : Security & Smart Grid Applications

    E-Print Network [OSTI]

    Foroush, Hamed Shisheh

    2014-01-01

    applications, e.g. , security and smart grid, and on theCyber-Physical Systems: Security & Smart Grid Applications APhysical Systems: Security & Smart Grid Applications by

  9. SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Estimators in SCADA systems is scrutinized. Index Terms--Cyber-Security, SCADA Systems, AGC, State Estimators in our society [1]. Large power systems are nowadays very complex and tightly coupled with the SCADA

  10. CyberPhysical System Security for the Electric Power Grid

    E-Print Network [OSTI]

    Manimaran, Govindarasu

    INVITED P A P E R Cyber­Physical System Security for the Electric Power Grid Control in power for the power grid as the functional composition of the following: 1) the physical Manuscript received June 29 | The development of a trustworthy smart grid requires a deeper understanding of potential impacts resulting from

  11. A Real-Time Testbed Environment for Cyber-Physical Security on the Power Grid

    E-Print Network [OSTI]

    Koutsandria, Georgia; Gentz, Reinhard; Jamei, Mahdi; Peisert, Sean; Scaglione, Anna; McParland, Chuck

    2015-01-01

    Physical Security on the Power Grid Georgia KoutsandriaSecurity Testbeds: Architecture, Application, and Evaluation for Smart Grid.and security of cyber-physical systems (CPSs), such as the power grid,

  12. GridStat – Cyber Security and Regional Deployment Project Report

    SciTech Connect (OSTI)

    Clements, Samuel L.

    2009-02-18

    GridStat is a developing communication technology to provide real-time data delivery services to the electric power grid. It is being developed in a collaborative effort between the Electrical Power Engineering and Distributed Computing Science Departments at Washington State University. Improving the cyber security of GridStat was the principle focus of this project. A regional network was established to test GridStat’s cyber security mechanisms in a realistic environment. The network consists of nodes at Pacific Northwest National Laboratory, Idaho National Laboratory, and Washington State University. Idaho National Laboratory (INL) was tasked with performing the security assessment, the results of which detailed a number or easily resolvable and previously unknown issues, as well as a number of difficult and previously known issues. Going forward we recommend additional development prior to commercialization of GridStat. The development plan is structured into three domains: Core Development, Cyber Security and Pilot Projects. Each domain contains a number of phased subtasks that build upon each other to increase the robustness and maturity of GridStat.

  13. Bio-Inspired Cyber Security for Smart Grid Deployments

    SciTech Connect (OSTI)

    McKinnon, Archibald D.; Thompson, Seth R.; Doroshchuk, Ruslan A.; Fink, Glenn A.; Fulp, Errin W.

    2013-05-01

    mart grid technologies are transforming the electric power grid into a grid with bi-directional flows of both power and information. Operating millions of new smart meters and smart appliances will significantly impact electric distribution systems resulting in greater efficiency. However, the scale of the grid and the new types of information transmitted will potentially introduce several security risks that cannot be addressed by traditional, centralized security techniques. We propose a new bio-inspired cyber security approach. Social insects, such as ants and bees, have developed complex-adaptive systems that emerge from the collective application of simple, light-weight behaviors. The Digital Ants framework is a bio-inspired framework that uses mobile light-weight agents. Sensors within the framework use digital pheromones to communicate with each other and to alert each other of possible cyber security issues. All communication and coordination is both localized and decentralized thereby allowing the framework to scale across the large numbers of devices that will exist in the smart grid. Furthermore, the sensors are light-weight and therefore suitable for implementation on devices with limited computational resources. This paper will provide a brief overview of the Digital Ants framework and then present results from test bed-based demonstrations that show that Digital Ants can identify a cyber attack scenario against smart meter deployments.

  14. ON THE USE OF CYBER-PHYSICAL HIERARCHY FOR SMART GRID SECURITY AND EFFICIENT CONTROL

    E-Print Network [OSTI]

    Kundur, Deepa

    ON THE USE OF CYBER-PHYSICAL HIERARCHY FOR SMART GRID SECURITY AND EFFICIENT CONTROL Jin Wei, Deepa in information delay. Index Terms-- cyber-physical system security, smart grid hier- archy, flocking theory. 1 Station, TX 77843, USA ABSTRACT We study the application of cyber-physical hierarchy on a class of smart

  15. Survey Paper Cyber security in the Smart Grid: Survey and challenges q

    E-Print Network [OSTI]

    Wang, Wenye

    Survey Paper Cyber security in the Smart Grid: Survey and challenges q Wenye Wang , Zhuo Lu Accepted 29 December 2012 Available online 17 January 2013 Keywords: Smart Grid Cyber security Attacks and countermeasures Cryptography Security protocols a b s t r a c t The Smart Grid, generally referred to as the next

  16. Cyber-Security Considerations for the Smart Grid

    SciTech Connect (OSTI)

    Clements, Samuel L.; Kirkham, Harold

    2010-07-26

    The electrical power grid is evolving into the “smart grid”. The goal of the smart grid is to improve efficiency and availability of power by adding more monitoring and control capabilities. These new technologies and mechanisms are certain to introduce vulnerabilities into the power grid. In this paper we provide an overview of the cyber security state of the electrical power grid. We highlight some of the vulnerabilities that already exist in the power grid including limited capacity systems, implicit trust and the lack of authentication. We also address challenges of complexity, scale, added capabilities and the move to multipurpose hardware and software as the power grid is upgraded. These changes create vulnerabilities that did not exist before and bring increased risks. We conclude the paper by showing that there are a number mitigation strategies that can help keep the risk at an acceptable level.

  17. Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability 

    E-Print Network [OSTI]

    Ragsdale, G.

    2010-01-01

    Cyber Security: Ensuring Security While Promoting Interoperability Communications and Embedded Systems Department Southwest Research Institute Gary Ragsdale, Ph.D., P.E. August 24 ? 25, 2010 ESL-HH-10-08-09 Proceedings of the 17th Symposium... for Improving Building Systems in Hot and Humid Climates Austin Texas August 24-25, 2010 Southwest Research Institute 1947 J. Dan Bates 2009 ? 60+ years, founded 1947 ? 3200+ employees ? 4000+ R&D projects/yr. ? $500M revenue ? 1200 acres ? 170 buildings...

  18. Cyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer

    E-Print Network [OSTI]

    Mueller, Frank

    Cyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer Dept security challenges for a fu- ture power grid. It highlights deficiencies and shortcom- ings of existing and fault resilience of power as a utility must be a prime objective for power grids. Security compromises

  19. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    SciTech Connect (OSTI)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  20. A Real-Time Testbed Environment for Cyber-Physical Security on the Power Grid

    E-Print Network [OSTI]

    Koutsandria, Georgia; Gentz, Reinhard; Jamei, Mahdi; Peisert, Sean; Scaglione, Anna; McParland, Chuck

    2015-01-01

    and D. Nicol. SCADA Cyber Security Testbed Development. InOperation, Control and Cyber Security. In Proc. of the Northfully simulated testbed for cyber security of SCADA systems.

  1. INSTITUTE FOR CYBER SECURITY Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Cyber Security: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio August-world impact #12;INSTITUTE FOR CYBER SECURITY Institute for Cyber Security Founded June 2007: still in start

  2. Cyber Security Summer School: Lessons for the Modern Grid

    Broader source: Energy.gov [DOE]

    The Energy Department has partnered with a university-based project performing cutting-edge research to improve the way electric infrastructure is built, increasing the security and reliability of the grid.

  3. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Milos Manic

    2012-08-01

    The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

  4. PSERC Webinar Series: Issues in Designing the Future Grid - Cyber...

    Office of Environmental Management (EM)

    Grid," focusing on the information hierarchy for the future grid and grid enablers of sustainable energy systems. The second webinar, Cyber-Physical Systems Security for the...

  5. A Real-Time Testbed Environment for Cyber-Physical Security on the Power Grid

    E-Print Network [OSTI]

    Koutsandria, Georgia; Gentz, Reinhard; Jamei, Mahdi; Peisert, Sean; Scaglione, Anna; McParland, Chuck

    2015-01-01

    T. Overbye, and D. Nicol. SCADA Cyber Security TestbedA Testbed for Secure and Robust SCADA Systems. SIGBED Rev. ,for Analyzing Security of SCADA Control Systems (TASSCS). In

  6. cyber security guru

    E-Print Network [OSTI]

    Sandhu, Ravi

    cyber security guru By: Virginia Scott Posted: 4/17/07 UTSA has received a grant from the Texas Emerging Fund to create an institute for cyber security research. According to UTSA industry and educational initiatives in Texas. The creation of UTSA's Institute for Cyber Security Research

  7. Information Security: Coordination of Federal Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Information Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO...

  8. Information Security: Coordination of Federal Cyber Security...

    Office of Environmental Management (EM)

    Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that...

  9. Cyber Security Architecture Guidelines

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-03-08

    This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

  10. Mathematical and Statistical Opportunities in Cyber Security

    E-Print Network [OSTI]

    Meza, Juan

    2009-01-01

    development approach to cyber security. Report submitted to2007. Committee on Improving Cyber- security Research in theOpportunities in Cyber Security ? Juan Meza † Scott

  11. Departmental Cyber Security Management Policy

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-05-08

    The Departmental Cyber Security Management (DCSM) Policy was developed to further clarify and support the elements of the Integrated Safeguards and Security Management (ISSM) Policy regarding cyber security. Certified 9-23-10. No cancellation.

  12. Cyber Security and Resilient Systems

    SciTech Connect (OSTI)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

  13. 2014 Headquarters Facilities Master Security Plan- Chapter 14, Cyber Security

    Broader source: Energy.gov [DOE]

    2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security Describes the DOE Headquarters Cyber Security Program.

  14. Metaphors for cyber security.

    SciTech Connect (OSTI)

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  15. INSTITUTE FOR CYBER SECURITY Security Models

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio August 2010 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY Security

  16. 2 Int. J. Security and Networks, Vol. Towards modelling the impact of cyber attacks

    E-Print Network [OSTI]

    Kundur, Deepa

    2 Int. J. Security and Networks, Vol. Towards modelling the impact of cyber attacks on a smart grid. Keywords: smart grid cyber security; cyber attack impact analysis; graph-based dynamical systems; smart and Computer Engineering at Texas A&M University. Her research interests include cyber security of the smart

  17. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation.

  18. Safeguards and Security and Cyber Security RM

    Office of Environmental Management (EM)

    using security measures such as badging, pre-employment investigation and fitness for duty, training, and security awareness? Cyber Security CS-1 Has the project...

  19. INSTITUTE FOR CYBER SECURITY Security Models

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio July 2009 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY 2 THE BIG

  20. INSTITUTE FOR CYBER SECURITY Security Models

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio July 2010 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY 2 THE BIG

  1. Cyber Security | National Security | ORNL

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    System-of-systems analysis Visualization tools for complex information Next-generation smart grid technologies Quantum computing, security, and data fusion For more information,...

  2. Headquarters Facilities Master Security Plan - Chapter 14, Cyber...

    Office of Environmental Management (EM)

    4, Cyber Security Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security June 2015 2015 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security...

  3. Using Operational Security (OPSEC) to Support a Cyber Security...

    Energy Savers [EERE]

    Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in...

  4. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01

    myths and facts behind cyber security risks for industrialJ. and Hieb, J. [2007], ‘Cyber security risk assessment forOn Cyber Security for Networked Control Systems by Saurabh

  5. The Cyber Security Crisis

    ScienceCinema (OSTI)

    Spafford, Eugene [Purdue University, West Lafayette, Indiana, United States

    2009-09-01

    Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness. This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight into causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for 'cyber self-defense.'

  6. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation. Admin Chg 1 dated 9-1-09.

  7. Cyber Security | More Science | ORNL

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    science-based approach that combines experimentation, theory, modeling, and high performance computing to solve some of the nation's cyber security grand challenges. Significant,...

  8. Extension of DOE Directive on Cyber Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-06-04

    DOE N 205.4, Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents, is extended until 6/4/04.

  9. Sandia Energy - Grid Cyber Vulnerability & Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Development of cyber security architectures and frameworks, including some for microgrids. Detailed vulnerability assessment of systems, devices, components, and procedures....

  10. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

  11. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

  12. Critical Infrastructure and Cyber Security 

    E-Print Network [OSTI]

    Doll, Abby; Pirrong, Renee; Jennings, Matthew; Stasny, George; Giblin, Andy; Shaffer, Steph; Anderson, Aimee

    2011-01-01

    cyber security. They designated responsibility for cyber-security to the newly formed Department of Homeland Security, a duty that has continued to today 3. The group was tasked with creating a method of protecting the critical components.... 2010. 15 Mar. 2011. http://www.d tic.mil/doctrine/new_pubs/jp1_02.pdf 10 Comments on the Economic and Security Implications Of Recent Developments in the World Oil Market , 107th Cong. (2000) (testimony of Robert E. Ebel). http...

  13. Cyber Security Research: A Personal Perspective

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 Cyber Security Research: A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed It will be messy but need not be chaotic! Cyber security research and practice are loosing ground © Ravi Sandhu 2 with Real-World Impact! Cyber Security Scope #12; What is fundamental to cyber security? Where

  14. ITL BULLETIN FOR OCTOBER 2010 CYBER SECURITY STRATEGIES FOR THE SMART GRID: PROTECTING THE

    E-Print Network [OSTI]

    the Smart Grid is available from the NIST Web page http://nist.gov/smartgrid/. Identification of Standards

  15. Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid

    E-Print Network [OSTI]

    Lee, Eun Kyu

    2014-01-01

    twiki-sggrid/bin/view/SmartGrid/ SGIPSemanticModelSGAC. [4]periods [42]. http://www.iec.ch/smartgrid/standards/ http://

  16. INL@Work Cyber Security

    SciTech Connect (OSTI)

    Chaffin, May

    2010-01-01

    May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

  17. INL@Work Cyber Security

    ScienceCinema (OSTI)

    Chaffin, May

    2013-05-28

    May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

  18. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes minimum implementation standards for cyber security management processes throughout the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B. No cancellations.

  19. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  20. NERSC Cyber Security Challenges That Require DOE Development and Support

    E-Print Network [OSTI]

    Draney, Brent; Campbell, Scott; Walter, Howard

    2008-01-01

    LBNL-62284 NERSC Cyber Security Challenges That Require DOEtools designed to meet the cyber security needs of High

  1. Cyber Security Basic Defenses and Attack Trends

    E-Print Network [OSTI]

    Sastry, S. Shankar

    37 38 39 40 41 4273 MTC 4 Cyber Security Basic Defenses and Attack Trends Alvaro A. Cárdenas, Tanya for a successful defense. Cyber security is the branch of security dealing with digital or information technology.1 This chapter presents a selected overview on topics in cyber security. 1. Throughout the chapter, we use

  2. INSTITUTE FOR CYBER SECURITY Purpose-Centric

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Purpose-Centric Secure Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security (ICS) University of Texas at San Antonio September 2009 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY Butler

  3. Cyber Security via Signaling Games: Toward a Science of Cyber Security

    E-Print Network [OSTI]

    Mishra, Bud

    Cyber Security via Signaling Games: Toward a Science of Cyber Security W. Casey, J.A. Morales, T to address various cyber security problems involving exchange of information (asymmetrically). This research challenge in defining a science of cyber-security derives from the peculiar aspects of the field

  4. Security for grids

    E-Print Network [OSTI]

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-01-01

    differences between Grid security and host or site securityof requirements for Grid security in order to achieve thecompletely. Index Terms — Grid security, authentication,

  5. Extension of DOE Directive on Cyber Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-07-06

    This Notice extends DOE N 205.4, Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents, dated 3-18-02, until 7-6-05.

  6. Visualizing Cyber Security: Usable Workspaces

    SciTech Connect (OSTI)

    Fink, Glenn A.; North, Christopher L.; Endert, Alexander; Rose, Stuart J.

    2009-10-11

    An environment that supports cyber analytics work should enable multiple, simultaneous investigations, information foraging, and provide a solution space for organizing data. We describe our study of cyber security professionals and visualizations in a large, high-resolution display work environment. We discuss the tasks and needs of analysts that such an environment can support and present several prototypes designed to support these needs. We conclude with a usability evaluation of the prototypes and additional lessons learned.

  7. Institute for Cyber Security Prof. Ravi Sandhu

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 Institute for Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair February 4 Engineering College of Engineering Institute for Cyber Security Hallmarks · Diversity · Maturity · Excellence Hispanic minority serving institution Maturity Major and sustained push in cyber security since 2000

  8. Third Annual Cyber Security and Information

    E-Print Network [OSTI]

    Krings, Axel W.

    Third Annual Cyber Security and Information Infrastructure Research Workshop May 14-15, 2007 TOWARDS COMPREHENSIVE STRATEGIES THAT MEET THE CYBER SECURITY CHALLENGES OF THE 21ST CENTURY Frederick Sheldon, Axel Krings, Seong-Moo Yoo, and Ali Mili (Editors) #12;CSIIRW07: Cyber Security and Information

  9. Cyber Security Grand Challenges and Prognosis

    E-Print Network [OSTI]

    Sandhu, Ravi

    Cyber Security Grand Challenges and Prognosis Prof. Ravi Sandhu Executive Director and Institute for Cyber Security Executive Director and Endowed Chair ravi.sandhu@utsa.edu www.profsandhu.com www.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real Cyber Security Grand Challenges and Prognosis Prof. Ravi

  10. October 2012 Cyber Security Test Bed

    E-Print Network [OSTI]

    McShea, Daniel W.

    1 October 2012 Cyber Security Test Bed Project Leads Brent Rowe, RTI International The inadequacy of U.S. small and medium businesses' cyber security poses great risk to these businesses and to all U.S. organizations and individuals.1 To test strategies for improving the level of cyber security

  11. Towards Secure Information Sharing Models for Community Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University of Texas at San Antonio #12;Secure Information ­ Security mechanisms such as authentication, cryptography, trusted hardware, etc. #12;Community Cyber

  12. Before the House Subcommittee on Emerging Threats, Cyber Security...

    Office of Environmental Management (EM)

    Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and...

  13. INSTITUTE FOR CYBER SECURITY Application-Centric Security Models

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio July 2009 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY Dr. Robert W. Gracy Vice President

  14. INSTITUTE FOR CYBER SECURITY Application-Centric Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio

  15. Towards Secure Information Sharing Models for Community Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu Dept. of Computer Science Institute for Cyber Security University of Texas at San Antonio Email: ravi.sandhu@utsa.edu Ram Krishnan Dept. of Electrical and Computer Engineering Institute for Cyber Security University

  16. INSTITUTE FOR CYBER SECURITY Application-Centric Security Models

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio June 2009 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY Dr. Robert W. Gracy Vice President

  17. Networked Loads in the Distribution Grid

    E-Print Network [OSTI]

    Wang, Zhifang; Li, Xiao; Muthukumar, Vishak; Scaglione, Anna; Peisert, Sean; McParland, Chuck

    2012-01-01

    A. Frincke. Smart-Grid Security Issues. IEEE Security &review on smart grid cyber security. Technical Report

  18. The Future of Cyber Security Prof. Ravi Sandhu

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair ravi! Institute for Cyber Security #12;Cyber technologies and systems have evolved Cyber security goals have TO Coupled and integrated Information assurance Mission assurance Cyber security research/practice have

  19. The Future of Cyber Security Prof. Ravi Sandhu

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director February 2010 ravi! Institute for Cyber Security #12;Good News, Bad News Cyber security profession will not disappear Cyber New attacks Old technologies New technologies #12;Productivity-Security Number 1 cyber-centric nation

  20. Department of Energy Cyber Security Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2006-12-04

    The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

  1. Department of Energy Cyber Security Management Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-03-21

    The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

  2. Microgrid cyber security reference architecture.

    SciTech Connect (OSTI)

    Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

    2013-07-01

    This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

  3. Lessons Learned from Cyber Security Assessments of SCADA and...

    Office of Environmental Management (EM)

    Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems...

  4. Evaluation Report on The Department's Unclassified Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Report on The Department's Unclassified Cyber Security Program 2002, DOEIG-0567 Evaluation Report on The Department's Unclassified Cyber Security Program 2002, DOEIG-0567 As...

  5. Office of Electricity Delivery and Energy Reliability Cyber Security...

    Energy Savers [EERE]

    Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections On...

  6. NNSA Seeking Comments on Consolidated IT and Cyber Security Support...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013...

  7. Challenges of Cyber Security Education at the Graduate Level

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 Challenges of Cyber Security Education at the Graduate Level Ravi Sandhu Executive Director World-Leading Research with Real-World Impact! Institute for Cyber Security #12;Cyber technologies and systems have evolved Cyber security goals have evolved Computer security Information security

  8. THE ADVANCED COURSE IN ENGINEERING ON CYBER A Learning Community for Developing Cyber-Security Leaders

    E-Print Network [OSTI]

    THE ADVANCED COURSE IN ENGINEERING ON CYBER SECURITY A Learning Community for Developing Cyber-Security: The Advanced Course in Engineering on Cyber Security (ACE-CS) is a public-private partnership to develop top ROTC cadets into the next generation of cyber security leaders. Modeled after the General Electric

  9. THE ADVANCED COURSE IN ENGINEERING ON CYBER A Learning Community for Developing Cyber-Security Leaders

    E-Print Network [OSTI]

    Older, Susan

    THE ADVANCED COURSE IN ENGINEERING ON CYBER SECURITY A Learning Community for Developing Cyber-Security in Engineering on Cyber Security (ACE-CS) is a public- private partnership to develop top ROTC cadets into the next generation of cyber security leaders. Modeled after the General Electric Advanced Course

  10. Challenges of Cyber Security Education at the

    E-Print Network [OSTI]

    Sandhu, Ravi

    for Graduate education in many high-tech high What is special about cyber security? Inertia will not fix-Leading Research with Real This is a challenge for Graduate education tech high-touch areas. What is special about with Real-World Impact! #12;Graduate Cyber Security Education Tech- Light Tech- Medium World

  11. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01

    Analysis of electric grid security under terrorist threat’,and a guideline to smart grid security in NIST-IR 7628. Al-the current security posture of the power grid, (2) develop

  12. Mathematical and Statistical Opportunities in Cyber Security

    E-Print Network [OSTI]

    Meza, Juan; Bailey, David

    2009-01-01

    The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question "What fundamental problems exist within cyber security research that can be helped by advanced mathematics and statistics?" Our first and most important assumption is that access to real-world data is necessary to understand large and complex systems like the Internet. Our second assumption is that many proposed cyber security solutions could critically damage both the openness and the productivity of scientific research. After examining a range of cyber security problems, we come to the conclusion that the field of cyber security poses a rich set of new and exciting research opportunities for the mathematical and statistical sciences.

  13. The Science, Engineering, and Business of Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security COS Research Conference October-Leading Research with Real-World Impact! Institute for Cyber Security #12;Founded in 2007 to be a world leader

  14. The Science, Engineering, and Business of Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas at San Sandhu World-Leading Research with Real-World Impact! Institute for Cyber Security 1 #12;© Ravi Sandhu 2

  15. Cyber Security Major R&D Challenges Ram Krishnan

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 Cyber Security Major R&D Challenges Ram Krishnan http://engineering.utsa.edu/~krishnan/ Cyber Security Research Institute (CSRI) Cyber Security R&D Workshop April 19-20, 2012 World-Leading Research with Real-World Impact! Institute for Cyber Security Prof. Ravi Sandhu conveys his regrets for inability

  16. The Science, Engineering, and Business of Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas at San.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real-World Impact! Institute for Cyber Security 1 #12;© Ravi

  17. Cyber Security Testing and Training Programs for Industrial Control Systems

    SciTech Connect (OSTI)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  18. Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2002-03-18

    To establish Department of Energy (DOE) requirements and responsibilities for reporting cyber security incidents involving classified and unclassified systems and responding to cyber security alerts and advisories; and to implement requirements of DOE N 205.1, Unclassified Cyber Security Program, and DOE M 471.2-2, Classified Information Systems Security Manual. DOE N 205.13, dated 7-6-04, extends this notice until 7-6-05. Cancels DOE M 471.2-2, Chapter III, section 8.

  19. Grid Security

    E-Print Network [OSTI]

    Sinnott, R.O.

    Sinnott,R.O. National Centre for e-Social Science book, Grid Computing: Technology, Service and Application, CRC Press, November 2008.

  20. Cyber Security Audit and Attack Detection Toolkit

    SciTech Connect (OSTI)

    Peterson, Dale

    2012-05-31

    This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

  1. A Hierarchical Security Architecture for Cyber-Physical Systems

    SciTech Connect (OSTI)

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  2. Assistant Professor of Computer Science, specializing in Cyber Security

    E-Print Network [OSTI]

    Assistant Professor of Computer Science, specializing in Cyber Security AD-1701-03 Department entering the Cyber Corps, and a few PhD students. They are all exceptional. We specialize in cyber security of San Jose and Silicon Valley and very well connected in the U.S. Navy and DOD cyber security and big

  3. Formulating Cyber-Security as Convex Optimization Problems

    E-Print Network [OSTI]

    Vigna, Giovanni

    The Flag (iCTF) hacking competition. Keywords: Cyber-Security, Convex Optimization, System Identifica- tion shopping, business-to-business transactions, etc. The disruption to cyber-missions can thus result in cyber

  4. Realizing Scientific Methods for Cyber Security

    SciTech Connect (OSTI)

    Carroll, Thomas E.; Manz, David O.; Edgar, Thomas W.; Greitzer, Frank L.

    2012-07-18

    There is little doubt among cyber security researchers about the lack of scientic rigor that underlies much of the liter-ature. The issues are manifold and are well documented. Further complicating the problem is insufficient scientic methods to address these issues. Cyber security melds man and machine: we inherit the challenges of computer science, sociology, psychology, and many other elds and create new ones where these elds interface. In this paper we detail a partial list of challenges imposed by rigorous science and survey how other sciences have tackled them, in the hope of applying a similar approach to cyber security science. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.

  5. Designed-in Security for Cyber-Physical Systems

    E-Print Network [OSTI]

    Peisert, Sean; Margulies, Jonathan; Nicol, David M; Khurana, Himanshu; Sawall, Chris

    2014-01-01

    ROUNDTABLE Designed-in Security for Cyber-Physical Systemsin security”: one from academia, one from a cyber-physicalcyber inci- dent while sustaining critical func- tions. ” Without designed-in security

  6. Protecting Intelligent Distributed Power Grids against Cyber Attacks

    SciTech Connect (OSTI)

    Dong Wei; Yan Lu; Mohsen Jafari; Paul Skare; Kenneth Rohde

    2010-12-31

    Like other industrial sectors, the electrical power industry is facing challenges involved with the increasing demand for interconnected operations and control. The electrical industry has largely been restructured due to deregulation of the electrical market and the trend of the Smart Grid. This moves new automation systems from being proprietary and closed to the current state of Information Technology (IT) being highly interconnected and open. However, while gaining all of the scale and performance benefits of IT, existing IT security challenges are acquired as well. The power grid automation network has inherent security risks due to the fact that the systems and applications for the power grid were not originally designed for the general IT environment. In this paper, we propose a conceptual layered framework for protecting power grid automation systems against cyber attacks. The following factors are taken into account: (1) integration with existing, legacy systems in a non-intrusive fashion; (2) desirable performance in terms of modularity, scalability, extendibility, and manageability; (3) alignment to the 'Roadmap to Secure Control Systems in the Energy Sector' and the future smart grid. The on-site system test of the developed prototype security system is briefly presented as well.

  7. August 2012 CIP Report Focuses on Smart Grid Security

    Broader source: Energy.gov [DOE]

    The August 2012 issue of The CIP Report from George Mason University's Center for Infrastructure Protection and Homeland Security highlights the significance and challenges to securing the smart grid. The report includes an overview of smart grid security by Deputy Assistant Secretary Hank Kenchington and the findings for reducing cyber risks from the Workshop on Securing the Smart Grid: Best Practices in Supply Chain Security, Integrity, and Resilience.

  8. Embracing the Cloud for Better Cyber Security

    SciTech Connect (OSTI)

    Shue, Craig A; Lagesse, Brent J

    2011-01-01

    The future of cyber security is inextricably tied to the future of computing. Organizational needs and economic factors will drive computing outcomes. Cyber security researchers and practitioners must recognize the path of computing evolution and position themselves to influence the process to incorporate security as an inherent property. The best way to predict future computing trends is to look at recent developments and their motivations. Organizations are moving towards outsourcing their data storage, computation, and even user desktop environments. This trend toward cloud computing has a direct impact on cyber security: rather than securing user machines, preventing malware access, and managing removable media, a cloud-based security scheme must focus on enabling secure communication with remote systems. This change in approach will have profound implications for cyber security research efforts. In this work, we highlight existing and emerging technologies and the limitations of cloud computing systems. We then discuss the cyber security efforts that would support these applications. Finally, we discuss the implications of these computing architecture changes, in particular with respect to malware and social engineering.

  9. Control Systems Cyber Security Standards Support Activities

    SciTech Connect (OSTI)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  10. Cyber-Security of Networked Control Systems Karl Henrik Johansson

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    7/3/12 1 Cyber-Security of Networked Control Systems Karl Henrik Johansson #12;7/3/12 2 Recent Cyber-ARacks on Control Systems Cyber-Security of Networked to cyber-threats with many poten@al points of aRacks · How

  11. EL Program: Smart Grid Program Manager: David Wollman, Smart Grid and Cyber-Physical Systems

    E-Print Network [OSTI]

    EL Program: Smart Grid Program Manager: David Wollman, Smart Grid and Cyber-Physical Systems Program Office, Associate Program Manager: Dean Prochaska, Smart Grid and Cyber- Physical Systems Program [updated August 23, 2013] Summary: This program develops and demonstrates smart grid measurement science

  12. Speculations on the Future of Cyber Security in 2025

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 Speculations on the Future of Cyber Security in 2025 Prof. Ravi Sandhu Executive Director January with Real-World Impact! Institute for Cyber Security #12;Two Big Drivers Security can never hold back Cyber security is a young and immature field The attackers are more innovative than defenders

  13. INSTITUTE FOR CYBER SECURITY The PEI Framework for

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio May Presented by: Ram Krishnan, GMU #12;INSTITUTE FOR CYBER SECURITY Application Context Our Basic Premise

  14. Sandia Energy - Grid Cyber Vulnerability & Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity ofkandz-cm11 Outreach Home RoomPreservation of Fe(II)Geothermal Energy & Drilling Technology HomeGrid Cyber Vulnerability

  15. Cyber Security Audit and Attack Detection Toolkit: National SCADA...

    Energy Savers [EERE]

    National SCADA Test Bed May 2008 Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 This project of the cyber security audit and attack detection...

  16. CYBER/PHYSICAL SECURITY VULNERABILITY ASSESSMENT INTEGRATION

    SciTech Connect (OSTI)

    MacDonald, Douglas G.; Key, Brad; Clements, Samuel L.; Hutton, William J.; Craig, Philip A.; Patrick, Scott W.; Crawford, Cary E.

    2011-07-17

    This internally funded Laboratory-Directed R&D project by the Pacific Northwest National Laboratory, in conjunction with QinetiQ North America, is intended to identify and properly assess areas of overlap (and interaction) in the vulnerability assessment process between cyber security and physical protection. Existing vulnerability analysis (VA) processes and software tools exist, and these are heavily utilized in the determination of predicted vulnerability within the physical and cyber security domains. These determinations are normally performed independently of one another, and only interact on a superficial level. Both physical and cyber security subject matter experts have come to realize that though the various interactive elements exist, they are not currently quantified in most periodic security assessments. This endeavor aims to evaluate both physical and cyber VA techniques and provide a strategic approach to integrate the interdependent relationships of each into a single VA capability. This effort will also transform the existing suite of software currently utilized in the physical protection world to more accurately quantify the risk associated with a blended attack scenario. Performance databases will be created to support the characterization of the cyber security elements, and roll them into prototype software tools. This new methodology and software capability will enable analysts to better identify and assess the overall risk during a vulnerability analysis.

  17. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2012-12-06

    Modifications correct changes to the composition of Senior DOE Management organizations, name change from DOE Cyber Incident Response Capability to Joint Cybersecurity Coordination Center and transfer of responsibility for communications security and TEMPEST to the Office of Health, Safety and Security.

  18. SPIDERS JCTD Smart Cyber-Secure Microgrids

    Office of Energy Efficiency and Renewable Energy (EERE)

    The Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS) Joint Capability Technology Demonstration (JCTD) is a groundbreaking program to bolster the cyber security and energy efficiency of U.S. military installations and transfer the knowhow to non-military critical infrastructure.

  19. What is the Game in Cyber Security? Ravi Sandhu

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 What is the Game in Cyber Security? Ravi Sandhu Executive Director and Endowed Professor February with Real-World Impact! Institute for Cyber Security #12; Multiple games at multiple levels More than 2 than offense Most important recommendation cyber security needs to be a proactive rather than

  20. Small-Scale Cyber Security Competitions Mike O'Leary

    E-Print Network [OSTI]

    O'Leary, Michael

    Small-Scale Cyber Security Competitions Mike O'Leary Towson University 16th Colloquium-Scale Cyber Security Competitions CISSE 2012 1 / 25 #12;Regional & National Competitions National Collegiate the Flag Competition M. O'Leary (Towson University) Small-Scale Cyber Security Competitions CISSE 2012 2

  1. Center for Cyber-Security, Information Privacy, and Trust

    E-Print Network [OSTI]

    Lee, Dongwon

    Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director pliu@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

  2. Cyber-security Research Ethics Dialogue & Strategy Erin Kenneally

    E-Print Network [OSTI]

    California at San Diego, University of

    Cyber-security Research Ethics Dialogue & Strategy Workshop Erin Kenneally CAIDA/UC, San Diego La The inaugural Cyber-security Research Ethics Dialogue & Strat- egy Workshop was held on May 23, 2013 of "ethics-by-design" in the context of cyber security research, and aimed to: · Educate participants about

  3. Speculations on the Future of Cyber Security in 2025

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 Speculations on the Future of Cyber Security in 2025 Prof. Ravi Sandhu Executive Director and Chief Scientist Institute for Cyber Security University of Texas at San Antonio November 2009 ravi;Two Big Drivers Security can never hold back technology Cyber and physical space are increasingly

  4. On the Complexity of Verifying Cyber-Physical Security Protocols

    E-Print Network [OSTI]

    Nigam, Vivek

    On the Complexity of Verifying Cyber-Physical Security Protocols Max Kanovich, Tajana Ban Kirigin agents. We classify such security protocols as Cyber-Physical.6 The key elements of such protocols important class of Bounded Memory Cyber-Physical Security19 Protocols with a Memory Bounded Intruder

  5. Digital Disaster, Cyber Security, and the Copenhagen School

    E-Print Network [OSTI]

    Nissenbaum, Helen

    Digital Disaster, Cyber Security, and the Copenhagen School Lene Hansen University of Copenhagen and Helen Nissenbaum New York University This article is devoted to an analysis of cyber security, a concept is devoted to an analysis of ``cyber security,'' a concept that arrived on the post-Cold War agenda

  6. Evolving OWA Operators for Cyber Security Decision Making Problems

    E-Print Network [OSTI]

    Aickelin, Uwe

    Evolving OWA Operators for Cyber Security Decision Making Problems Simon Miller Jonathan M cyber security experts took part in an exercise in which they independently assessed a realistic system--Ordered Weighted Average, Evolutionary Algo- rithms, Simulated Annealing, Cyber Security, Expert Decision Making I

  7. 1Computer Security Shambhu Upadhyaya Cyber Security @CEISARE

    E-Print Network [OSTI]

    Upadhyaya, Shambhu

    , there are 100+ centers ­ Based on curriculum mapping to CNSS (committee of National Security Standards) 4011 at Google (2010) · Threats to national security ­ Insider attacks ­ Examples: Bradley Manning leaked1Computer Security Shambhu Upadhyaya Cyber Security @CEISARE Professor S. Upadhyaya Department

  8. Towards an Experimental Testbed Facility for Cyber-Physical Security Research

    SciTech Connect (OSTI)

    Edgar, Thomas W.; Manz, David O.; Carroll, Thomas E.

    2012-01-07

    Cyber-Physical Systems (CPSs) are under great scrutiny due to large Smart Grid investments and recent high profile security vulnerabilities and attacks. Research into improved security technologies, communication models, and emergent behavior is necessary to protect these systems from sophisticated adversaries and new risks posed by the convergence of CPSs with IT equipment. However, cyber-physical security research is limited by the lack of access to universal cyber-physical testbed facilities that permit flexible, high-fidelity experiments. This paper presents a remotely-configurable and community-accessible testbed design that integrates elements from the virtual, simulated, and physical environments. Fusing data between the three environments enables the creation of realistic and scalable environments where new functionality and ideas can be exercised. This novel design will enable the research community to analyze and evaluate the security of current environments and design future, secure, cyber-physical technologies.

  9. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8

  10. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE). Chg 1 dated 12-7-2012; Chg 2 dated 3-11-2013; Chg 3, dated 4-29-2014, supersedes Chg 2.

  11. Cyber Security Requirements for Risk Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  12. Cyber Security Companies, governments, and consumers depend on secure and reliable

    E-Print Network [OSTI]

    Hill, Wendell T.

    Cyber Security Companies, governments, and consumers depend on secure and reliable computer-speed computers all introduce new cyber-security challenges. Cyber- security researchers at the University networks and data products. But as technology becomes more complex, security threats also become more

  13. On A Way to Improve Cyber-Insurer Profits When a Security Vendor Becomes the Cyber-Insurer

    E-Print Network [OSTI]

    On A Way to Improve Cyber-Insurer Profits When a Security Vendor Becomes the Cyber-Insurer Ranjan of an insurance-driven security ecosystem. Such an ecosystem comprises of a set of market elements (e.g., cyber. In this paper, we model a security vendor (e.g., Symantec, Microsoft) as a cyber-insurer, thereby making

  14. Data security on the national fusion grid

    E-Print Network [OSTI]

    Burruss, Justine R.; Fredian, Tom W.; Thompson, Mary R.

    2005-01-01

    of any computational grid is security. Effective sharing oflike ITER. Keywords: security, FusionGrid, grid computing 1.A Security Architecture for Computational Grids,” Proc. 5th

  15. Security on the US Fusion Grid

    E-Print Network [OSTI]

    Burruss, Justin R.; Fredian, Tom W.; Thompson, Mary R.

    2005-01-01

    of any computational grid is security. Effective sharing oflike ITER. Keywords: security, FusionGrid, grid computing 1.A Security Architecture for Computational Grids,” Proc. 5th

  16. Will Cyber-Insurance Improve Network Security? A Market Analysis

    E-Print Network [OSTI]

    , Microsoft, etc.), cyber-insurers (e.g., ISPs, cloud providers, security vendors, etc.), regulatory agenciesWill Cyber-Insurance Improve Network Security? A Market Analysis Ranjan Pal University of Southern--Recent work in security has illustrated that solutions aimed at detection and elimination of security threats

  17. Towards Efficient Collaboration in Cyber Security

    SciTech Connect (OSTI)

    Hui, Peter SY; Bruce, Joseph R.; Fink, Glenn A.; Gregory, Michelle L.; Best, Daniel M.; McGrath, Liam R.; Endert, Alexander

    2010-06-03

    Cyber security analysts in different geographical and organizational domains are often largely tasked with similar duties, albeit with domain-specific variations. These analysts necessarily perform much of the same work independently— for instance, analyzing the same list of security bulletins released by largely the same set of software vendors. As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert each other to high-severity security alerts in a more timely fashion. However, several barriers to practical and efficient collaboration exist, and as such, no such framework exists to support such efforts. In this paper, we discuss the inherent difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We discuss preliminary ideas and concepts towards a collaborative cyber-security framework currently under development, whose goal is to facilitate analyst collaboration across these boundaries. While still in its early stages, we describe work-in-progress towards achieving this goal, including motivation, functionality, concepts, and a high-level description of the proposed system architecture.

  18. Integrated Learning Environment for Smart Grid Security Kewen Wang, Yi Pan, Wen-Zhan Song

    E-Print Network [OSTI]

    Wang, Weichao

    Integrated Learning Environment for Smart Grid Security Kewen Wang, Yi Pan, Wen-Zhan Song-- Cyber Security of smart grids becomes more and more important to our everyday life for its wide of this important area. We believe that simulation systems designed for research purposes in the smart grid security

  19. Chapter_14_Cyber_Security

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirleyEnergyTher i n c i p a lCaribElectricSouthApplying caulkChapter 9 of the LANL34SpecialCyber

  20. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect (OSTI)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  1. Secure Information and Resource Sharing in Cloud Institute for Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    Secure Information and Resource Sharing in Cloud Yun Zhang Institute for Cyber Security Univ Institute for Cyber Security Univ of Texas at San Antonio San Antonio, TX 78249 Ravi.Sandhu@utsa.edu ABSTRACT The significant threats from information security breaches in cyber world is one of the most

  2. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012; Chg 2, dated 3-11-13.

  3. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012.

  4. Control Systems Cyber Security: Defense in Depth Strategies ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Security: Defense in Depth Strategies More Documents & Publications Good Practice Guide on Firewall Deployment for SCADA and Process Control Networks Mitigations for...

  5. Common Cyber Security Vulnerabilities Observed in Control System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Systems (September 2011) Vulnerability Analysis of Energy Delivery Control Systems - 2011 Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems...

  6. Cyber Security Audit and Attack Detection Toolkit: Bandolier...

    Broader source: Energy.gov (indexed) [DOE]

    - Best Practice DesignConfiguration Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 DOEOE National SCADA Test Bed Fiscal Year 2009 Work Plan...

  7. Continuous Monitoring And Cyber Security For High Performance...

    Office of Scientific and Technical Information (OSTI)

    Continuous Monitoring And Cyber Security For High Performance Computing Malin, Alex B. Los Alamos National Laboratory; Van Heule, Graham K. Los Alamos National Laboratory...

  8. NNSA Seeking Comments on Consolidated IT and Cyber Security Support...

    Broader source: Energy.gov (indexed) [DOE]

    seeking comments, now through July 29, on an opportunity for Consolidated IT and Cyber Security Support Services. Comments are sought from interested vendors holding...

  9. Security Informatics Research Challenges for Mitigating Cyber Friendly Fire

    SciTech Connect (OSTI)

    Carroll, Thomas E.; Greitzer, Frank L.; Roberts, Adam D.

    2014-09-30

    This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly re (FF). We dene cyber FF as intentional o*ensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission e*ectiveness of friendly or neutral forces. We describe examples of cyber FF and discuss how it ts within a general conceptual framework for cyber security failures. Because it involves human failure, cyber FF may be considered to belong to a sub-class of cyber security failures characterized as unintentional insider threats. Cyber FF is closely related to combat friendly re in that maintaining situation awareness (SA) is paramount to avoiding unintended consequences. Cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and o*ensive countermeasures that may be applied to thwart network attacks. We describe a test bed designed to support empirical research on factors a*ecting cyber FF. Finally, we discuss mitigation strategies to combat cyber FF, including both training concepts and suggestions for decision aids and visualization approaches.

  10. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  11. Cyber Security Requirements for Wireless Devices and Information Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-11

    The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  12. Help for the Developers of Control System Cyber Security Standards

    SciTech Connect (OSTI)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  13. On Cyber Security for Networked Control Systems Saurabh Amin

    E-Print Network [OSTI]

    random failures and secu- rity attacks. Cyber-security of Supervisory Control and Data Acquisition (SCADA, cyber-security assessment for SCADA systems is performed based on well-defined attacker and defender objectives. The mathematical model of SCADA systems considered in this work has two control levels

  14. Cyber Security via Minority Games with Epistatic Signaling (Invited Paper)

    E-Print Network [OSTI]

    Mishra, Bud

    Cyber Security via Minority Games with Epistatic Signaling (Invited Paper) William Casey Software when deceptions are employed to breach the security of the system, thus making the entire social game systems are empirically stud- ied through extensive computer simulation. 1. GAMES AND CYBER

  15. Cyber security best practices for the nuclear industry

    SciTech Connect (OSTI)

    Badr, I.

    2012-07-01

    When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

  16. Smart-Grid Security Issues

    SciTech Connect (OSTI)

    Khurana, Himanshu; Hadley, Mark D.; Lu, Ning; Frincke, Deborah A.

    2010-01-29

    TITLE: Smart-Grid Security Issues (Editorial Material, English) IEEE SECURITY & PRIVACY 8 (1). JAN-FEB 2010. p.81-85 IEEE COMPUTER SOC, LOS ALAMITOS

  17. Cyber security analysis testbed : combining real, emulation, and simulation.

    SciTech Connect (OSTI)

    Villamarin, Charles H.; Eldridge, John M.; Van Leeuwen, Brian P.; Urias, Vincent E.

    2010-07-01

    Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems of computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed novel methods to combine these evaluation platforms into a hybrid testbed that combines real, emulated, and simulated components. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a system of interest, it is critical to realistically represent the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single, unified computing platform. This provides an 'experiment-in-a-box' capability. The result is rapidly-produced, large-scale, relatively low-cost, multi-fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations.

  18. Measuring Expertise and Bias in Cyber Security Using Cognitive and Neuroscience Approaches

    E-Print Network [OSTI]

    Hamlen, Kevin W.

    Measuring Expertise and Bias in Cyber Security Using Cognitive and Neuroscience Approaches Daniel in cyber security, we attempt to understand the cognitive components of cyber security expertise. Our initial focus is on cyber security attackers ­ often called "hackers". Our first aim is to develop

  19. Towards a Framework for Cyber Attack Impact Analysis of the Electric Smart Grid

    E-Print Network [OSTI]

    Kundur, Deepa

    Towards a Framework for Cyber Attack Impact Analysis of the Electric Smart Grid Deepa Kundur analysis of a smart grid. We focus on the model synthesis stage in which both cyber and physical grid-effect relationships can be conveniently expressed for both analysis and extension to large-scale smart grid systems. I

  20. Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

    SciTech Connect (OSTI)

    Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo; Mili, Ali; Trien, Joseph P

    2006-01-01

    The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglected or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .

  1. Cyber safety : a systems thinking and systems theory approach to managing cyber security risks

    E-Print Network [OSTI]

    Salim, Hamid M

    2014-01-01

    If we are to manage cyber security risks more effectively in today's complex and dynamic Web 2.0 environment, then a new way of thinking is needed to complement traditional approaches. According to Symantec's 2014 Internet ...

  2. Developing and Implementing an Institution-Wide Introductory Cyber-Security Course in Record Time

    E-Print Network [OSTI]

    Crabbe, Frederick

    Developing and Implementing an Institution-Wide Introductory Cyber-Security Course in Record Time foundations of cyber security. This decision triggered our attempt to set an "academic world security, as cyber attacks and cyber crime become greater threats to the health and preservation

  3. Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems

    SciTech Connect (OSTI)

    Ferragut, Erik M; Laska, Jason A; Melin, Alexander M; Czejdo, Bogdan

    2013-01-01

    The consolidation of cyber communications networks and physical control systems within the energy smart grid introduces a number of new risks. Unfortunately, these risks are largely unknown and poorly understood, yet include very high impact losses from attack and component failures. One important aspect of risk management is the detection of anomalies and changes. However, anomaly detection within cyber security remains a difficult, open problem, with special challenges in dealing with false alert rates and heterogeneous data. Furthermore, the integration of cyber and physical dynamics is often intractable. And, because of their broad scope, energy grid cyber-physical systems must be analyzed at multiple scales, from individual components, up to network level dynamics. We describe an improved approach to anomaly detection that combines three important aspects. First, system dynamics are modeled using a reduced order model for greater computational tractability. Second, a probabilistic and principled approach to anomaly detection is adopted that allows for regulation of false alerts and comparison of anomalies across heterogeneous data sources. Third, a hierarchy of aggregations are constructed to support interactive and automated analyses of anomalies at multiple scales.

  4. Ninth Annual Cyber and Information Security Research Conference...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Ninth Annual Cyber and Information Security Research Conference Apr 08 2014 04-08-2014 08:30 AM - 04-10-2014 04:00 PM Multiple speakers, multiple disciplines, multiple affiliations...

  5. CYSEP --A CYBER-SECURITY PROCESSOR FOR 10GBPS NETWORKS AND BEYOND H. Jonathan Chao

    E-Print Network [OSTI]

    Chao, Jonathan

    1 of 9 CYSEP -- A CYBER-SECURITY PROCESSOR FOR 10GBPS NETWORKS AND BEYOND H. Jonathan Chao the architecture of a Cyber- Security Processor (CYSEP) which can serve as a key module for enhancing security-speed operation. 1 INTRODUCTION In this paper, we describe the architecture of a Cyber- Security Processor (CYSEP

  6. An Experience Report on Undergraduate Cyber-Security Education and Outreach

    E-Print Network [OSTI]

    An Experience Report on Undergraduate Cyber-Security Education and Outreach Michael E. Locasto Terms Security Keywords cyber security training, SISMAT 1. INTRODUCTION Organizations face a critical training in cyber security tools. At the same time, information secu- rity problems (e.g., recovering from

  7. Gamification for Measuring Cyber Security Situational Awareness

    SciTech Connect (OSTI)

    Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

    2013-03-01

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

  8. Cyber Security Challenges in Using Cloud Computing in the Electric Utility Industry

    SciTech Connect (OSTI)

    Akyol, Bora A.

    2012-09-01

    This document contains introductory material that discusses cyber security challenges in using cloud computing in the electric utility industry.

  9. Big Data Applications in Cloud and Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges March 17, 2015 ravi.sandhu@utsa.edu www Security 1 #12;© Ravi Sandhu 2 World-Leading Research with Real-World Impact! Big Data Volume Variety

  10. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01

    mation in electric power grids, in ‘CCS ’09: Proceedings ofof the electric power grid’, SIAM Journal on Optimizationposture of the power grid, (2) develop and integrate

  11. Towards the Realization of a Public Health Model for Shared Secure Cyber-Space

    E-Print Network [OSTI]

    California at Davis, University of

    Towards the Realization of a Public Health Model for Shared Secure Cyber-Space Jeff Rowe UC Davis mahogarth@ucdavis.edu ABSTRACT It has been a longstanding goal of the cyber-security community to improve susceptibility to attack; we refer to this as improving the public cyber-security. Traditionally, computer

  12. Anatomy, Dissection, and Mechanics of an Introductory Cyber-Security Course's Curriculum at the United States

    E-Print Network [OSTI]

    Crabbe, Frederick

    Anatomy, Dissection, and Mechanics of an Introductory Cyber-Security Course's Curriculum States of America ABSTRACT Due to the high priority of cyber-security education, the United States Naval Academy rapidly developed and implemented a new cyber-security course that is required for all of its

  13. RT-Based Administrative Models for Community Cyber Security Information Sharing

    E-Print Network [OSTI]

    Sandhu, Ravi

    RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman Bijon Institute for Cyber Security World-Leading Research with Real Ravi Sandhu, Khalid Zaman Bijon Institute for Cyber Security University of Texas at San Antonio Oct. 15, 2011 International

  14. Towards Efficient Collaboration in Cyber Security Peter Hui Joe Bruce Glenn Fink

    E-Print Network [OSTI]

    Towards Efficient Collaboration in Cyber Security Peter Hui Joe Bruce Glenn Fink Michelle Gregory University aendert@cs.vt.edu ABSTRACT Cyber security analysts in different geographical and organizational difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We

  15. RT-Based Administrative Models for Community Cyber Security Information Sharing

    E-Print Network [OSTI]

    Sandhu, Ravi

    RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman Bijon, Xin Jin, and Ram Krishnan Institute for Cyber Security & Department of Computer Science Institute for Cyber Security & Department of Electrical and Computer Engineering University of Texas at San

  16. Visualizing Cyber Security: Usable Workspaces Glenn A. Fink*, Christopher L. North**, Alex Endert**, and Stuart Rose*

    E-Print Network [OSTI]

    Visualizing Cyber Security: Usable Workspaces Glenn A. Fink*, Christopher L. North**, Alex Endert University ABSTRACT The goal of cyber security visualization is to help analysts in- crease the safety. We describe our study of cyber-security professionals and visualizations in a large, high

  17. Security Implications of Typical Grid Computing Usage Scenarios

    E-Print Network [OSTI]

    Humphrey, Marty; Thompson, Mary R.

    2001-01-01

    issues and challenges The Grid security requirements that wea seri- ous challenge to Grid security measures. Grids thatbased on using available Grid security services. Both Globus

  18. Towards A Network-of-Networks Framework for Cyber Security

    SciTech Connect (OSTI)

    Halappanavar, Mahantesh; Choudhury, Sutanay; Hogan, Emilie A.; Hui, Peter SY; Johnson, John R.; Ray, Indrajit; Holder, Lawrence B.

    2013-06-07

    Networks-of-networks (NoN) is a graph-theoretic model of interdependent networks that have distinct dynamics at each network (layer). By adding special edges to represent relationships between nodes in different layers, NoN provides a unified mechanism to study interdependent systems intertwined in a complex relationship. While NoN based models have been proposed for cyber-physical systems, in this paper we build towards a three-layer NoN model for an enterprise cyber system. Each layer captures a different facet of a cyber system. We then discuss the potential benefits of graph-theoretic analysis enabled from such a model. Our goal is to provide a novel and powerful tool for modeling and analyzing problems in cyber security.

  19. Cyber Security Evaluation of II&C Technologies

    SciTech Connect (OSTI)

    Ken Thomas

    2014-11-01

    The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a cyber security team with expertise in nuclear utility cyber security programs and experience in conducting these evaluations. The evaluation has determined that, for the most part, cyber security will not be a limiting factor in the application of these technologies to nuclear power plant applications.

  20. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01

    Analysis of Information Security Games, Proceedings of theon the Economics of Information Security WEIS’, Hanover, NH,on the Economics of Information Security’. Anderson, R. and

  1. CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL

    SciTech Connect (OSTI)

    Kathleen A. Lee

    2008-01-01

    The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the system’s cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

  2. Securing the Electricity Grid: Government and Industry Exercise...

    Office of Environmental Management (EM)

    Securing the Electricity Grid: Government and Industry Exercise Together at GridEx III Securing the Electricity Grid: Government and Industry Exercise Together at GridEx III...

  3. Automatic Labeling for Entity Extraction in Cyber Security

    SciTech Connect (OSTI)

    Bridges, Robert A; Jones, Corinne L; Iannacone, Michael D; Testa, Kelly M; Goodall, John R

    2014-01-01

    Timely analysis of cyber-security information necessitates automated information extraction from unstructured text. While state-of-the-art extraction methods produce extremely accurate results, they require ample training data, which is generally unavailable for specialized applications, such as detecting security related entities; moreover, manual annotation of corpora is very costly and often not a viable solution. In response, we develop a very precise method to automatically label text from several data sources by leveraging related, domain-specific, structured data and provide public access to a corpus annotated with cyber-security entities. Next, we implement a Maximum Entropy Model trained with the average perceptron on a portion of our corpus (~750,000 words) and achieve near perfect precision, recall, and accuracy, with training times under 17 seconds.

  4. Sandia Energy - The Center for SCADA Security Assets

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    The Center for SCADA Security Assets Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure...

  5. A Novel Cyber-Insurance for Internet Security

    E-Print Network [OSTI]

    Pal, Ranjan; Psounis, Konstantinos

    2011-01-01

    Internet users such as individuals and organizations are subject to different types of epidemic risks such as worms, viruses, and botnets. To reduce the probability of risk, an Internet user generally invests in self-defense mechanisms like antivirus and antispam software. However, such software does not completely eliminate risk. Recent works have considered the problem of residual risk elimination by proposing the idea of cyber-insurance. In reality, an Internet user faces risks due to security attacks as well as risks due to non-security related failures (e.g., reliability faults in the form of hardware crash, buffer overflow, etc.) . These risk types are often indistinguishable by a naive user. However, a cyber-insurance agency would most likely insure risks only due to security attacks. In this case, it becomes a challenge for an Internet user to choose the right type of cyber-insurance contract as standard optimal contracts, i.e., contracts under security attacks only, might prove to be sub-optimal for ...

  6. Sandia Energy - Cyber Security for Electric Infrastructure

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity ofkandz-cm11 Outreach Home RoomPreservation of Fe(II) byMultidayAlumniProjectsCyber Engineering Research Laboratory

  7. Evaluation Report on "The Department's Unclassified Cyber Security Program"

    SciTech Connect (OSTI)

    None

    2009-10-01

    Industry experts report that security challenges and threats are continually evolving as malicious activity has become more web-based and attackers are able to rapidly adapt their attack methods. In addition, the number of data breaches continues to rise. In an effort to mitigate and address threats and protect valuable information, the Department of Energy anticipated spending about $275 million in Fiscal Year (FY) 2009 to implement cyber security measures necessary to protect its information technology resources. These systems and data are designed to support the Department's mission and business lines of energy security, nuclear security, scientific discovery and innovation, and environmental responsibility. The Federal Information Security Management Act of 2002 (FISMA) provides direction to agencies on the management and oversight of information security risks, including design and implementation of controls to protect Federal information and systems. As required by FISMA, the Office of Inspector General conducts an annual independent evaluation to determine whether the Department's unclassified cyber security program adequately protects its information systems and data. This memorandum and the attached report present the results of our evaluation for FY 2009. The Department continued to make incremental improvements in its unclassified cyber security program. Our evaluation disclosed that most sites had taken action to address weaknesses previously identified in our FY 2008 evaluation report. They improved certification and accreditation of systems; strengthened configuration management of networks and systems; performed independent assessments; and, developed and/or refined certain policies and procedures. In addition, the Department instituted a centralized incident response organization designed to eliminate duplicative efforts throughout the Department. As we have noted in previous reports, the Department continued to maintain strong network perimeter defenses against malicious intruders and other externals threats. These are positive accomplishments. However, in our judgment, additional action is required to further enhance the Department's unclassified cyber security program and help reduce risks to its systems and data. For example, our current review identified opportunities for improvements in areas such as security planning and testing, systems inventory, access controls, and configuration management. In particular, we issued a number of findings at sites managed by the National Nuclear Security Administration (NNSA). We also identified weaknesses across various Department program elements. Issues that warrant further attention include: (1) Weaknesses such as outdated security plans and not completing annual security control self-assessments were identified at several sites; (2) The Department had not yet resolved systems inventory issues and had yet to deploy a complex-wide automated asset management tool to help track information technology resources and identify interfaces between systems or networks; (3) Although certain improvements had been made to enhance access controls, we noted deficiencies such as a lack of periodic account reviews and inadequate password management at a number of sites; and (4) Previously identified weaknesses in configuration management had been corrected, however, we found problems related to weak administrator account settings and failure to install software patches, as well as incomplete implementation of the Federal Desktop Core Configuration. These internal control weaknesses existed, at least in part, because certain cyber security roles and responsibilities were not clearly delineated. Program officials also had not effectively performed monitoring and review activities essential for evaluating the adequacy of cyber security performance. In some cases, officials had not ensured that weaknesses discovered during audits and other evaluations were recorded and tracked to resolution in the organizations' Plans of Action and Milestones. Our testing disclosed that about 39 p

  8. Secure Interoperable Open Smart Grid Demonstration Project

    SciTech Connect (OSTI)

    Magee, Thoman

    2014-12-31

    The Consolidated Edison, Inc., of New York (Con Edison) Secure Interoperable Open Smart Grid Demonstration Project (SGDP), sponsored by the United States (US) Department of Energy (DOE), demonstrated that the reliability, efficiency, and flexibility of the grid can be improved through a combination of enhanced monitoring and control capabilities using systems and resources that interoperate within a secure services framework. The project demonstrated the capability to shift, balance, and reduce load where and when needed in response to system contingencies or emergencies by leveraging controllable field assets. The range of field assets includes curtailable customer loads, distributed generation (DG), battery storage, electric vehicle (EV) charging stations, building management systems (BMS), home area networks (HANs), high-voltage monitoring, and advanced metering infrastructure (AMI). The SGDP enables the seamless integration and control of these field assets through a common, cyber-secure, interoperable control platform, which integrates a number of existing legacy control and data systems, as well as new smart grid (SG) systems and applications. By integrating advanced technologies for monitoring and control, the SGDP helps target and reduce peak load growth, improves the reliability and efficiency of Con Edison’s grid, and increases the ability to accommodate the growing use of distributed resources. Con Edison is dedicated to lowering costs, improving reliability and customer service, and reducing its impact on the environment for its customers. These objectives also align with the policy objectives of New York State as a whole. To help meet these objectives, Con Edison’s long-term vision for the distribution grid relies on the successful integration and control of a growing penetration of distributed resources, including demand response (DR) resources, battery storage units, and DG. For example, Con Edison is expecting significant long-term growth of DG. The SGDP enables the efficient, flexible integration of these disparate resources and lays the architectural foundations for future scalability. Con Edison assembled an SGDP team of more than 16 different project partners, including technology vendors, and participating organizations, and the Con Edison team provided overall guidance and project management. Project team members are listed in Table 1-1.

  9. Validating Cyber Security Requirements: A Case Study

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

    2011-01-01

    Vulnerabilities in a system may have widely varying impacts on system security. In practice, security should not be defined as the absence of vulnerabilities. In practice, security should not be quantified by the number of vulnerabilities. Security should be managed by pursuing a policy that leads us first to the highest impact vulnerabilities. In light of these observations, we argue in favor of shifting our focus from vulnerability avoidance/removal to measurable security attributes. To this effect, we recommend a logic be used for system security, which captures/represents security properties in quantifiable, verifiable, measurable terms so that it is possible to reason about security in terms of its observable/perceptible effects rather than its hypothesized causes. This approach is orthogonal to existing techniques for vulnerability avoidance, removal, detection, and recovery, in the sense that it provides a means to assess, quantify, and combine these techniques.

  10. M&Ms4Graphs: Multi-scale, Multi-dimensional Graph Analytics Tools for Cyber-Security

    E-Print Network [OSTI]

    M&Ms4Graphs: Multi-scale, Multi-dimensional Graph Analytics Tools for Cyber-Security Objective We-of-Networks Framework for Cyber Security." IEEE Intelligence and Security Informatics, 2013. 2. "Towards a Multiscale. "Statistical and Hierarchical Graph Analysis for Cyber Security." SIAM Conference on Discrete Mathematics

  11. Improved Power Grid Stability and Efficiency with a Building-Energy Cyber-Physical System

    E-Print Network [OSTI]

    1 Improved Power Grid Stability and Efficiency with a Building-Energy Cyber-Physical System Mary in the context of the power grid and its interaction with buildings. We describe significant issues in energy-efficient, and the building operator was unable to "store energy" before an event occurs or must alter demand only after

  12. Tensions in collaborative cyber security and how they affect incident detection and response

    SciTech Connect (OSTI)

    Fink, Glenn A.; McKinnon, Archibald D.; Clements, Samuel L.; Frincke, Deborah A.

    2009-12-01

    Security often requires collaboration, but when multiple stakeholders are involved, it is typical for their priorities to differ or even conflict with one another. In today’s increasingly networked world, cyber security collaborations may span organizations and countries. In this chapter, we address collaboration tensions, their effects on incident detection and response, and how these tensions may potentially be resolved. We present three case studies of collaborative cyber security within the U.S. government and discuss technical, social, and regulatory challenges to collaborative cyber security. We suggest possible solutions, and present lessons learned from conflicts. Finally, we compare collaborative solutions from other domains and apply them to cyber security collaboration. Although we concentrate our analysis on collaborations whose purpose is to achieve cyber security, we believe that this work applies readily to security tensions found in collaborations of a general nature as well.

  13. Principles of Security: Human, Cyber, and Biological

    E-Print Network [OSTI]

    Stacey, Blake C

    2013-01-01

    Cybersecurity attacks are a major and increasing burden to economic and social systems globally. Here we analyze the principles of security in different domains and demonstrate an architectural flaw in current cybersecurity. Cybersecurity is inherently weak because it is missing the ability to defend the overall system instead of individual computers. The current architecture enables all nodes in the computer network to communicate transparently with one another, so security would require protecting every computer in the network from all possible attacks. In contrast, other systems depend on system-wide protections. In providing conventional security, police patrol neighborhoods and the military secures borders, rather than defending each individual household. Likewise, in biology, the immune system provides security against viruses and bacteria using primarily action at the skin, membranes, and blood, rather than requiring each cell to defend itself. We propose applying these same principles to address the c...

  14. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  15. An integrated security framework for GOSS power grid analytics platform

    SciTech Connect (OSTI)

    Gibson, Tara D.; Ciraci, Selim; Sharma, Poorva; Allwardt, Craig H.; Rice, Mark J.; Akyol, Bora A.

    2014-06-23

    In power grid operations, security is an essential component for any middleware platform. Security protects data against unwanted access as well as cyber attacks. GridOpticsTM Software System (GOSS) is an open source power grid analytics platform that facilitates ease of access between applications and data sources and promotes development of advanced analytical applications. GOSS contains an API that abstracts many of the difficulties in connecting to various heterogeneous data sources. A number of applications and data sources have already been implemented to demonstrate functionality and ease of use. A security framework has been implemented which leverages widely accepted, robust JavaTM security tools in a way such that they can be interchanged as needed. This framework supports the complex fine-grained, access control rules identified for the diverse data sources already in GOSS. Performance and reliability are also important considerations in any power grid architecture. An evaluation is done to determine the overhead cost caused by security within GOSS and ensure minimal impact to performance.

  16. Convergence for the Smart Grid -On the technology opportunities for Future Cyber-Physical Energy Systems, invited paper at New Research Directions for Future Cyber-Physical Energy

    E-Print Network [OSTI]

    California at Los Angeles, University of

    Convergence for the Smart Grid - On the technology opportunities for Future Cyber-Physical Energy Angeles, CA. 90095 http://winmec.ucla.edu Email:smartgrid@winmec.ucla.edu Convergence for the Smart Grid into what the Future / Smart Electric Grid should look like. For example the DOE has a vision for the Modern

  17. Privacy Principles for Sharing Cyber Security Data Gina Fisk, Calvin Ardi, Neale Pickett, John Heidemann, Mike Fisk, Christos Papadopoulos

    E-Print Network [OSTI]

    Heidemann, John

    Privacy Principles for Sharing Cyber Security Data Gina Fisk, Calvin Ardi, Neale Pickett, John@colostate.edu Abstract--Sharing cyber security data across organizational boundaries brings both privacy risks for sharing cyber security information must consider privacy issues as they exchange and analyzed information

  18. Smart Grid Information Security (IS) Functional Requirement

    E-Print Network [OSTI]

    Ling, Amy Poh Ai

    2011-01-01

    It is important to implement safe smart grid environment to enhance people's lives and livelihoods. This paper provides information on smart grid IS functional requirement by illustrating some discussion points to the sixteen identified requirements. This paper introduces the smart grid potential hazards that can be referred as a triggering factor to improve the system and security of the entire grid. The background of smart information infrastructure and the needs for smart grid IS is described with the adoption of hermeneutic circle as methodology. Grid information technology and security-s session discusses that grid provides the chance of a simple and transparent access to different information sources. In addition, the transformation between traditional versus smart grid networking trend and the IS importance on the communication field reflects the criticality of grid IS functional requirement identification is introduces. The smart grid IS functional requirements described in this paper are general and ...

  19. OpenEI Community - cyber security

    Open Energy Info (EERE)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on QA:QA J-E-1 SECTION J APPENDIXsourceII JumpQuarterly Smart Grid Data available for download onst,/0 en BigArtby Example

  20. The Impact of Secure OSs on Internet Security: What Cyber-Insurers Need to Know

    E-Print Network [OSTI]

    Pal, Ranjan

    2012-01-01

    In recent years, researchers have proposed \\emph{cyber-insurance} as a suitable risk-management technique for enhancing security in Internet-like distributed systems. However, amongst other factors, information asymmetry between the insurer and the insured, and the inter-dependent and correlated nature of cyber risks have contributed in a big way to the failure of cyber-insurance markets. Security experts have argued in favor of operating system (OS) platform switching (ex., from Windows to Unix-based OSs) or secure OS adoption as being one of the techniques that can potentially mitigate the problems posing a challenge to successful cyber-insurance markets. In this regard we model OS platform switching dynamics using a \\emph{social gossip} mechanism and study three important questions related to the nature of the dynamics, for Internet-like distributed systems: (i) which type of networks should cyber-insurers target for insuring?, (ii) what are the bounds on the asymptotic performance level of a network, wher...

  1. Security and Cyber Guidance | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:Financing Tool FitsProjectDataSecretary Moniz's OpenEnergy SCADASeptemberSecurity

  2. Probabilistic Characterization of Adversary Behavior in Cyber Security

    SciTech Connect (OSTI)

    Meyers, C A; Powers, S S; Faissol, D M

    2009-10-08

    The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

  3. Department of Energy's July 2013 Cyber Security Breach

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirleyEnergy A plug-in electricLaboratoryof Energy ElevenLGJuly 2013 Cyber Security Breach

  4. Cyber Security Protection for Small Businesses | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE: Alternative Fuels DataEnergy Webinar:IAbout Us » ContactCounty AimsCurrentCyber Security

  5. ECE 5332 Communications and Control in Smart Grid Syllabus Instructor

    E-Print Network [OSTI]

    Mohsenian-Rad, Hamed

    , distributed storage, vehicle-to-grid systems, wide area measurement, smart grid cyber security, etc. Course Cyber Security Challenges in Smart Grid o Load Altering Attacks o False Data Injection Attacks o DefenseECE 5332 Communications and Control in Smart Grid Syllabus Instructor: Dr. Hamed Mohsenian

  6. Communications and Networking for Smart Grid: Technology and Practice , HossamS. Hassanein2

    E-Print Network [OSTI]

    Qiu, Robert Caiming

    communications protocols, and provide secure and reliable communications for the smart grid. Many open issues sensor networks. "Cyber Security for Smart Grid, Cryptography, and Privacy," by Swapna Iyer, reviews different types of attacks to smart grid. The specific focus is on cyber security, as the smart grid uses

  7. Cyber and Security Assessments | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirley Ann JacksonDepartment of EnergyResearchersOctoberCharles DOEJungleWinter (PartCustomerSecurity

  8. Secure control systems with application to cyber-physical systems

    SciTech Connect (OSTI)

    Dong, Jin; Djouadi, Seddik M; Nutaro, James J; Kuruganti, Phani Teja

    2014-01-01

    Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

  9. cybersecurity.pnnl.gov Securing the Nation's Critical Infrastructure

    E-Print Network [OSTI]

    : » Global Threat Intelligence » Electric Grid Security » Cyber Physical Systems » Bio-inspired Security and evaluating safeguards, we can provide a better defense against threats or adversaries. Electric Grid Security PNNL is leading the charge to secure a safer and more reliable grid. We are currently developing cyber

  10. Network Intrusion Detection and Visualization using Aggregations in a Cyber Security Data Warehouse

    SciTech Connect (OSTI)

    Czejdo, Bogdan; Ferragut, Erik M; Goodall, John R; Laska, Jason A

    2012-01-01

    The challenge of achieving situational understanding is a limiting factor in effective, timely, and adaptive cyber-security analysis. Anomaly detection fills a critical role in network assessment and trend analysis, both of which underlie the establishment of comprehensive situational understanding. To that end, we propose a cyber security data warehouse implemented as a hierarchical graph of aggregations that captures anomalies at multiple scales. Each node of our pro-posed graph is a summarization table of cyber event aggregations, and the edges are aggregation operators. The cyber security data warehouse enables domain experts to quickly traverse a multi-scale aggregation space systematically. We describe the architecture of a test bed system and a summary of results on the IEEE VAST 2012 Cyber Forensics data.

  11. Embedded Cyber-Physical Anomaly Detection in Smart Meters

    E-Print Network [OSTI]

    [massimiliano.raciti,simin.nadjm-tehrani]@liu.se Abstract. Smart grid security has many facets, ranging over to encompass smart grids as an illustrating example. Security is one of the less developed attributes- ment of cyber-physical systems, the focus of smart grid security is increasingly on threats to control

  12. Cyber Friendly Fire: Research Challenges for Security Informatics

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

    2013-06-06

    This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a system’s topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FF— including both training concepts and suggestions for decision aids and visualization approaches—are discussed.

  13. Control Systems Cyber Security: Defense-in-Depth Strategies

    SciTech Connect (OSTI)

    Mark Fabro

    2007-10-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  14. Control Systems Cyber Security:Defense in Depth Strategies

    SciTech Connect (OSTI)

    David Kuipers; Mark Fabro

    2006-05-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  15. Cyber Science and Security - An R&D Partnership at LLNL

    SciTech Connect (OSTI)

    Brase, J; Henson, V

    2011-03-11

    Lawrence Livermore National Laboratory has established a mechanism for partnership that integrates the high-performance computing capabilities of the National Labs, the network and cyber technology expertise of leading information technology companies, and the long-term research vision of leading academic cyber programs. The Cyber Science and Security Center is designed to be a working partnership among Laboratory, Industrial, and Academic institutions, and provides all three with a shared R&D environment, technical information sharing, sophisticated high-performance computing facilities, and data resources for the partner institutions and sponsors. The CSSC model is an institution where partner organizations can work singly or in groups on the most pressing problems of cyber security, where shared vision and mutual leveraging of expertise and facilities can produce results and tools at the cutting edge of cyber science.

  16. Strategic philanthropy for cyber security : an extended cost-benefit analysis framework to study cybersecurity

    E-Print Network [OSTI]

    Cho, Yiseul

    2012-01-01

    The international climate of cyber security is dramatically changing and thus unpredictable. As such, agile yet sustainable solutions are needed, along with an effective and a pragmatic evaluation framework to assess and ...

  17. S3A: Secure System Simplex Architecture for Enhanced Security of Cyber-Physical Systems

    E-Print Network [OSTI]

    Mohan, Sibin; Betti, Emiliano; Yun, Heechul; Sha, Lui; Caccamo, Marco

    2012-01-01

    Until recently, cyber-physical systems, especially those with safety-critical properties that manage critical infrastructure (e.g. power generation plants, water treatment facilities, etc.) were considered to be invulnerable against software security breaches. The recently discovered 'W32.Stuxnet' worm has drastically changed this perception by demonstrating that such systems are susceptible to external attacks. Here we present an architecture that enhances the security of safety-critical cyber-physical systems despite the presence of such malware. Our architecture uses the property that control systems have deterministic execution behavior, to detect an intrusion within 0.6 {\\mu}s while still guaranteeing the safety of the plant. We also show that even if an attack is successful, the overall state of the physical system will still remain safe. Even if the operating system's administrative privileges have been compromised, our architecture will still be able to protect the physical system from coming to harm.

  18. Consolidated Edison Company of New York, Inc. Smart Grid Demonstration...

    Open Energy Info (EERE)

    a scalable, cost-effective smart grid prototype that promotes cyber security, reduces electricity demand and peak energy use, and increases reliability and energy efficiency....

  19. Smart Grid Communications Security Project, U.S. Department of Energy

    SciTech Connect (OSTI)

    Barnes, Frank

    2012-09-01

    There were four groups that worked on this project in different areas related to Smart Girds and Security. They included faculty and students from electric computer and energy engineering, law, business and sociology. The results of the work are summarized in a verity of reports, papers and thesis. A major report to the Governor of Colorado’s energy office with contributions from all the groups working on this project is given bellow. Smart Grid Deployment in Colorado: Challenges and Opportunities, Report to Colorado Governor’s Energy Office and Colorado Smart Grid Task Force(2010) (Kevin Doran, Frank Barnes, and Puneet Pasrich, eds.) This report includes information on the state of the grid cyber security, privacy, energy storage and grid stability, workforce development, consumer behavior with respect to the smart grid and safety issues.

  20. Situational Awareness as a Measure of Performance in Cyber Security Collaborative Work

    SciTech Connect (OSTI)

    Malviya, Ashish; Fink, Glenn A.; Sego, Landon H.; Endicott-Popovsky, Barbara E.

    2011-04-11

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge in turn could lead to better preparation of cyber defenders in both military and civilian settings. We conducted proof of concept experimentation to collect data during the Pacific-rim Regional Collegiate Cyber Defense Competition (PRCCDC) and analyzed it to study the behavior of cyber defenders. We propose that situational awareness predicts performance of cyber security professionals, and in this paper we focus on our collection and analysis of competition data to determine whether it supports our hypothesis. In addition to normal cyber data, we collected situational awareness and workload data and compared it against the performance of cyber defenders as indicated by their competition score. We conclude that there is a weak correlation between our measure of situational awareness and performance that we hope to exploit in further studies.

  1. Physical Security 1.CyberCIEGE Physical Security

    E-Print Network [OSTI]

    .2.4 Establish Physical Security to Protect TOP SECRET Assets · The game will automatically pause when Jerry begins work on TOP SECRET assets · Check your objectives and go to the ASSETS screen, select "Intel Summary" and then click on the TOP SECRET label to learn what kind of protection is needed by this asset

  2. Security Risks and Modern Cyber Security Technologies for Corporate Networks

    E-Print Network [OSTI]

    Gharibi, Wajeb

    2011-01-01

    This article aims to highlight current trends on the market of corporate antivirus solutions. Brief overview of modern security threats that can destroy IT environment is provided as well as a typical structure and features of antivirus suits for corporate users presented on the market. The general requirements for corporate products are determined according to the last report from av-comparatives.org [1]. The detailed analysis of new features is provided based on an overview of products available on the market nowadays. At the end, an enumeration of modern trends in antivirus industry for corporate users completes this article. Finally, the main goal of this article is to stress an attention about new trends suggested by AV vendors in their solutions in order to protect customers against newest security threats.

  3. Towards Resilient Critical Infrastructures: Application of Type-2 Fuzzy Logic in Embedded Network Security Cyber Sensor

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Jim Alves-Foss; Milos Manic

    2011-08-01

    Resiliency and cyber security of modern critical infrastructures is becoming increasingly important with the growing number of threats in the cyber-environment. This paper proposes an extension to a previously developed fuzzy logic based anomaly detection network security cyber sensor via incorporating Type-2 Fuzzy Logic (T2 FL). In general, fuzzy logic provides a framework for system modeling in linguistic form capable of coping with imprecise and vague meanings of words. T2 FL is an extension of Type-1 FL which proved to be successful in modeling and minimizing the effects of various kinds of dynamic uncertainties. In this paper, T2 FL provides a basis for robust anomaly detection and cyber security state awareness. In addition, the proposed algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental cyber-security test-bed.

  4. Trusted Grid Computing with Security Assurance and Resource Optimization

    E-Print Network [OSTI]

    Hwang, Kai

    Trusted Grid Computing with Security Assurance and Resource Optimization Shanshan Song and Kai The security of Grid sites can be enhanced by upgrading its intrusion defense capabilities against its previous security enforcement across multiple Grid resources sites. The design is aimed at securing Grid resources

  5. Dartmouth College Computer Science Technical Report TR2010-668 Creating Large Disturbances in the Power Grid

    E-Print Network [OSTI]

    in the Power Grid: Methods of Attack After Cyber Infiltration Senior Honors Thesis June 2010 Loren Sands are pursuing methods of securing the cyber aspect of the U.S. power grid, one of the country's most critical attacks. In this paper I discuss the physical and cyber systems that compose the power grid, and I explore

  6. Information Security: Coordination of Federal Cyber Security Research and

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirleyEnergy A plug-inPPLforLDRD Report11,SecurityHomeRemarksEnergyConfigurationsEGS

  7. Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

    E-Print Network [OSTI]

    Tilaro, F

    2011-01-01

    CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

  8. Lessons Learned from Cyber Security Assessments of SCADA and...

    Office of Environmental Management (EM)

    vendors or asset owners and the INL. The vendors and owners provided software, hardware, training, and technical support. The INL performed the cyber assessments and reported the...

  9. Cyber-Insurance in Internet Security: A Dig into the Information Asymmetry Problem

    E-Print Network [OSTI]

    Pal, Ranjan

    2012-01-01

    Internet users such as individuals and organizations are subject to different types of epidemic risks such as worms, viruses, spams, and botnets. To reduce the probability of risk, an Internet user generally invests in traditional security mechanisms like anti-virus and anti-spam software, sometimes also known as \\emph{self-defense} mechanisms. However, according to security experts, such software (and their subsequent advancements) will not completely eliminate risk. Recent research efforts have considered the problem of residual risk elimination by proposing the idea of \\emph{cyber-insurance}. In this regard, an important research problem is resolving information asymmetry issues associated with cyber-insurance contracts. In this paper we propose \\emph{three} mechanisms to resolve information asymmetry in cyber-insurance. Our mechanisms are based on the \\emph{Principal-Agent} (PA) model in microeconomic theory. We show that (1) optimal cyber-insurance contracts induced by our mechanisms only provide partial...

  10. Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

    2011-04-01

    Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

  11. Abstract --Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities

    E-Print Network [OSTI]

    Thompson, Mary R.

    1 Abstract -- Securing a Grid environment presents a distinctive set of challenges. This paper the security requirements of Grids more completely. Index Terms -- Grid security, authentication, authorization, trust management, secure communication, security policy I. INTRODUCTION The goal of Grid Computing

  12. Fuzzy Trust Integration for Security Enforcement in Grid Computing*

    E-Print Network [OSTI]

    Hwang, Kai

    Fuzzy Trust Integration for Security Enforcement in Grid Computing* Shanshan Song, Kai Hwang sites is crucial to secure distributed Grid applications. We suggest enhancing the trust index running on the platforms. We propose a new fuzzy-logic trust model for securing Grid resources. Grid

  13. Grid Security and Integration with Minimal Performance Degradation Sugata Sanyal

    E-Print Network [OSTI]

    Sanyal, Sugata

    Grid Security and Integration with Minimal Performance Degradation Sugata Sanyal School of computational grids becoming a reality. However, the question of grid security remains one of the important open research issues. Here, we present some novel ideas about how to implement grid security, without

  14. Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Yang Liu1, Armin Sarabi1, Jing Zhang1, Parinaz Naghizadeh1

    E-Print Network [OSTI]

    Liu, Mingyan

    Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Yang Liu1, Armin Sarabi1, Jing In this study we characterize the extent to which cyber security incidents, such as those referenced by Verizon to understand the extent to which one can forecast if an organization may suffer a cyber security incident

  15. Proceedings of Student-Faculty Research Day, CSIS, Pace University, May 3rd A Frame Problem Approach for Adaptive Cyber Security Design

    E-Print Network [OSTI]

    Tappert, Charles

    Problem Approach for Adaptive Cyber Security Design R. Shaikh, T. Bryla, and S. Ahmed Pace University in the context of network security counteraction against cyber-attacks. A simple simulator is designed extensions of this work. Key words: Frame Problem; Cyber-security Introduction With the growing popularity

  16. Computer Security Tips for Cyber Monday What could be more convenient than shopping on-line right from your laptop, desktop or mobile

    E-Print Network [OSTI]

    Emmons, Scott

    1 Computer Security Tips for Cyber Monday What could be more convenient than shopping on-line right victim. Here are some "cyber" security tips that can help you to avoid some of these inherent risks when around, you'd still be quite prudent to adopt an approach to cyber security akin to the "defensive

  17. Prospects of Smart Grid Technologies for a Sustainable and Secure...

    Open Energy Info (EERE)

    Prospects of Smart Grid Technologies for a Sustainable and Secure Power Supply Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Prospects of Smart Grid Technologies for a...

  18. Cyber Security Indications and Warning System (SV): CRADA 1573.94 Project Accomplishments Summary

    SciTech Connect (OSTI)

    Hu, Tan Chang; Robinson, David G.

    2011-09-08

    As the national focus on cyber security increases, there is an evolving need for a capability to provide for high-speed sensing of events, correlation of events, and decision-making based on the adverse events seen across multiple independent large-scale network environments. The purpose of this Shared Vision project, Cyber Security Indications and Warning System, was to combine both Sandia's and LMC's expertise to discover new solutions to the challenge of protecting our nation's infrastructure assets. The objectives and scope of the proposal was limited to algorithm and High Performance Computing (HPC) model assessment in the unclassified environment within funding and schedule constraints. The interest is the identification, scalability assessment, and applicability of current utilized cyber security algorithms as applied in an HPC environment.

  19. Good Things in Small Packages: Micro Worlds and Cyber Security

    SciTech Connect (OSTI)

    David I Gertman

    2013-11-01

    Cyber events, as perpetrated by terrorists and nation states, have become commonplace as evidenced in national and international news media. Cyber attacks affect day-to-day activities of end users through exploitation of social networks, businesses such as banking and stock exchanges, and government entities including Departments of Defense. They are becoming more frequent and sophisticated. Currently, efforts are directed to understanding the methods employed by attackers and towards dissecting the planning and activities of the perpetrator, including review of psychosocial factors.

  20. Pricing and Investments in Internet Security: A Cyber-Insurance Perspective

    E-Print Network [OSTI]

    Pal, Ranjan

    2011-01-01

    Internet users such as individuals and organizations are subject to different types of epidemic risks such as worms, viruses, spams, and botnets. To reduce the probability of risk, an Internet user generally invests in traditional security mechanisms like anti-virus and anti-spam software, sometimes also known as self-defense mechanisms. However, such software does not completely eliminate risk. Recent works have considered the problem of residual risk elimination by proposing the idea of cyber-insurance. In this regard, an important research problem is the analysis of optimal user self-defense investments and cyber-insurance contracts under the Internet environment. In this paper, we investigate two problems and their relationship: 1) analyzing optimal self-defense investments in the Internet, under optimal cyber-insurance coverage, where optimality is an insurer objective and 2) designing optimal cyber-insurance contracts for Internet users, where a contract is a (premium, coverage) pair.

  1. POWER GRID RELIABILITY AND SECURITY

    SciTech Connect (OSTI)

    Bose, Anjan; Venkatasubramanian, Vaithianathan; Hauser, Carl; Bakken, David; Anderson, David; Zhao, Chuanlin; Liu, Dong; Yang, Tao; Meng, Ming; Zhang, Lin; Ning, Jiawei; Tashman, Zaid

    2014-09-30

    This project has led to the development of a real-time simulation platform for electric power grids called Grid Simulator or GridSim for simulating the dynamic and information network interactions of large- scale power systems. The platform consists of physical models of power system components including synchronous generators, loads and control, which are simulated using a modified commercial power simulator namely Transient Stability Analysis Tool (TSAT) [1] together with data cleanup components, as well as an emulated substation level and wide-area power analysis components. The platform also includes realistic representations of communication network middleware that can emulate the real-time information flow back and forth between substations and control centers in wide-area power systems. The platform has been validated on a realistic 6000-bus model of the western American power system. The simulator GridSim developed in this project is the first of its kind in its ability to simulate real-time response of large-scale power grids, and serves as a cost effective real-time stability and control simulation platform for power industry.

  2. International Journal of Smart Grid and Clean Energy Smart Grid Security: Threats, Vulnerabilities and Solutions

    E-Print Network [OSTI]

    Aloul, Fadi

    International Journal of Smart Grid and Clean Energy Smart Grid Security: Threats, Vulnerabilities is currently evolving into the smart grid. Smart grid integrates the traditional electrical power grid, controlling and managing the demands of customers. A smart grid is a huge complex network composed of millions

  3. Combining Traditional Cyber Security Audit Data with Psychosocial Data: Towards Predictive Modeling for Insider Threat Mitigation

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Frincke, Deborah A.

    2010-09-01

    The purpose of this chapter is to motivate the combination of traditional cyber security audit data with psychosocial data, so as to move from an insider threat detection stance to one that enables prediction of potential insider presence. Two distinctive aspects of the approach are the objective of predicting or anticipating potential risks and the use of organizational data in addition to cyber data to support the analysis. The chapter describes the challenges of this endeavor and progress in defining a usable set of predictive indicators, developing a framework for integrating the analysis of organizational and cyber security data to yield predictions about possible insider exploits, and developing the knowledge base and reasoning capability of the system. We also outline the types of errors that one expects in a predictive system versus a detection system and discuss how those errors can affect the usefulness of the results.

  4. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    SciTech Connect (OSTI)

    Vollmer, Todd; Manic, Milos

    2014-05-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.

  5. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Vollmer, Todd; Manic, Milos

    2014-05-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, anmore »established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.« less

  6. Federated Grids and their Security Geoffrey Fox and Marlon Pierce

    E-Print Network [OSTI]

    Federated Grids and their Security Geoffrey Fox and Marlon Pierce Draft 0.4 Introduction We examine the consequences, requirements, and possible implementation issues needed to support security in federated grids that user identity in current Grid security implementations has two major shortcomings: it does not scale

  7. Our Solution Securing Grid Data Transfer Services with

    E-Print Network [OSTI]

    Motivation Our Solution Summary Securing Grid Data Transfer Services with Active Network Portals by in part by the NSF under award numbers EIA 9911099 and CNS 0454298 Michael R. Head Securing Grid Data/Implementation Experiments Results Michael R. Head Securing Grid Data Transfer Services with Active Network Portals #12

  8. Security Implications of Typical Grid Computing Usage Scenarios Marty Humphrey

    E-Print Network [OSTI]

    Thompson, Mary R.

    Security Implications of Typical Grid Computing Usage Scenarios Marty Humphrey Computer Science. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing. 1 easy and secure ac- cess to the Grid's diverse resources. Infrastructure software such as Legion [6

  9. Supporting Decentralized, Security focused Dynamic Virtual Organizations across the Grid

    E-Print Network [OSTI]

    Kent, University of

    Supporting Decentralized, Security focused Dynamic Virtual Organizations across the Grid R and subsequently manage secure virtual organisations (VO) is one of the key challenges facing the Grid community in the education domain. We believe that this federated VO security model for fine grained access to Grid services

  10. Grid Information Security Functional Requirement - Fulfilling Information Security of a Smart Grid System

    E-Print Network [OSTI]

    Ling, Amy Poh Ai; 10.5121/ijgca.2011.2201

    2011-01-01

    This paper describes the background of smart information infrastructure and the needs for smart grid information security. It introduces the conceptual analysis to the methodology with the application of hermeneutic circle and information security functional requirement identification. Information security for the grid market cover matters includes automation and communications industry that affects the operation of electric power systems and the functioning of the utilities that manage them and its awareness of this information infrastructure has become critical to the reliability of the power system. Community benefits from of cost savings, flexibility and deployment along with the establishment of wireless communications. However, concern revolves around the security protections for easily accessible devices such as the smart meter and the related communications hardware. On the other hand, the changing points between traditional versus smart grid networking trend and the information security importance on...

  11. SCLPV: Secure Certificateless Public Verification for Cloud Storage in Cyber-physical-social System

    E-Print Network [OSTI]

    International Association for Cryptologic Research (IACR)

    SCLPV: Secure Certificateless Public Verification for Cloud Storage in Cyber-physical-social System, it is of critical importance to out- source the data to cloud servers, which provides users an easy, cost-effective and flexible way to manage data. Whereas, users lose control on their data once outsourcing their data to cloud

  12. A Cyber Security Study of a SCADA Energy Management System: Stealthy

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    A Cyber Security Study of a SCADA Energy Management System: Stealthy Deception Attacks on the State of state estimators in supervisory control and data acquisition (SCADA) systems for energy management on a state-of-the-art SCADA EMS software for a power network example with 14 substations, 27 buses, and 40

  13. The 2011 Military Communications Conference -Track 3 -Cyber Security and Network Operations From Security to Vulnerability: Data Authentication

    E-Print Network [OSTI]

    Wang, Wenye

    lines and transform ers [5], to perform critical functions of energy transmission and distributionThe 2011 Military Communications Conference - Track 3 - Cyber Security and Network Operations From Wang· Zhuo Lu* Jianfeng Mat "Department of Electrical and Computer Engineering, NC State University

  14. A Secured Health Care Application Architecture for Cyber-Physical Systems

    E-Print Network [OSTI]

    Wang, Jin; Lee, Sungyoung; Shu, Lei; Xia, Feng

    2012-01-01

    Cyber-physical systems (CPS) can be viewed as a new generation of systems with integrated control, communication and computational capabilities. Like the internet transformed how humans interact with one another, cyber-physical systems will transform how people interact with the physical world. Currently, the study of CPS is still in its infancy and there exist many research issues and challenges ranging from electricity power, health care, transportation and smart building etc. In this paper, an introduction of CPeSC3 (cyber physical enhanced secured wireless sensor networks (WSNs) integrated cloud computing for u-life care) architecture and its application to the health care monitoring and decision support systems is given. The proposed CPeSC3 architecture is composed of three main components, namely 1) communication core, 2) computation core, and 3) resource scheduling and management core. Detailed analysis and explanation are given for relevant models such as cloud computing, real time scheduling and secu...

  15. Secure Compressed Reading in Smart Grids

    E-Print Network [OSTI]

    Cai, Sheng; Chen, Minghua; Yan, Jianxin; Jaggi, Sidharth

    2012-01-01

    Smart Grids measure energy usage in real-time and tailor supply and delivery accordingly, in order to improve power transmission and distribution. For the grids to operate effectively, it is critical to collect readings from massively-installed smart meters to control centers in an efficient and secure manner. In this paper, we propose a secure compressed reading scheme to address this critical issue. We observe that our collected real-world meter data express strong temporal correlations, indicating they are sparse in certain domains. We adopt Compressed Sensing technique to exploit this sparsity and design an efficient meter data transmission scheme. Our scheme achieves substantial efficiency offered by compressed sensing, without the need to know beforehand in which domain the meter data are sparse. This is in contrast to traditional compressed-sensing based scheme where such sparse-domain information is required a priori. We then design specific dependable scheme to work with our compressed sensing based ...

  16. ANALYSIS OF ELECTRIC GRID SECURITY UNDER TERRORIST THREAT Javier Salmeron

    E-Print Network [OSTI]

    Baldick, Ross

    ANALYSIS OF ELECTRIC GRID SECURITY UNDER TERRORIST THREAT Javier Salmeron Kevin Wood Operations techniques for analyzing the security and resilience of electrical power grids against disruptions caused analytical techniques to help mitigate the disruptions to electric power grids caused by terrorist attacks

  17. Computer Security Division 2009 Annual Report

    E-Print Network [OSTI]

    Security 12 Smart Grid Cyber Security 13 Supply Chain Risk Management 13 Cryptographic Validation Programs Computing Project 36 Policy Machine 36 Security for Grid and Pervasive Systems 38 Security OntologiesComputer Security Division 2009 Annual Report #12;Table of Contents Welcome 1 Division

  18. Security Working Group Marty Humphrey GRID FORUM DRAFT University of Virginia

    E-Print Network [OSTI]

    Lee, Ruby B.

    Security Working Group Marty Humphrey GRID FORUM DRAFT University of Virginia Mary Thompson] Security Implications of Typical Grid Computing Usage Scenarios security-implications-01 ways to access the immense computational power of a Computational Grid, each with unique security

  19. Avaki Data Grid Secure Transparent Access to Data Andrew Grimshaw

    E-Print Network [OSTI]

    Grimshaw, Andrew

    1 of 27 Avaki Data Grid ­ Secure Transparent Access to Data Andrew Grimshaw Mike Herrick Anand and development by the Grid community we see Grids (then called Metasystems [3]) being deployed around the world both in academic settings, and more tellingly, in production commercial settings. What is a Grid? What

  20. Management of Naval Reactors' Cyber Security Program, OIG-0884

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirleyEnergyTher i nAand DOE Safetyof Energy This RevisionMakingBillHanfordUSReactors' Cyber

  1. Lab hosts multi-lab cyber security games

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity ofkandz-cm11 Outreach Home Room NewsInformationJesse Bergkamp Graduate student Subtask22BackgroundLab hosts multi-lab cyber

  2. Hardware Security for Device Authentication in the Smart Grid

    E-Print Network [OSTI]

    Murawski, Andrzej

    Hardware Security for Device Authentication in the Smart Grid Andrew J. Paverd and Andrew P. Martin. Secure communication between devices is a key aspect of smart grid security. In the future smart home environment, various smart devices, appliances and energy management systems will communicate with each other

  3. This Thursday: Google+ Hangout on Securing the Smart Grid

    Broader source: Energy.gov [DOE]

    Have questions about how the Department is helping ensure the nation's electric grid stays safe and secure? Ask members of the smart grid cybersecurity workforce your questions this Thursday.

  4. Role of Power Grid in Side Channel Attack and Power-Grid-Aware Secure Design

    E-Print Network [OSTI]

    Bhunia, Swarup

    Role of Power Grid in Side Channel Attack and Power-Grid-Aware Secure Design Xinmu Wang1 , Wen Yueh on the operating frequency due to RLC structure of a power grid. In this paper, we analyze the ef- fect of power grid on SCA and provide quantitative results to demonstrate the frequency-dependent SCA resistance due

  5. (MS WORD TEMPLATE for Submission in Fusion Engineering and Design) Security on the US Fusion Grid

    E-Print Network [OSTI]

    Thompson, Mary R.

    (MS WORD TEMPLATE for Submission in Fusion Engineering and Design) Security on the US Fusion Grid J, FusionGrid, grid computing 1. Introduction Critical to the success of any computational grid is security to improve security for the US Fusion Grid (FusionGrid) [1]. Collaboratory workers have adapted secure

  6. Proposed platform for improving grid security by trust management system

    E-Print Network [OSTI]

    Siadat, Safieh; Mohsenzadeh, Mehran

    2009-01-01

    With increasing the applications of grid system, the risk in security field is enhancing too. Recently Trust management system has been recognized as a noticeable approach in enhancing of security in grid systems. In this article due to improve the grid security a new trust management system with two levels is proposed. The benefits of this platform are adding new domain in grid system, selecting one service provider which has closest adaption with user requests and using from domains security attribute as an important factor in computing the trust value.

  7. Modeling, Stability, and Security in Cyber-Physical Systems

    E-Print Network [OSTI]

    Department of Electrical and Computer Engineering Case Western Reserve University, inter-area behaviors Seasonal, weather induced, and circadian variaJons Sensor poor => incomplete observability Grid of the Future: Improve command and control through: n

  8. Obama's Call for Public-Private Cyber Security Collaboration...

    Energy Savers [EERE]

    the computer-based systems that monitor and control the nation's electric grid and oil and gas pipelines remains a shared challenge for the Department of Energy. As the...

  9. NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on DeliciousMathematicsEnergyInterested Parties -Department of EnergyNEW1 NEPAOctoberof EnergyDepartment of

  10. Office of Cyber Assessments | Department of Energy

    Energy Savers [EERE]

    a cyber security testing network that evaluates the effectiveness of state-of-the-art cyber security tools. Maintains a continuous program of announced and unannounced...

  11. Advanced Security Acceleration Project for Smart Grid (ASAP-SG...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Acceleration Project for Smart Grid (ASAP-SG) June 12, 2013 Problem Statement: The goal of this project is to develop a set of computer and network security requirements...

  12. NERSC Cyber Security Challenges That Require DOE Development and Support

    E-Print Network [OSTI]

    Draney, Brent; Campbell, Scott; Walter, Howard

    2008-01-01

    manufacturer, or otherwise, does not necessarily constituteSecurity Challenges That Require DOE Development and Supportimpact on the ability of DOE to accomplish its science

  13. Defining and Computing a Valued Based Cyber-Security Measure

    SciTech Connect (OSTI)

    Aissa, Anis Ben; Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

    2012-01-01

    In earlier work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper, we discuss the specification and design of a system that collects, updates, and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

  14. Towards a Relation Extraction Framework for Cyber-Security Concepts

    SciTech Connect (OSTI)

    Jones, Corinne L; Bridges, Robert A; Huffer, Kelly M; Goodall, John R

    2015-01-01

    In order to assist security analysts in obtaining information pertaining to their network, such as novel vulnerabilities, exploits, or patches, information retrieval methods tailored to the security domain are needed. As labeled text data is scarce and expensive, we follow developments in semi-supervised NLP and implement a bootstrapping algorithm for extracting security entities and their relationships from text. The algorithm requires little input data, specifically, a few relations or patterns (heuristics for identifying relations), and incorporates an active learning component which queries the user on the most important decisions to prevent drifting the desired relations. Preliminary testing on a small corpus shows promising results, obtaining precision of .82.

  15. Cyber Threats to Nuclear Infrastructures

    SciTech Connect (OSTI)

    Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

    2010-07-01

    Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

  16. Cyber Security Analysis of State Estimators in Electric Power Systems Andre Teixeira, Saurabh Amin, Henrik Sandberg, Karl H. Johansson, and Shankar S. Sastry

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    Cyber Security Analysis of State Estimators in Electric Power Systems Andr´e Teixeira, Saurabh Amin, Henrik Sandberg, Karl H. Johansson, and Shankar S. Sastry Abstract-- In this paper, we analyze the cyber security of state estimators in Supervisory Control and Data Acquisition (SCADA) systems operating in power

  17. IEC 61850 and IEC 62351 Cyber Security Acceleration Workshop

    SciTech Connect (OSTI)

    Clements, Samuel L.; Edgar, Thomas W.; Manz, David O.

    2012-04-01

    The purpose of this workshop was to identify and discuss concerns with the use and adoption of IEC 62351 security standard for IEC 61850 compliant control system products. The industry participants discussed performance, interoperability, adoption, challenges, business cases, and future issues.

  18. PACE: Pattern Accurate Computationally Efficient Bootstrapping for Timely Discovery of Cyber-Security Concepts

    SciTech Connect (OSTI)

    McNeil, Nikki C; Bridges, Robert A; Iannacone, Michael D; Czejdo, Bogdan; Perez, Nicolas E; Goodall, John R

    2013-01-01

    Public disclosure of important security information, such as knowledge of vulnerabilities or exploits, often occurs in blogs, tweets, mailing lists, and other online sources significantly before proper classification into structured databases. In order to facilitate timely discovery of such knowledge, we propose a novel semi-supervised learning algorithm, PACE, for identifying and classifying relevant entities in text sources. The main contribution of this paper is an enhancement of the traditional bootstrapping method for entity extraction by employing a time-memory trade-off that simultaneously circumvents a costly corpus search while strengthening pattern nomination, which should increase accuracy. An implementation in the cyber-security domain is discussed as well as challenges to Natural Language Processing imposed by the security domain.

  19. Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

    SciTech Connect (OSTI)

    Ondrej Linda; Milos Manic; Miles McQueen

    2012-09-01

    Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

  20. Shopping For Danger: E-commerce techniques applied to collaboration in cyber security

    SciTech Connect (OSTI)

    Bruce, Joseph R.; Fink, Glenn A.

    2012-05-24

    Collaboration among cyber security analysts is essential to a successful protection strategy on the Internet today, but it is uncommonly practiced or encouraged in operating environments. Barriers to productive collaboration often include data sensitivity, time and effort to communicate, institutional policy, and protection of domain knowledge. We propose an ambient collaboration framework, Vulcan, designed to remove the barriers of time and effort and mitigate the others. Vulcan automated data collection, collaborative filtering, and asynchronous dissemination, eliminating the effort implied by explicit collaboration among peers. We instrumented two analytic applications and performed a mock analysis session to build a dataset and test the output of the system.

  1. Computational Needs for the Next Generation Electric Grid Proceedings

    E-Print Network [OSTI]

    Birman, Kenneth

    2012-01-01

    Operation, Control and Cyber Security”, North American facilities, means  of cyber security, and visualization an adequate level of cyber?security and protection of 

  2. INL Cyber Security Research (2008) | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirleyEnergy A plug-inPPLforLDRD Report11,SecurityHome . Form D-4-AILE:

  3. Office of Cyber and Security Assessments | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirley Ann JacksonDepartment ofOffice|in the subsurfaceSecurity Assessments is responsible for the

  4. Selection of Model in Developing Information Security Criteria for Smart Grid Security System

    E-Print Network [OSTI]

    Ling, Amy Poh Ai

    2011-01-01

    At present, the "Smart Grid" has emerged as one of the best advanced energy supply chains. This paper looks into the security system of smart grid via the smart planet system. The scope focused on information security criteria that impact on consumer trust and satisfaction. The importance of information security criteria is perceived as the main aspect to impact on customer trust throughout the entire smart grid system. On one hand, this paper also focuses on the selection of the model for developing information security criteria on a smart grid.

  5. Grid Security and Integration with Minimal Performance Degradation

    E-Print Network [OSTI]

    Sanyal, Sugata; Abraham, Ajith; Paprzycki, Marcin

    2011-01-01

    Computational grids are believed to be the ultimate framework to meet the growing computational needs of the scientific community. Here, the processing power of geographically distributed resources working under different ownerships, having their own access policy, cost structure and the likes, is logically coupled to make them perform as a unified resource. The continuous increase of availability of high-bandwidth communication as well as powerful computers built of low-cost components further enhance chances of computational grids becoming a reality. However, the question of grid security remains one of the important open research issues. Here, we present some novel ideas about how to implement grid security, without appreciable performance degradation in grids. A suitable alternative to the computationally expensive encryption is suggested, which uses a key for message authentication. Methods of secure transfer and exchange of the required key(s) are also discussed.

  6. A Cyber Security Study of a SCADA Energy Management System: Stealthy Deception Attacks on the State Estimator

    E-Print Network [OSTI]

    Teixeira, André; Sandberg, Henrik; Johansson, Karl H

    2010-01-01

    The electrical power network is a critical infrastructure in today's society, so its safe and reliable operation is of major concern. State estimators are commonly used in power networks, for example, to detect faulty equipment and to optimally route power flows. The estimators are often located in control centers, to which large numbers of measurements are sent over unencrypted communication channels. Therefore cyber security for state estimators becomes an important issue. In this paper we analyze the cyber security of state estimators in supervisory control and data acquisition (SCADA) for energy management systems (EMS) operating the power network. Current EMS state estimation algorithms have bad data detection (BDD) schemes to detect outliers in the measurement data. Such schemes are based on high measurement redundancy. Although these methods may detect a set of basic cyber attacks, they may fail in the presence of an intelligent attacker. We explore the latter by considering scenarios where stealthy de...

  7. Fine-Grain Access Control for Securing Shared Resources in Computational Grids*

    E-Print Network [OSTI]

    Lee, Ruby B.

    Fine-Grain Access Control for Securing Shared Resources in Computational Grids* Abstract, grid environments, grid security, Unix accessmodel. providing an active enforcement of the security. Introduction Grid environments of the future will require an abil- ity to provide a secure execution

  8. A Game Theoretical Approach to Communication Security

    E-Print Network [OSTI]

    Gueye, Assane

    2011-01-01

    CERT. (2010, Dec) Technical Cyber Security Alerts. [Online].a broad overview of cyber security incidents in the laststrategic war and viable cyber security solutions should be

  9. Topic 7 : Smart Grid Privacy and Security 1Networking and Distributed Systems

    E-Print Network [OSTI]

    Mohsenian-Rad, Hamed

    Topic 7 : Smart Grid Privacy and Security 1Networking and Distributed Systems Department Tech UniversityCommunications and Control in Smart Grid 2 · Smart Meter Privacy · Concerns · Possible Solutions · Smart Grid Security · Load Altering Attacks · False Data Injection Attacks · Impact

  10. IEEE TRANSACTIONS ON SMART GRID, VOL. 1, NO. 1, JUNE 2010 99 Security Technology for Smart Grid Networks

    E-Print Network [OSTI]

    Hu, Fei

    IEEE TRANSACTIONS ON SMART GRID, VOL. 1, NO. 1, JUNE 2010 99 Security Technology for Smart Grid for a smart grid system, including public key infrastructures and trusted computing. Index Terms--Attestation, public key infrastructure (PKI), Su- pervisory Control And Data Acquisition (SCADA), security, smart grid

  11. Comprehensive, Multi-Source Cyber-Security Data Set

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    Kent, Alexander D. [Los Alamos National Laboratory

    2015-05-21

    This data set represents 58 consecutive days of de-identified event data collected from five sources within Los Alamos National Laboratory’s corporate, internal computer network. The data sources include Windows-based authentication events from both individual computers and centralized Active Directory domain controller servers; process start and stop events from individual Windows computers; Domain Name Service (DNS) lookups as collected on internal DNS servers; network flow data as collected on at several key router locations; and a set of well-defined red teaming events that present bad behavior within the 58 days. In total, the data set is approximately 12 gigabytes compressed across the five data elements and presents 1,648,275,307 events in total for 12,425 users, 17,684 computers, and 62,974 processes. Specific users that are well known system related (SYSTEM, Local Service) were not de-identified though any well-known administrators account were still de-identified. In the network flow data, well-known ports (e.g. 80, 443, etc) were not de-identified. All other users, computers, process, ports, times, and other details were de-identified as a unified set across all the data elements (e.g. U1 is the same U1 in all of the data). The specific timeframe used is not disclosed for security purposes. In addition, no data that allows association outside of LANL’s network is included. All data starts with a time epoch of 1 using a time resolution of 1 second. In the authentication data, failed authentication events are only included for users that had a successful authentication event somewhere within the data set.

  12. Comprehensive, Multi-Source Cyber-Security Data Set

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    Kent, Alexander D. [Los Alamos National Laboratory

    This data set represents 58 consecutive days of de-identified event data collected from five sources within Los Alamos National Laboratory’s corporate, internal computer network. The data sources include Windows-based authentication events from both individual computers and centralized Active Directory domain controller servers; process start and stop events from individual Windows computers; Domain Name Service (DNS) lookups as collected on internal DNS servers; network flow data as collected on at several key router locations; and a set of well-defined red teaming events that present bad behavior within the 58 days. In total, the data set is approximately 12 gigabytes compressed across the five data elements and presents 1,648,275,307 events in total for 12,425 users, 17,684 computers, and 62,974 processes. Specific users that are well known system related (SYSTEM, Local Service) were not de-identified though any well-known administrators account were still de-identified. In the network flow data, well-known ports (e.g. 80, 443, etc) were not de-identified. All other users, computers, process, ports, times, and other details were de-identified as a unified set across all the data elements (e.g. U1 is the same U1 in all of the data). The specific timeframe used is not disclosed for security purposes. In addition, no data that allows association outside of LANL’s network is included. All data starts with a time epoch of 1 using a time resolution of 1 second. In the authentication data, failed authentication events are only included for users that had a successful authentication event somewhere within the data set.

  13. A Security Based Data Mining Approach in Data Grid

    E-Print Network [OSTI]

    Vidhya, S

    2010-01-01

    Grid computing is the next logical step to distributed computing. Main objective of grid computing is an innovative approach to share resources such as CPU usage; memory sharing and software sharing. Data Grids provide transparent access to semantically related data resources in a heterogeneous system. The system incorporates both data mining and grid computing techniques where Grid application reduces the time for sending results to several clients at the same time and Data mining application on computational grids gives fast and sophisticated results to users. In this work, grid based data mining technique is used to do automatic allocation based on probabilistic mining frequent sequence algorithm. It finds frequent sequences for many users at a time with accurate result. It also includes the trust management architecture for trust enhanced security.

  14. Techniques for Securing Substation Automation Systems David Guidry1

    E-Print Network [OSTI]

    Burmester, Mike

    that such systems are properly secured. Most critical infrastructures such as the electricity grid can be modeled be modeled as cyber-physical systems whose cyber components control the underlying physical components so propose techniques for resilient substation automation of power utility systems with security based

  15. Combating False Reports for Secure Networked Control in Smart Grid via Trustiness Evaluation

    E-Print Network [OSTI]

    Li, Husheng; Djouadi, Seddik M

    2010-01-01

    Smart grid, equipped with modern communication infrastructures, is subject to possible cyber attacks. Particularly, false report attacks which replace the sensor reports with fraud ones may cause the instability of the whole power grid or even result in a large area blackout. In this paper, a trustiness system is introduced to the controller, who computes the trustiness of different sensors by comparing its prediction, obtained from Kalman filtering, on the system state with the reports from sensor. The trustiness mechanism is discussed and analyzed for the Linear Quadratic Regulation (LQR) controller. Numerical simulations show that the trustiness system can effectively combat the cyber attacks to smart grid.

  16. Secure Information Exchange Gateway for Electric Grid Operations

    SciTech Connect (OSTI)

    Robertson, F. Russell; Carroll, J. Ritchie; Sanders, William; Yardley, Timothy; Heine, Erich; Hadley, Mark; McKinnon, David; Motteler, Barbara; Giri, Jay; Walker, William; McCartha, Esrick

    2014-09-30

    The major objectives of the SIEGate project were to improve the security posture and minimize the cyber-attack surface of electric utility control centers and to reduce the cost of maintaining control-room-to-control-room information exchange. Major project goals included the design, development, testing, and commercialization of a single security-hardened appliance that could meet industry needs for resisting cyber-attacks while protecting the confidentiality and integrity of a growing volume of real-time information needed to ensure the reliability of the bulk electric system and interoperating with existing data formats and networking technologies. The SIEGate project has achieved its goals and objectives. The SIEGate Design Document, issued in March 2012, presented SIEGate use cases, provided SIEGate requirements, established SIEGate design principles, and prescribed design functionality of SIEGate as well as the components that make up SIEGate. SIEGate Release Version 1.0 was posted in January 2014. Release Version 1.0.83, which was posted on March 28, 2014, fixed many issues discovered by early adopters and added several new features. Release Candidate 1.1, which added additional improvements and bug fixes, was posted in June 2014. SIEGate executables have been downloaded more than 300 times. SIEGate has been tested at PJM, Entergy, TVA, and Southern. Security testing and analysis of SIEGate has been conducted at PNNL and PJM. Alstom has provided a summary of recommended steps for commercialization of the SIEGate Appliance and identified two deployment models with immediate commercial application.

  17. NERSC Cyber Security Challenges That Require DOE Development andSupport

    SciTech Connect (OSTI)

    Draney, Brent; Campbell, Scott; Walter, Howard

    2007-01-16

    Traditional security approaches do not adequately addressall the requirements of open, scientific computing facilities. Many ofthe methods used for more restricted environments, including almost allcorporate/commercial systems, do not meet the needs of today's science.Use of only the available "state of the practice" commercial methods willhave adverse impact on the ability of DOE to accomplish its sciencegoals, and impacts the productivity of the DOE Science community. Inparticular, NERSC and other high performance computing (HPC) centers havespecial security challenges that are unlikely to be met unless DOE fundsdevelopment and support of reliable and effective tools designed to meetthe cyber security needs of High Performance Science. The securitychallenges facing NERSC can be collected into three basic problem sets:network performance and dynamics, application complexity and diversity,and a complex user community that can have transient affiliations withactual institutions. To address these problems, NERSC proposes thefollowing four general solutions: auditing user and system activityacross sites; firewall port configuration in real time;cross-site/virtual organization identity management and access control;and detecting security issues in application middleware. Solutions arealsoproposed for three general long term issues: data volume,application complexity, and information integration.

  18. Experiences and Challenges with Using Cert Data to Analyze International Cyber Security

    E-Print Network [OSTI]

    Madnick, Stuart

    With the increasing interconnection of computer networks and sophistication of cyber attacks, it is important to understand the dynamics of such situations, especially in regards to cyber international relations. The ...

  19. Negotiation of Multilateral Security Decisions for Grid Computing Li Zhou Clifford Neuman

    E-Print Network [OSTI]

    Hwang, Kai

    Negotiation of Multilateral Security Decisions for Grid Computing Li Zhou Clifford Neuman Architecture that facilitates the collaboration in making security decisions for grid services. In particular security decisions according to the level of trust among grid service providers. 1. Introduction The grid

  20. Quantifying Availability in SCADA Environments Using the Cyber Security Metric MFC

    SciTech Connect (OSTI)

    Aissa, Anis Ben; Rabai, Latifa Ben Arfa; Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

    2014-01-01

    Supervisory Control and Data Acquisition (SCADA) systems are distributed networks dispersed over large geographic areas that aim to monitor and control industrial processes from remote areas and/or a centralized location. They are used in the management of critical infrastructures such as electric power generation, transmission and distribution, water and sewage, manufacturing/industrial manufacturing as well as oil and gas production. The availability of SCADA systems is tantamount to assuring safety, security and profitability. SCADA systems are the backbone of the national cyber-physical critical infrastructure. Herein, we explore the definition and quantification of an econometric measure of availability, as it applies to SCADA systems; our metric is a specialization of the generic measure of mean failure cost.

  1. A Method for Estimating the Financial Impact of Cyber Information Security Breaches Utilizing the Common Vulnerability Scoring System and Annual Loss Expectancy

    E-Print Network [OSTI]

    Lindsey, Michael B.

    2010-05-14

    calculate the likelihood of a successful cyber security attack and the resulting financial impacts. The method incorporates annual loss expectancy and cost-benefit, which are tools familiar to most mid-level managers responsible for budget creation....

  2. A Security Architecture for Computational Grids* Ian Foster* Carl Kessekan2 Gene Tsudik2 Steven Tueckel

    E-Print Network [OSTI]

    Lee, Ruby B.

    A Security Architecture for Computational Grids* Ian Foster* Carl Kessekan2 Gene Tsudik2 Steven (grid) computing and develops a security policy and a corresponding security architecture. An implemen to apphcation execution. Fmdy, the interdomaiu security solutions used for grids must be able to irtteroperate

  3. GEMSS: Privacy and security for a Medical Grid Jean A.M. Herveg1

    E-Print Network [OSTI]

    Middleton, Stuart E.

    GEMSS: Privacy and security for a Medical Grid Jean A.M. Herveg1 , Federico Crazzolara2 , Stuart E the GEMSS Grid middleware. The security technology employed is based on a public key infrastructure (PKI providers are sufficiently secure. 2. Keywords Grid, Legal, Medical, Personal Data, Security 3. Introduction

  4. Enhancing Security of Real-Time Applications on Grids through Dynamic Scheduling

    E-Print Network [OSTI]

    Feitelson, Dror

    Enhancing Security of Real-Time Applications on Grids through Dynamic Scheduling Tao Xie Xiao Qin on Grids require security protections to completely fulfill their security-critical needs. Unfortunately to seamlessly integrate security into real-time scheduling for applications running on Grids. In this paper we

  5. Summit on Education in Secure Software Final Report

    E-Print Network [OSTI]

    Burley, Diana L.; Bishop, Matt

    2011-01-01

    designed to meet the cyber security challenges of theobjectives: 1. To have cyber security stakeholders fromWashington University Cyber Security Policy and Research

  6. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    SciTech Connect (OSTI)

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was selected from the list of standards identified in the identification effort. The requirements in these seven standards were then compared against the requirements given in the Framework. This comparison identified gaps (requirements not covered) in both the individual industry standards and in the Framework. In addition to the sector-specific standards reviewed, the team compared the requirements in the cross-sector Instrumentation, Systems, and Automation Society (ISA) Technical Reports (TR) 99 -1 and -2 to the Framework requirements. The Framework defines a set of security classes separated into families as functional requirements for control system security. Each standard reviewed was compared to this template of requirements to determine if the standard requirements closely or partially matched these Framework requirements. An analysis of each class of requirements pertaining to each standard reviewed can be found in the comparison results section of this report. Refer to Appendix A, ''Synopsis of Comparison Results'', for a complete graphical representation of the study's findings at a glance. Some of the requirements listed in the Framework are covered by many of the standards, while other requirements are addressed by only a few of the standards. In some cases, the scope of the requirements listed in the standard for a particular industry greatly exceeds the requirements given in the Framework. These additional families of requirements, identified by the various standards bodies, could potentially be added to the Framework. These findings are, in part, due to the maturity both of the security standards themselves and of the different industries current focus on security. In addition, there are differences in how communication and control is used in different industries and the consequences of disruptions via security breaches to each particular industry that could affect how security requirements are prioritized. The differences in the requirements listed in the Framework and in the various industry standards are due, in part, to differences in the level and purpose of the standards. While the requir

  7. T-712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and...

    Office of Environmental Management (EM)

    12: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update T-712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update September 8, 2011 -...

  8. Smart Grid Data Integrity Attack

    E-Print Network [OSTI]

    Poolla, Kameshwar

    2012-01-01

    and S. S. Sastry, “Cyber-security Analysis of StateK. H. Johansson, “A Cyber Security Study of a SCADA Energy

  9. Performance Comparison of Security Mechanisms for Grid Services Satoshi Shirasuna Aleksander Slominski Liang Fang Dennis Gannon

    E-Print Network [OSTI]

    Performance Comparison of Security Mechanisms for Grid Services Satoshi Shirasuna Aleksander Security is one of the most important features for Grid services. There are several specifications used, since most of the security mechanisms involve slow XML manipulations, adding secu- rity to Grid services

  10. Supporting Secure Ad-hoc User Collaboration in Grid Environments Markus Lorch, Dennis Kafura

    E-Print Network [OSTI]

    Cao, Yong

    Supporting Secure Ad-hoc User Collaboration in Grid Environments Markus Lorch, Dennis Kafura is a key requirement. Current grid security mechanisms support individual users who are members of well-defined virtual organizations. Recent research seeks to provide manageable grid security services for self

  11. Identity-Based Cryptography for Grid Security Hoon Wei Lim and Kenneth G. Paterson

    E-Print Network [OSTI]

    Paterson, Kenny

    Identity-Based Cryptography for Grid Security Hoon Wei Lim and Kenneth G. Paterson Information.paterson}@rhul.ac.uk Abstract The majority of current security architectures for grid systems use public key infrastructure (PKI) to authenticate identities of grid members and to secure resource alloca- tion to these members. Identity

  12. Secure Smart Grid Association | Open Energy Information

    Open Energy Info (EERE)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on QA:QA J-E-1 SECTION J APPENDIX ECoop Inc Jump to:Newberg,EnergyEastCarbonOpenSchulthess GroupSmart Grid Association

  13. A Framework for Modeling Cyber-Physical Switching Attacks in Smart Grid 

    E-Print Network [OSTI]

    Liu, Shan; Mashayekh, Salman; Kundur, Deepa; Zourntos, Takis; Butler-Purry, Karen

    2014-01-02

    - gency response,’’ in Proc. Summer Comput. Simul. Conf., Jul. 2007, pp. 1230–1237. [3] B. Rozel, M. Viziteu, R. Caire, N. Hadjsaid, and J.-P. Rognon, ‘‘Towards a common model for studying critical infrastructure interdependencies,’’ in Proc. IEEE Power.... IEEE Power Syst. Conf. Exposit., Mar. 2009, pp. 1–6. [5] J. Stamp, A. McIntyre, and B. Ricardson, ‘‘Reliability impacts from cyber attack on electric power systems,’’ in Proc. IEEE Power Syst. Conf. Exposit., Mar. 2009, pp. 1–8. [6] S. Sheng, W. L. Chan...

  14. Cyber Academic Group Brown Bag Guest Lecture

    E-Print Network [OSTI]

    conducted SCADA, substation, plant control system, and water systems vulnerability Applied Control Solutions, LLC. The State of Cyber Security in Industrial Control Systems 1200 This talk will explore control system cyber security, how is it different than

  15. Smart Grid Demonstration Project

    SciTech Connect (OSTI)

    Miller, Craig; Carroll, Paul; Bell, Abigail

    2015-03-11

    The National Rural Electric Cooperative Association (NRECA) organized the NRECA-U.S. Department of Energy (DOE) Smart Grid Demonstration Project (DE-OE0000222) to install and study a broad range of advanced smart grid technologies in a demonstration that spanned 23 electric cooperatives in 12 states. More than 205,444 pieces of electronic equipment and more than 100,000 minor items (bracket, labels, mounting hardware, fiber optic cable, etc.) were installed to upgrade and enhance the efficiency, reliability, and resiliency of the power networks at the participating co-ops. The objective of this project was to build a path for other electric utilities, and particularly electrical cooperatives, to adopt emerging smart grid technology when it can improve utility operations, thus advancing the co-ops’ familiarity and comfort with such technology. Specifically, the project executed multiple subprojects employing a range of emerging smart grid technologies to test their cost-effectiveness and, where the technology demonstrated value, provided case studies that will enable other electric utilities—particularly electric cooperatives— to use these technologies. NRECA structured the project according to the following three areas: Demonstration of smart grid technology; Advancement of standards to enable the interoperability of components; and Improvement of grid cyber security. We termed these three areas Technology Deployment Study, Interoperability, and Cyber Security. Although the deployment of technology and studying the demonstration projects at coops accounted for the largest portion of the project budget by far, we see our accomplishments in each of the areas as critical to advancing the smart grid. All project deliverables have been published. Technology Deployment Study: The deliverable was a set of 11 single-topic technical reports in areas related to the listed technologies. Each of these reports has already been submitted to DOE, distributed to co-ops, and posted for universal access at www.nreca.coop/smartgrid. This research is available for widespread distribution to both cooperative members and non-members. These reports are listed in Table 1.2. Interoperability: The deliverable in this area was the advancement of the MultiSpeak™ interoperability standard from version 4.0 to version 5.0, and improvement in the MultiSpeak™ documentation to include more than 100 use cases. This deliverable substantially expanded the scope and usability of MultiSpeak, ™ the most widely deployed utility interoperability standard, now in use by more than 900 utilities. MultiSpeak™ documentation can be accessed only at www.multispeak.org. Cyber Security: NRECA’s starting point was to develop cyber security tools that incorporated succinct guidance on best practices. The deliverables were: cyber security extensions to MultiSpeak,™ which allow more security message exchanges; a Guide to Developing a Cyber Security and Risk Mitigation Plan; a Cyber Security Risk Mitigation Checklist; a Cyber Security Plan Template that co-ops can use to create their own cyber security plans; and Security Questions for Smart Grid Vendors.

  16. False Data Injection Attacks with Incomplete Information Against Smart Power Grids

    E-Print Network [OSTI]

    Mohsenian-Rad, Hamed

    False Data Injection Attacks with Incomplete Information Against Smart Power Grids Md. Ashfaqur introduced as an important class of cyber attacks against smart grid's wide area measurement and monitoring Injection Attack, Smart Grid Security, Incomplete Information, Transmission Line Admittance Uncer- tainty

  17. 1/7/2015 National Cyber Security Alliance Counts Down to Data Privacy Day on January 28 http://us1.campaignarchive2.com/?u=1cfc376f9f35e50eaea6eb1e0&id=6ddf204f80&e=fcb8632654 1/4

    E-Print Network [OSTI]

    Fernandez, Eduardo

    #12;1/7/2015 National Cyber Security Alliance Counts Down to Data Privacy Day on January 28 http is held on January 28th annually. National Cyber Security Alliance Counts Down to Data Privacy Day ­ The National Cyber Security Alliance (NCSA), the nation's leading nonprofit publicprivate partnership promoting

  18. Review and Evaluation of Security Threats on the Communication Networks in the Smart Grid

    E-Print Network [OSTI]

    Wang, Wenye

    Review and Evaluation of Security Threats on the Communication Networks in the Smart Grid Zhuo Lu Park, NC 27709 Email: cliff.wang@us.army.mil Abstract--The smart grid, generally referred in the smart grid. In this paper, we aim at classifying and evaluating the security threats

  19. Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems

    E-Print Network [OSTI]

    Wang, Yongge

    Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems This paper studies the security requirements for remote authentication and communication in smart grid to smart grid systems. For example, in order to unlock the credentials stored in tamper

  20. Communication Capacity Requirement for Reliable and Secure State Estimation in Smart Grid

    E-Print Network [OSTI]

    Qiu, Robert Caiming

    1 Communication Capacity Requirement for Reliable and Secure State Estimation in Smart Grid Husheng, Cookeville, TN Abstract-- Secure system state estimation is an important issue in smart grid to assure the information the- oretic perspective. The smart grid is modeled as a linear dynamic system. Then, the channel

  1. ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber...

    Office of Environmental Management (EM)

    Utilities Form Consortium to Fund SCADAEMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADAEMS Cyber Security...

  2. Building a Secure and Privacy-Preserving Smart Grid Cornell University

    E-Print Network [OSTI]

    Jelasity, Márk

    in the electrical power grid promise to create a more efficient, cost-effective, and adaptable smart grid. HoweverBuilding a Secure and Privacy-Preserving Smart Grid Ken Birman Cornell University Márk Jelasity, naive implementations of smart grid data collection could jeopardize the privacy of consumers

  3. Performance Evaluation of Flocking-Based Distributed Cyber-Physical Control for Smart Grid

    E-Print Network [OSTI]

    Kundur, Deepa

    generation, transmission and delivery. The two way information and power flow facilitated in smart grid proposed to stabilize power systems during transient insta- bility. The flocking paradigm offers a rich, communication sys- tems and control to help improve the efficiency, reliability and resilience of power

  4. Security Standards for the Global Information Grid Gary Buda, Booz Allen & Hamilton, Linthicum, MD 21090

    E-Print Network [OSTI]

    Lee, Ruby B.

    1 Security Standards for the Global Information Grid Gary Buda, Booz Allen & Hamilton, Linthicum security of the Global Information Grid (GIG). The context for "hardening" this infrastructure also describes the Department of Defense (DoD) activities aimed toward defining security requirements

  5. Securing the Electricity Grid: Government and Industry Exercise Together at

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE: Alternative FuelsofProgram: Report AppendicesAVideo » Search resultsEnergy CERAWeekSecuringGridEx

  6. Pacific Basin Nuclear Conference (PBNC 2012), BEXCO, Busan, Korea, March 18 ~ 23, 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS

    E-Print Network [OSTI]

    Kim, Kwangjo

    PBNC 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS Kwangjo Kim KAIST, Daejeon, Korea.kim@kustar.ac.ae Abstract Nuclear Power Plants (NPPs) become one of the most important infrastructures in providing improvement. 1. Introduction Nuclear Power Plants (NPPs) become one of the most important infrastructures

  7. Secure outsourcing of DNA sequences comparisons in a Grid environment RACHEL AKIMANA, OLIVIER MARKOWITCH and YVES ROGGEMAN

    E-Print Network [OSTI]

    Markowitch, Olivier

    Secure outsourcing of DNA sequences comparisons in a Grid environment RACHEL AKIMANA, OLIVIER power and/or storage resources. To be really attractive, Grids must provide secured environments (in by a third untrusted server. Key-Words: Grid systems, Secure outsourcing, Secure approximate matching 1

  8. Master of Science in Applied Cyber Operations(MACO)

    E-Print Network [OSTI]

    -2) * Introduction to Computer Security CS3690 (4-1) * Network Security CY3300 (4-0) Cyber Communications Ops. or CY4710 (2-5) Cyber Wargame: Red Force Ops. CS3670 (3-2) * Secure Management of Systems * Cyber Security Fundamentals Track & Graduate Certificate #12;

  9. SmartAnalyzer: A Noninvasive Security Threat Analyzer for AMI Smart Grid

    E-Print Network [OSTI]

    Wang, Yongge

    SmartAnalyzer: A Noninvasive Security Threat Analyzer for AMI Smart Grid Mohammad Ashiqur Rahman) is the core component in the smart grid that exhibits a highly complex network configuration comprising configuration in order to verify the potential threats. In this paper, we present SmartAnalyzer, a security

  10. Compressed Meter Reading for Delay-sensitive and Secure Load Report in Smart Grid

    E-Print Network [OSTI]

    Qiu, Robert Caiming

    1 Compressed Meter Reading for Delay-sensitive and Secure Load Report in Smart Grid Husheng Li, Rukun Mao, Lifeng Lai and Robert. C. Qiu Abstract-- It is a key task in smart grid to send the readings years, the technology of smart grid has attracted significant studies in both communities of power

  11. Faculty Information Security Guide

    E-Print Network [OSTI]

    Myers, Lawrence C.

    society. www.ists.dartmouth.edu THE DARTMOUTH CYBER SECURITY INITIATIVE The Dartmouth Cyber Security, TECHNOLOGY, AND SOCIETY THE DARTMOUTH CYBER SECURITY INITIATIVE #12;The number of laptop thefts at Dartmouth, and Society; and the Dartmouth Cyber Security Initiative offer the following solutions: · Whole

  12. Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS)Cyber Experimentation Overview Brief

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankADVANCED MANUFACTURINGEnergy BillsNo.Hydrogen4 »DigitalanDepartmentSecondarySmartCyber Experimentation

  13. Developmental Integrative BiologyCyber Security UNT is recognized by the National Security Agency and the Department of

    E-Print Network [OSTI]

    Tarau, Paul

    security. Information and computer security, trust and information assurance, systems architecture to identify and address a range of changing information sources and security vulnerabilities. UNT brings experts to address next generation challenges. The UNT-based Center for Information and Computer Security

  14. Secure Communications in the Smart Grid Jeff Naruchitparames and Mehmet Hadi Gunes

    E-Print Network [OSTI]

    Gunes, Mehmet Hadi

    energy-based electric power pro- duction to decrease dependence on foreign oil, increased use of electric. In this direction, organizations such as the GridWise Alliance aim at standard- izing the security protocols

  15. Towards a Secure, Wireless-Based, Home Area Network for Metering in Smart Grids

    E-Print Network [OSTI]

    Namboodiri, Vinod

    1 Towards a Secure, Wireless-Based, Home Area Network for Metering in Smart Grids Vinod Namboodiri, Student Member, IEEE, Ward Jewell, Fellow, IEEE Abstract--Compared to the conventional grid, the smart (AMI), commonly known as the smart meter, which has the capability of supporting various functions

  16. Towards Smart Grids: Performing Case studies with a Risk-based Security Assessment Methodology

    E-Print Network [OSTI]

    Vuik, Kees

    Towards Smart Grids: Performing Case studies with a Risk- based Security Assessment Methodology grid operation in the future, additional measures are needed to stabilise the electrical power system. One may think of: · inclusion of "smart components", such as phase-shifting transformers (PSTs

  17. Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid

    E-Print Network [OSTI]

    Lee, Eun Kyu

    2014-01-01

    Microgrid operation with power generation, load, and energy storage. . . . .Microgrid operation with power generation, load, and energy storage.

  18. A Real-Time Testbed Environment for Cyber-Physical Security on the Power Grid

    E-Print Network [OSTI]

    Koutsandria, Georgia; Gentz, Reinhard; Jamei, Mahdi; Peisert, Sean; Scaglione, Anna; McParland, Chuck

    2015-01-01

    Protocol Network Tap (Raspberry Pi) Data Parser Physicalspecific element using a Raspberry Pi and an Ethernet hubnected. The choice of the Raspberry Pi was dictated by to

  19. On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    is supervised and controlled through Supervisory Control And Data Acquisition (SCADA) systems. Using remote terminal units (RTUs), SCADA systems measure data such as trans- mission line power flows, bus power to significant social and eco- nomical consequences such as the northeast US blackout of 2003 [3]. As the SCADA

  20. Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid

    E-Print Network [OSTI]

    Lee, Eun Kyu

    2014-01-01

    panels on the roof and EV charging stations may be underat a large scale EV charging structure. The Monitoring-Basedsubmeter   *  4-­?CH  EV  charging  station   *  Solar  

  1. Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid

    E-Print Network [OSTI]

    Lee, Eun Kyu

    2014-01-01

    ESI to the Cloud. The energy data is stored on the Cloud,objects: reading their energy data in real time, analyzingis permitted to read energy data, change configuration, and/

  2. Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid

    E-Print Network [OSTI]

    Lee, Eun Kyu

    2014-01-01

    Architecture, and ZigBee Smart Energy Profile (SEP). Servicecompliant with ZigBee Smart Energy Profile (SEP) 12 can

  3. Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid

    E-Print Network [OSTI]

    Lee, Eun Kyu

    2014-01-01

    Demand Response . . . . . . . . . . . . . . . . . . . . . .Field Study - Automated Demand Response . . . . . . .Open Automated Demand Response Communications Specification

  4. Approaches To Integrating A HIgh Penertration Of Solar PV and CPV Onto The Electrical Grid

    E-Print Network [OSTI]

    Hill, Steven Craig

    2013-01-01

    network engineering and cyber security. Market forces willis ever increasing and so cyber security will be vital forhow to provide security to the cyber assets (i.e. networks,

  5. A quantitative man-machine model for cyber security efficiency analysis 

    E-Print Network [OSTI]

    Jung, Sung-Oh

    2007-04-25

    Quality (TWQ). The machine component is composed of variables such as traffic volume and the amount of downtime. M3 enables the analysis of intrusion detection and incident response process efficiency, i.e., security defense team performance. With data...

  6. A Novel Trigon based Dual Authentication Protocol for Enhancing Security in Grid Environment

    E-Print Network [OSTI]

    Ruckmani, V

    2010-01-01

    In recent times, a necessity has been raised in order to distribute computing applications often across grids. These applications are dependent on the services like data transfer or data portal services as well as submission of jobs. Security is of utmost importance in grid computing applications as grid resources are heterogeneous, dynamic, and multidomain. Authentication remains as the significant security challenge in grid environment. In traditional authentication protocol a single server stores the sensitive user credentials, like username and password. When such a server is compromised, a large number of user passwords, will be exposed. Our proposed approach uses a dual authentication protocol in order to improve the authentication service in grid environment. The protocol utilizes the fundamental concepts of trigon and based on the parameters of the trigon the user authentication will be performed. In the proposed protocol, the password is interpreted and alienated into more than one unit and these uni...

  7. Quantifiably secure power grid operation, management, and evolution : a study of uncertainties affecting the grid integration of renewables.

    SciTech Connect (OSTI)

    Gray, Genetha Anne; Watson, Jean-Paul; Silva Monroy, Cesar Augusto; Gramacy, Robert B.

    2013-09-01

    This report summarizes findings and results of the Quantifiably Secure Power Grid Operation, Management, and Evolution LDRD. The focus of the LDRD was to develop decisionsupport technologies to enable rational and quantifiable risk management for two key grid operational timescales: scheduling (day-ahead) and planning (month-to-year-ahead). Risk or resiliency metrics are foundational in this effort. The 2003 Northeast Blackout investigative report stressed the criticality of enforceable metrics for system resiliency - the grid's ability to satisfy demands subject to perturbation. However, we neither have well-defined risk metrics for addressing the pervasive uncertainties in a renewable energy era, nor decision-support tools for their enforcement, which severely impacts efforts to rationally improve grid security. For day-ahead unit commitment, decision-support tools must account for topological security constraints, loss-of-load (economic) costs, and supply and demand variability - especially given high renewables penetration. For long-term planning, transmission and generation expansion must ensure realized demand is satisfied for various projected technological, climate, and growth scenarios. The decision-support tools investigated in this project paid particular attention to tailoriented risk metrics for explicitly addressing high-consequence events. Historically, decisionsupport tools for the grid consider expected cost minimization, largely ignoring risk and instead penalizing loss-of-load through artificial parameters. The technical focus of this work was the development of scalable solvers for enforcing risk metrics. Advanced stochastic programming solvers were developed to address generation and transmission expansion and unit commitment, minimizing cost subject to pre-specified risk thresholds. Particular attention was paid to renewables where security critically depends on production and demand prediction accuracy. To address this concern, powerful filtering techniques for spatio-temporal measurement assimilation were used to develop short-term predictive stochastic models. To achieve uncertaintytolerant solutions, very large numbers of scenarios must be simultaneously considered. One focus of this work was investigating ways of reasonably reducing this number.

  8. INSTITUTE FOR CYBER SECURITY Cyber Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    businesses A serious threat to be taken seriously © Ravi Sandhu 2 World-Leading Research with Real? etcetera "As detailed in the postings, the Palin hack didn't require any real skill. Instead, the hacker

  9. Advanced Security Infrastructures for Grid Education Prof R.O. Sinnott, A.J. Stell, Dr J.P. Watt, Prof D.W. Chadwick,

    E-Print Network [OSTI]

    Kent, University of

    Advanced Security Infrastructures for Grid Education Prof R.O. Sinnott, A.J. Stell, Dr J.P. Watt domain. Keywords: Grid, education, Security, PERMIS, Shibboleth. 1. Introduction As Grid technology addressing these challenges. This is one of the first full Grid computing courses available today. Security

  10. A Novel Cyber-Insurance Model Ranjan Pal, Leana Golubchik, and Konstantinos Psounis

    E-Print Network [OSTI]

    risk management have proposed the idea of cyber-insurance to eliminate risks due to security threats the right type of cyber-insurance contract as traditional optimal contracts, i.e., contracts for security of analyzing cyber-insurance so- lutions when a user faces risks due to both, security as well as non- security

  11. Engineering Resilient Cyber-Physical Systems

    E-Print Network [OSTI]

    Engineering Resilient Cyber-Physical Systems Future Grid Thrust Area 6 White Paper Power Systems Engineering Research Center Empowering Minds to Engineer the Future Electric Energy System #12;Thrust Area 6 White Paper Engineering Resilient Cyber-Physical Systems Project Team Thomas J. Overbye University

  12. Smart Grid Data Integrity Attack

    E-Print Network [OSTI]

    Poolla, Kameshwar

    2012-01-01

    Reliability for Improved Grid Security,” IEEE TransmissionNext Generation Power Grid Security, Syngress, 2010. [12] A.Grids,” 16th ACM Conference on Computer and Communications Security,

  13. Summary of The 3rd Control System Cyber-Security (CS)2/HEP Workshop

    E-Print Network [OSTI]

    Lüders, S

    2011-01-01

    Over the last decade modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, programmable logic controllers (PLCs), supervisory control and data acquisition (SCADA) systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this (r)evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. The Stuxnet worm of 2010 against a particular Siemens PLC is a unique example for a sophisticated attack against control systems [1]. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data being ...

  14. Security and Trust Convergence: Attributes, Relations and Provenance

    E-Print Network [OSTI]

    Sandhu, Ravi

    Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas Security 1 #12;© Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security 2 #12;© Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security About as good

  15. ESRCThe economics of information security ESRC Seminar Series

    E-Print Network [OSTI]

    Pym, David J.

    by the Economic and Social Research Council (ESRC), the Cyber Security Knowledge Transfer Network (KTNThe economics of information security Cyber Security KTN The Cyber Security Knowledge Transfer Network (KTN) under the Directorship of Nigel A Jones provides a single focal point for UK Cyber Security

  16. Security and Trust Convergence: Attributes, Relations and Provenance

    E-Print Network [OSTI]

    Sandhu, Ravi

    Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas Security #12;2© Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security #12;3© Ravi Sandhu World-Leading Research with Real-World Impact! State of Cyber Security About as good

  17. Web Services Security and Load Balancing in Grid Environment Liang Fang, Aleksander Slominski, and Dennis Gannon

    E-Print Network [OSTI]

    }@cs.indiana.edu Abstract Web services security has some crucial problems to be solved in building Grid applications extremely vulnerable to even the simplest types of Denial of Service (DoS) attacks. The more advanced milliseconds to process a SOAP envelope. To- gether with XML parsing and conversion efforts, message- level

  18. Secure Distributed Solution for Optimal Energy Consumption Scheduling in Smart Grid

    E-Print Network [OSTI]

    Shehab, Mohamed

    periods. The peak value of electricity consumption data is extremely important for electric companiesSecure Distributed Solution for Optimal Energy Consumption Scheduling in Smart Grid Mohammad usage. The scheduling of the energy consumption is often formulated as a game- theoretic problem, where

  19. Secure Demand Shaping for Smart Grid On constructing probabilistic demand response schemes

    E-Print Network [OSTI]

    Sastry, S. Shankar

    Secure Demand Shaping for Smart Grid On constructing probabilistic demand response schemes. Developing novel schemes for demand response in smart electric gird is an increasingly active research area/SCADA for demand response in smart infrastructures face the following dilemma: On one hand, in order to increase

  20. Security and Privacy in the Networked World

    E-Print Network [OSTI]

    Sandhu, Ravi

    -World Impact! Perennial State of Cyber Security Micro-security Macro-security #12; What is the value of being Cyber Security Conundrum #12;Cyber security as reconciliation of tradeoffs Finding Goldilocks Holistic1 Security and Privacy in the Networked World Prof. Ravi Sandhu Executive Director and Endowed

  1. 7 Key Challenges for Visualization in Cyber Network Defense

    SciTech Connect (OSTI)

    Best, Daniel M.; Endert, Alexander; Kidwell, Dan

    2014-12-02

    In this paper we present seven challenges, informed by two user studies, to be considered when developing a visualization for cyber security purposes. Cyber security visualizations must go beyond isolated solutions and “pretty picture” visualizations in order to make impact to users. We provide an example prototype that addresses the challenges with a description of how they are met. Our aim is to assist in increasing utility and adoption rates for visualization capabilities in cyber security.

  2. Autonomous, Decentralized Grid Architecture: Prosumer-Based Distributed Autonomous Cyber-Physical Architecture for Ultra-Reliable Green Electricity Networks

    SciTech Connect (OSTI)

    2012-01-11

    GENI Project: Georgia Tech is developing a decentralized, autonomous, internet-like control architecture and control software system for the electric power grid. Georgia Tech’s new architecture is based on the emerging concept of electricity prosumers—economically motivated actors that can produce, consume, or store electricity. Under Georgia Tech’s architecture, all of the actors in an energy system are empowered to offer associated energy services based on their capabilities. The actors achieve their sustainability, efficiency, reliability, and economic objectives, while contributing to system-wide reliability and efficiency goals. This is in marked contrast to the current one-way, centralized control paradigm.

  3. Provably secure time distribution for the electric grid

    SciTech Connect (OSTI)

    Smith IV, Amos M; Evans, Philip G; Williams, Brian P; Grice, Warren P

    2015-01-01

    We demonstrate a quantum time distribution (QTD) method that combines the precision of optical timing techniques with the integrity of quantum key distribution (QKD). Critical infrastructure is dependent on microprocessor- and programmable logic-based monitoring and control systems. The distribution of timing information across the electric grid is accomplished by GPS signals which are known to be vulnerable to spoofing. We demonstrate a method for synchronizing remote clocks based on the arrival time of photons in a modifed QKD system. This has the advantage that the signal can be veried by examining the quantum states of the photons similar to QKD.

  4. Deception used for Cyber Defense of Control Systems

    SciTech Connect (OSTI)

    Wayne F. Boyer; Miles A. McQueen

    2009-05-01

    Control system cyber security defense mechanisms may employ deception to make it more difficult for attackers to plan and execute successful attacks. These deceptive defense mechanisms are organized and initially explored according to a specific deception taxonomy and the seven abstract dimensions of security previously proposed as a framework for the cyber security of control systems.

  5. Cyber Friendly Fire

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

    2011-09-01

    Cyber friendly fire (FF) is a new concept that has been brought to the attention of Department of Defense (DoD) stakeholders through two workshops that were planned and conducted by the Air Force Research Laboratory (AFRL) and research conducted for AFRL by the Pacific Northwest National Laboratory. With this previous work in mind, we offer a definition of cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, a fundamental need in avoiding cyber FF is to maintain situation awareness (SA). We suggest that cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system (and that populate the nodes), the nature of the activities or work performed, and the available defensive (and offensive) countermeasures that may be applied to thwart network attacks. A training implication is to raise awareness and understanding of these critical knowledge units; an approach to decision aids and/or visualizations is to focus on supporting these critical knowledge units. To study cyber FF, we developed an unclassified security test range comprising a combination of virtual and physical devices that present a closed network for testing, simulation, and evaluation. This network offers services found on a production network without the associated costs of a real production network. Containing enough detail to appear realistic, this virtual and physical environment can be customized to represent different configurations. For our purposes, the test range was configured to appear as an Internet-connected Managed Service Provider (MSP) offering specialized web applications to the general public. The network is essentially divided into a production component that hosts the web and network services, and a user component that hosts thirty employee workstations and other end devices. The organization's network is separated from the Internet by a Cisco ASA network security device that both firewalls and detects intrusions. Business sensitive information is stored in various servers. This includes data comprising thousands of internal documents, such as finance and technical designs, email messages for the organization's employees including the CEO, CFO, and CIO, the organization's source code, and Personally Identifiable client data. Release of any of this information to unauthorized parties would have a significant, detrimental impact on the organization's reputation, which would harm earnings. The valuable information stored in these servers pose obvious points of interest for an adversary. We constructed several scenarios around this environment to support studies in cyber SA and cyber FF that may be run in the test range. We describe mitigation strategies to combat cyber FF including both training concepts and suggestions for decision aids and visualization approaches. Finally, we discuss possible future research directions.

  6. Cyber Securing Control Systems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:FinancingPetroleum Based| Department of Energy Whole-HomeCutting Edge Building5 by ISA -

  7. Strengthening Cyber Security

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on QA:QA J-E-1 SECTION J APPENDIX E LIST OF APPLICABLEStatutory Authority for an SPRDepartment ofPrograms Division, OAPME

  8. Pricing and Security of ResidentialPricing and Security of Residential Broadband AccessBroadband Access

    E-Print Network [OSTI]

    Yener, Aylin

    of broadband growth for cyber security First-hop authentication and packet marking A feasible pricing mechanism of broadband growthImplications of broadband growth for cyber securityfor cyber security Nation's end Government cyber security policy today Recent DMCA and anti-SPAM legislation indicate a shift in US govt

  9. Wide-area situation awareness in electric power grid

    SciTech Connect (OSTI)

    Greitzer, Frank L.

    2010-04-28

    Two primary elements of the US energy policy are demand management and efficiency and renewable sources. Major objectives are clean energy transmission and integration, reliable energy transmission, and grid cyber security. Development of the Smart Grid seeks to achieve these goals by lowering energy costs for consumers, achieving energy independence and reducing greenhouse gas emissions. The Smart Grid is expected to enable real time wide-area situation awareness (SA) for operators. Requirements for wide-area SA have been identified among interoperability standards proposed by the Federal Energy Regulatory Commission and the National Institute of Standards and Technology to ensure smart-grid functionality. Wide-area SA and enhanced decision support and visualization tools are key elements in the transformation to the Smart Grid. This paper discusses human factors research to promote SA in the electric power grid and the Smart Grid. Topics that will be discussed include the role of human factors in meeting US energy policy goals, the impact and challenges for Smart Grid development, and cyber security challenges.

  10. Interoperable PKI Data Distribution in Computational Grids

    E-Print Network [OSTI]

    Pala, Massimiliano

    2010-01-01

    2008), “Overview of the Grid Security Infrastructure. ” [Protocol (PRQP) into the Grid Security Infrastructure (GSI).its integration into the Grid Security Infrastructure (GSI).

  11. Real Time Grid Reliability Management 2005

    E-Print Network [OSTI]

    Eto, Joe

    2008-01-01

    case, confidence in grid security will increase. Confidencecase, confidence in grid security will increase. Confidencecase, confidence in grid security will increase. Confidence

  12. Cyber Incidents Involving Control Systems

    SciTech Connect (OSTI)

    Robert J. Turk

    2005-10-01

    The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).

  13. Exploiting the Computational Grid Lecture 1 Globus and the Grid

    E-Print Network [OSTI]

    software used. · · The Globus toolkit consists of four key components: · Security ­ handled by Grid Security Infrastructure (GSI) · Resource Management ­ Grid Resource Allocation Manager (GRAM) · Information Services ­ Grid Resource Information Protocol (GRIP) · Data Management ­ Grid FTP · Security is essential

  14. National Critical Infrastructure Security and Resilience Month...

    Energy Savers [EERE]

    cyber incidents. Additionally, OE provides for advanced research and development in microgrids -- localized grids that can disconnect from the broader electric grid to operate...

  15. Turtles All The Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems

    E-Print Network [OSTI]

    Peisert, Sean; Talbot, Ed; Bishop, Matt

    2012-01-01

    2005. B. Snow. Our Cyber Security Status is Grim (and theCruz, Sept. 2006. E. Talbot. Cyber Security Challenges and

  16. 770 IEEE TRANSACTIONS ON SMART GRID, VOL. 2, NO. 4, DECEMBER 2011 A Resilient Real-Time System Design for a Secure

    E-Print Network [OSTI]

    Tolbert, Leon M.

    Design for a Secure and Reconfigurable Power Grid Hairong Qi, Senior Member, IEEE, Xiaorui Wang, Member architecture design that can help assure the security and reliability of the power grid. In this paper, we770 IEEE TRANSACTIONS ON SMART GRID, VOL. 2, NO. 4, DECEMBER 2011 A Resilient Real-Time System

  17. Speculations on the science of web user security Ravi Sandhu

    E-Print Network [OSTI]

    Sandhu, Ravi

    Speculations on the science of web user security Ravi Sandhu Institute for Cyber Security history: Available online 26 October 2012 Keywords: Web user security Security science Cyber security a b s t r a c t There appears to be consensus among seasoned cyber security researchers

  18. The Data and Application Security and Privacy (DASPY) Challenge

    E-Print Network [OSTI]

    Sandhu, Ravi

    .ics.utsa.edu Institute for Cyber Security The Data and Application Security and Privacy (DASPY) Challenge Prof. Ravi.sandhu@utsa.edu www.profsandhu.com www.ics.utsa.edu Institute for Cyber Security 1 The Data and Application Security But not securable by academically taught cyber security not studied as a success story missing technologies highly

  19. Lemnos Interoperable Security Program

    SciTech Connect (OSTI)

    John Stewart; Ron Halbgewachs; Adrian Chavez; Rhett Smith; David Teumim

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or â?? tunnelsâ?ť, to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems Lemnos is built on the successes of Open PCS Security Architecture for Interoperable Design (OPSAID), a previous DOE National SCADA Test Bed (NSTB) project. It enhances security interoperability by identifying basic cyber security functions based on utility requirements and then selecting open source solutions, namely Internet Engineering Task Force (IETF) RFCs, to support these functions. Once identified, specific configuration parameters for each RFC suitable for the electric utility control system environment are identified and documented. These configuration parameters are referred to as Interoperable Configuration Profiles (ICP) and their effectiveness within the utility control systems environment is verified with comprehensive testing as the final step in the process. The project focused on development of ICPs for four security protocols (IPsec, SSH, LDAP, and Syslog) which represent fundamental building blocks which can be utilized for securing utility control systems. These ICPs are product agnostic and can be applied modularly to any device (router, substation gateway, intelligent electronic device, etc.) within the utility control system as the end user deems necessary for their unique system architecture. The Lemnos Interoperable Security Program is a public-private partnership under the U.S. Department of Energy (DOE) Office of Electricity Delivery and Energy Reliability's Cybersecurity for Energy Delivery Systems (CEDS) program and supports The Roadmap to Secure Energy Delivery Systems. In addition to EnerNex, the core team supporting the effort includes Tennessee Valley Authority, Sandia National Laboratories, and Schweitzer Engineering Laboratories. Adding to the core team effort is collaboration from additional industry participants in the project including the Electric Power Research Institute (EPRI), Alien Vault, Cisco, Encore Networks, GarrettCom, Industrial Defender, N-Dimension Solutions, Phoenix Contact, RuggedCom, and Siemens.

  20. 3194 IEEE TRANSACTIONS ON AUTOMATIC CONTROL, VOL. 59, NO. 12, DECEMBER 2014 Efficient Computations of a Security Index for False

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    Control and Data Ac- quisition (SCADA) systems for electric power networks for cer- tain cyber security, SCADA systems, smart grids. I. INTRODUCTION OUR society depends heavily on the proper operation (SCADA) systems. For instance, Manuscript received February 15, 2013; revised December 4, 2013; accepted

  1. This paper appeared in Proc. IEEE/ACM 6th Int'l Symp. Cluster Computing and the Grid (CCGrid), 2nd Int'l Workshop on Cluster Security, May 2006.

    E-Print Network [OSTI]

    Qin, Xiao

    for data grids are inadequate to meet the security needs of data- intensive applications. To remedy improves security and performance over two existing scheduling algorithms. 1. Introduction A grid on security for applications running on grids [4][5][10]. Our proposed scheduling scheme for security

  2. Introduction to NISTIR 7628 Guidelines for

    E-Print Network [OSTI]

    Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security The Smart Grid................................................................................................................3 2. Cyber Security Context: Today's Grid, Tomorrow's Smart Grid...........................................................17 4.1 Research and Development Themes for Smart Grid Cyber Security

  3. IEEE Communications Magazine August 2012 530163-6804/12/$25.00 2012 IEEE CYBER SECURITY FOR SMART GRID COMMUNICATIONS

    E-Print Network [OSTI]

    Zhang, Yan

    for reliable energy supply and numerous technological advancements have motivated the development of smart of handling future requirements for dis- tributed generation, renewable energy sources, electric vehicles and manage the energy usage for their sub- scribed consumers by the existing communica- tion network [1

  4. Fundamental Limits of Cyber-Physical Security in Smart Power Grids Yue Zhao, Andrea Goldsmith, and H. Vincent Poor

    E-Print Network [OSTI]

    Zhao, Yue

    ) for detecting such attacks, while attackers devise attacks that are unobservable by such PMU networks attacks leads to a natural characterization of their potential impacts. With optimized PMU deployment

  5. An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Yogesh Simmhan, Alok Gautam Kumbhare, Baohua Cao, and Viktor Prasanna

    E-Print Network [OSTI]

    Hwang, Kai

    An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds Yogesh are increasingly upgrading to Smart Grids that use bi-directional communication with the consumer to enable an information-driven approach to distributed energy management. Clouds offer features well suited for Smart Grid

  6. Integrating Grid Services into the Cray XT4 Environment

    E-Print Network [OSTI]

    Cholia, Shreyas

    2010-01-01

    to point to appropriate locations eg. /etc/grid-security?/globus/grid-security-nid1234, /etc/grid-security/certificates?/globus/certificates • The

  7. Computational Needs for the Next Generation Electric Grid Proceedings

    E-Print Network [OSTI]

    Birman, Kenneth

    2012-01-01

    that are vital for grid security.     The cost of  these problems involving grid security  at  bulk  transmission/problems  involving  grid  security  at  distribution  or 

  8. Smart Grid Data Integrity Attack

    E-Print Network [OSTI]

    Poolla, Kameshwar

    2012-01-01

    Williams, “Security issues in SCADA networks,” Computers andA Cyber Security Study of a SCADA Energy Management System,”and transmitted over a SCADA network to the system operator.

  9. The Data and Application Security and Privacy (DASPY) Challenge

    E-Print Network [OSTI]

    Sandhu, Ravi

    for Cyber Security Executive Director and Endowed Chair March 29, 2012 ravi.sandhu@utsa.edu www and Privacy (DASPY) Challenge . Ravi Sandhu Institute for Cyber Security 1 and Endowed Chair March 29, 2012 growing But not securable by academically taught cyber security not studied as a success story The ATM

  10. Smart Grid Week: Hurricane Season and the Department's Efforts...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    effort between the Administration and the electricity sector to make our electric grid more resilient. As weather events become more intense, cyber attacks become more...

  11. Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

    2005-12-01

    Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

  12. Data Intensive Architecture for Scalable Cyber Analytics

    SciTech Connect (OSTI)

    Olsen, Bryan K.; Johnson, John R.; Critchlow, Terence J.

    2011-12-19

    Cyber analysts are tasked with the identification and mitigation of network exploits and threats. These compromises are difficult to identify due to the characteristics of cyber communication, the volume of traffic, and the duration of possible attack. In this paper, we describe a prototype implementation designed to provide cyber analysts an environment where they can interactively explore a month’s worth of cyber security data. This prototype utilized On-Line Analytical Processing (OLAP) techniques to present a data cube to the analysts. The cube provides a summary of the data, allowing trends to be easily identified as well as the ability to easily pull up the original records comprising an event of interest. The cube was built using SQL Server Analysis Services (SSAS), with the interface to the cube provided by Tableau. This software infrastructure was supported by a novel hardware architecture comprising a Netezza TwinFin® for the underlying data warehouse and a cube server with a FusionIO drive hosting the data cube. We evaluated this environment on a month’s worth of artificial, but realistic, data using multiple queries provided by our cyber analysts. As our results indicate, OLAP technology has progressed to the point where it is in a unique position to provide novel insights to cyber analysts, as long as it is supported by an appropriate data intensive architecture.

  13. Final report : impacts analysis for cyber attack on electric power systems (National SCADA Test Bed FY08).

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Richardson, Bryan T.; Stamp, Jason Edwin; LaViolette, Randall A.

    2009-02-01

    To analyze the risks due to cyber attack against control systems used in the United States electrical infrastructure, new algorithms are needed to determine the possible impacts. This research is studying the Reliability Impact of Cyber ttack (RICA) in a two-pronged approach. First, malevolent cyber actions are analyzed in terms of reduced grid reliability. Second, power system impacts are investigated using an abstraction of the grid's dynamic model. This second year of esearch extends the work done during the first year.

  14. CIOs Uncensored: Security Smarts.

    SciTech Connect (OSTI)

    Johnson, Gerald R.

    2008-02-25

    This commentary for the CIOs Uncensored section of InformationWeek will discuss PNNL’s “defense in depth” approach to cyber security. It will cover external and internal safeguards, as well as the all-important role of employees in the cyber security equation. For employees are your greatest vulnerability – and your last line of defense.

  15. The Data and Application Security and Privacy (DASPY) Challenge

    E-Print Network [OSTI]

    Sandhu, Ravi

    for Cyber Security Executive Director and Endowed Chair 11/11/11 ravi.sandhu@utsa.edu www.profsandhu.com www) Challenge . Ravi Sandhu Institute for Cyber Security 1 and Endowed Chair 11/11/11 ravi.sandhu@utsa.edu www by academically taught cyber security not studied as a success story The ATM "Paradox" not studied as a success

  16. Around The Region In Homeland Security January 2015

    E-Print Network [OSTI]

    ://biodetectionresource.pnnl.gov. Cybersecurity workshop showcases nationwide R&D The Cyber Security Division 2014 R&D Showcase and Technical collaboration and innovation. The 3-day event hosted by the DHS S&T Cyber Security Division welcomed researchers Center of Excellence, the mobile security application archiving technology was featured at the Cyber

  17. A Distortion-Theoretic Perspective for Redundant Metering Security in a Smart Grid

    E-Print Network [OSTI]

    Kundur, Deepa

    the advantages of our approach. I. INTRODUCTION A smart grid is a term used to describe an electricity network and flexible generation, transmission, and distribution of power through the grid. By facilitating bidirectional information and energy flow through the overall network, a smart grid promises energy savings

  18. Smart Grid Information Clearinghouse (SGIC)

    SciTech Connect (OSTI)

    Rahman, Saifur

    2014-08-31

    Since the Energy Independence and Security Act of 2007 was enacted, there has been a large number of websites that discusses smart grid and relevant information, including those from government, academia, industry, private sector and regulatory. These websites collect information independently. Therefore, smart grid information was quite scattered and dispersed. The objective of this work was to develop, populate, manage and maintain the public Smart Grid Information Clearinghouse (SGIC) web portal. The information in the SGIC website is comprehensive that includes smart grid information, research & development, demonstration projects, technical standards, costs & benefit analyses, business cases, legislation, policy & regulation, and other information on lesson learned and best practices. The content in the SGIC website is logically grouped to allow easily browse, search and sort. In addition to providing the browse and search feature, the SGIC web portal also allow users to share their smart grid information with others though our online content submission platform. The Clearinghouse web portal, therefore, serves as the first stop shop for smart grid information that collects smart grid information in a non-bias, non-promotional manner and can provide a missing link from information sources to end users and better serve users’ needs. The web portal is available at www.sgiclearinghouse.org. This report summarizes the work performed during the course of the project (September 2009 – August 2014). Section 2.0 lists SGIC Advisory Committee and User Group members. Section 3.0 discusses SGIC information architecture and web-based database application functionalities. Section 4.0 summarizes SGIC features and functionalities, including its search, browse and sort capabilities, web portal social networking, online content submission platform and security measures implemented. Section 5.0 discusses SGIC web portal contents, including smart grid 101, smart grid projects, deployment experience (i.e., use cases, lessons learned, cost-benefit analyses and business cases), in-depth information (i.e., standards, technology, cyber security, legislation, education and training and demand response), as well as international information. Section 6.0 summarizes SGIC statistics from the launch of the portal on July 07, 2010 to August 31, 2014. Section 7.0 summarizes publicly available information as a result of this work.

  19. Computer Security Incident Handling Guide

    E-Print Network [OSTI]

    Computer Security Incident Handling Guide Recommendationsof the National Institute of Standards Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD Tom Millar United States Computer Emergency Readiness Team National Cyber Security Division

  20. Grid Logging: Best Practices Guide

    E-Print Network [OSTI]

    Tierney, Brian L

    2008-01-01

    file” file=/etc/grid-security/certificates/4a6cd8b1.0 guid=reading” file=/etc/grid-security/grid-mapfile guid=F7D64975-

  1. Smart Grid Integrity Attacks: Characterizations and Countermeasures

    SciTech Connect (OSTI)

    Annarita Giani; Eilyan Bitar; Miles McQueen; Pramod Khargonekar; Kameshwar Poolla

    2011-10-01

    Real power injections at loads and generators, and real power flows on selected lines in a transmission network are monitored, transmitted over a SCADA network to the system operator, and used in state estimation algorithms to make dispatch, re-balance and other energy management system [EMS] decisions. Coordinated cyber attacks of power meter readings can be arranged to be undetectable by any bad data detection algorithm. These unobservable attacks present a serious threat to grid operations. Of particular interest are sparse attacks that involve the compromise of a modest number of meter readings. An efficient algorithm to find all unobservable attacks [under standard DC load flow approximations] involving the compromise of exactly two power injection meters and an arbitrary number of power meters on lines is presented. This requires O(n2m) flops for a power system with n buses and m line meters. If all lines are metered, there exist canonical forms that characterize all 3, 4, and 5-sparse unobservable attacks. These can be quickly detected in power systems using standard graph algorithms. Known secure phase measurement units [PMUs] can be used as countermeasures against an arbitrary collection of cyber attacks. Finding the minimum number of necessary PMUs is NP-hard. It is shown that p + 1 PMUs at carefully chosen buses are sufficient to neutralize a collection of p cyber attacks.

  2. Data Mining for Security Applications Bhavani Thuraisingham, Latifur Khan, Mohammad M. Masud, Kevin W. Hamlen

    E-Print Network [OSTI]

    Hamlen, Kevin W.

    for cyber security. These applications include but are not limited to malicious code detection by mining on intrusion detection, and cyber-security research. 1. Introduction Ensuring the integrity of computer.g., surveillance) as well as in cyber security (e.g., virus detection). The threats to national security include

  3. Are We Compromised? Modelling Security Assessment Games

    E-Print Network [OSTI]

    International Association for Cryptologic Research (IACR)

    against cyber-attacks. A security assessment is the process of determining how effectively an entity being examples of cyber attacks that fit this profile are the security breach at RSA Data Security [6Are We Compromised? Modelling Security Assessment Games Viet Pham and Carlos Cid Information

  4. Cyber Security Standards.PDF

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirleyEnergyTher i n c i p aDepartmentEnergyEveryCustomer Service Handbook Marchby ISAI N S P

  5. cyber | National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantityBonneville Power AdministrationRobust,Field-effectWorkingLos AlamosSimulation Initiative798/%2A encrosscutting 2014

  6. Mitigations for Security Vulnerabilities Found in Control System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Assessment Methods for SCADA Security Introduction SCADA Security for Managers and Operators Good Practice Guide on Firewall Deployment for SCADA and Process Control Networks...

  7. PRIVACY IMPACT ASSESSMENT: SPRO Physical Security Major Application

    Energy Savers [EERE]

    Assistant Project Manager, Technical Assurance Deanna Harvey, Program Analyst Allen Rome, Cyber Security Program Manger Chris Shipp, Information System Security Manager (504)...

  8. Security Framework for Control System Data Classification and...

    Broader source: Energy.gov (indexed) [DOE]

    Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Wireless System Considerations When Implementing NERC Critical Infrastructure Protection...

  9. Energy, Climate, & Infrastructure Security

    E-Print Network [OSTI]

    Siefert, Chris

    Infrastructure Demonstration for Energy reliability and Security) (web link) program to demonstrate: · Cyber-securityEnergy, Climate, & Infrastructure Security ExCEptIonal SErvICE In thE natIonal IntErESt Sandia Security Administration under contract DE-AC04-94AL85000. SAND2013-7809W to enhance the nation's security

  10. FUTURE POWER GRID INITIATIVE GridPACK: Grid Parallel Advanced

    E-Print Network [OSTI]

    FUTURE POWER GRID INITIATIVE GridPACK: Grid Parallel Advanced Computational Kernels OBJECTIVE The U Pacific Northwest National Laboratory (509) 375-3899 bruce.palmer@pnnl.gov ABOUT FPGI The Future Power and ensure a more secure, efficient and reliable future grid. Building on the Electricity Infrastructure

  11. A cognitive and economic decision theory for examining cyber defense strategies.

    SciTech Connect (OSTI)

    Bier, Asmeret Brooke

    2014-01-01

    Cyber attacks pose a major threat to modern organizations. Little is known about the social aspects of decision making among organizations that face cyber threats, nor do we have empirically-grounded models of the dynamics of cooperative behavior among vulnerable organizations. The effectiveness of cyber defense can likely be enhanced if information and resources are shared among organizations that face similar threats. Three models were created to begin to understand the cognitive and social aspects of cyber cooperation. The first simulated a cooperative cyber security program between two organizations. The second focused on a cyber security training program in which participants interact (and potentially cooperate) to solve problems. The third built upon the first two models and simulates cooperation between organizations in an information-sharing program.

  12. Approaches To Integrating A HIgh Penertration Of Solar PV and CPV Onto The Electrical Grid

    E-Print Network [OSTI]

    Hill, Steven Craig

    2013-01-01

    Independence & Security Act, Title XIII- Smart Grid, Sectiongrid operations Secure – integrated multi-faceted securityIndependence & Security act, Title XIII-Smart Grid, Section

  13. The Space Power Grid: Synergy Between Space, Energy and Security Policies

    E-Print Network [OSTI]

    collectors in a scalable path to space solar power. European initiatives for a DC grid to integrate space) that steady power is generated round the clock because the Sun is not obscured, and (2) as the scale increases

  14. Core Grid Functions: A Minimal Architecture for Grids

    E-Print Network [OSTI]

    , etc.) Identity Credential Management Grid Security Infrastructure Globus 2-style interface · Service Security Gateways information servers · J2EE hosting environment servers · Factory services Grid Security · Architectural Constraints (e.g. security) · Bindings #12;8 Resource Discovery & State / Grid Persistent State

  15. Cyber in the Cloud -- Lessons Learned from INL's Cloud E-Mail Acquisition

    SciTech Connect (OSTI)

    Troy Hiltbrand; Daniel Jones

    2012-12-01

    As we look at the cyber security ecosystem, are we planning to fight the battle as we did yesterday, with firewalls and intrusion detection systems (IDS), or are we sensing a change in how security is evolving and planning accordingly? With the technology enablement and possible financial benefits of cloud computing, the traditional tools for establishing and maintaining our cyber security ecosystems are being dramatically altered.

  16. Northwest Regional Technology Center, November 2014 Page 1 of 2 Around The Region In Homeland Security

    E-Print Network [OSTI]

    Infrastructure First Responder Ebola Protection Cyber Security Awareness Managing a Weapons Program relevant cyber security problems by developing the tools, methods, and technologies that will enable" exhibit for a first-hand look at advancements in cyber security and explosives detection, including PNNL

  17. The 7th IEEE International Conference on Software Security and Reliability

    E-Print Network [OSTI]

    Sandhu, Ravi

    : Attributes, Automation and Adaptation Ravi Sandhu Lutcher Brown Endowed Chair in Cyber Security Department of the center pieces of cyber security. This talk will focus on three necessary characteristics of access this vision a reality. About the speaker Ravi Sandhu is Executive Director of the Institute for Cyber Security

  18. Development and Demonstration of a Security Core Component

    SciTech Connect (OSTI)

    Turke, Andy

    2014-02-28

    In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more data about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from “normal,” CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSM’s built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that “real world” training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipient’s SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.

  19. NISTIR 7359 Information Security Guide For

    E-Print Network [OSTI]

    is directed to develop cyber security standards, guidelines, and associated methods and techniques. ITLNISTIR 7359 Information Security Guide For Government Executives Pauline Bowen Elizabeth Chew Joan Hash #12;NISTIR 7359 Information Security Guide For Government Executives Pauline Bowen Elizabeth Chew

  20. Towards a Research Agenda for Cyber Friendly Fire

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Clements, Samuel L.; Carroll, Thomas E.; Fluckiger, Jerry D.

    2009-11-18

    Historical assessments of combat fratricide reveal principal contributing factors in the effects of stress, degradation of skills due to continuous operations or sleep deprivation, poor situation awareness, and lack of training and discipline in offensive/defense response selection. While these problems are typically addressed in R&D focusing on traditional ground-based combat, there is also an emerging need for improving situation awareness and decision making on defensive/offensive response options in the cyber defense arena, where a mistaken response to an actual or perceived cyber attack could lead to destruction or compromise of friendly cyber assets. The purpose of this report is to examine cognitive factors that may affect cyber situation awareness and describe possible research needs to reduce the likelihood and effects of "friendly cyber fire" on cyber defenses, information infrastructures, and data. The approach is to examine concepts and methods that have been described in research applied to the more traditional problem of mitigating the occurrence of combat identification and fratricide. Application domains of interest include cyber security defense against external or internal (insider) threats.

  1. Time-Predictable Fault Tolerant Computing for Dependable Automotive Cyber-Physical Systems

    E-Print Network [OSTI]

    Rajkumar, Ragunathan "Raj"

    1 Time-Predictable Fault Tolerant Computing for Dependable Automotive Cyber-Physical Systems Wei University wzhang@vcu.edu Dependable and secure automotive cyber-physical systems (CPSs) are crucial as human and should be bypassed in future computing. This computing platform will be incorporated and evaluated

  2. Power Grid Defense Against Malicious Cascading Failure

    E-Print Network [OSTI]

    Shakarian, Paulo; Lindelauf, Roy

    2014-01-01

    An adversary looking to disrupt a power grid may look to target certain substations and sources of power generation to initiate a cascading failure that maximizes the number of customers without electricity. This is particularly an important concern when the enemy has the capability to launch cyber-attacks as practical concerns (i.e. avoiding disruption of service, presence of legacy systems, etc.) may hinder security. Hence, a defender can harden the security posture at certain power stations but may lack the time and resources to do this for the entire power grid. We model a power grid as a graph and introduce the cascading failure game in which both the defender and attacker choose a subset of power stations such as to minimize (maximize) the number of consumers having access to producers of power. We formalize problems for identifying both mixed and deterministic strategies for both players, prove complexity results under a variety of different scenarios, identify tractable cases, and develop algorithms f...

  3. July 2013 Cyber Incident

    Broader source: Energy.gov [DOE]

    The Department of Energy (DOE) has confirmed a cyber incident that occurred at the end of July and resulted in the unauthorized disclosure of federal employee Personally Identifiable Information ...

  4. January 2013 Cyber Incident

    Broader source: Energy.gov [DOE]

    The Department of Energy (DOE) has confirmed a recent cyber incident that occurred in mid-January 2013 which targeted the Headquarters' network and resulted in the unauthorized disclosure of...

  5. Taxonomies of Cyber Adversaries and Attacks: A Survey of Incidents and Approaches

    SciTech Connect (OSTI)

    Meyers, C A; Powers, S S; Faissol, D M

    2009-10-08

    In this paper we construct taxonomies of cyber adversaries and methods of attack, drawing from a survey of the literature in the area of cyber crime. We begin by addressing the scope of cyber crime, noting its prevalence and effects on the US economy. We then survey the literature on cyber adversaries, presenting a taxonomy of the different types of adversaries and their corresponding methods, motivations, maliciousness, and skill levels. Subsequently we survey the literature on cyber attacks, giving a taxonomy of the different classes of attacks, subtypes, and threat descriptions. The goal of this paper is to inform future studies of cyber security on the shape and characteristics of the risk space and its associated adversaries.

  6. OPNET/Simulink Based Testbed for Disturbance Detection in the Smart Grid

    SciTech Connect (OSTI)

    Sadi, Mohammad A. H.; Dasgupta, Dipankar; Ali, Mohammad Hassan; Abercrombie, Robert K

    2015-01-01

    The important backbone of the smart grid is the cyber/information infrastructure, which is primarily used to communicate with different grid components. A smart grid is a complex cyber physical system containing a numerous and variety number of sources, devices, controllers and loads. Therefore, the smart grid is vulnerable to grid related disturbances. For such dynamic system, disturbance and intrusion detection is a paramount issue. This paper presents a Simulink and Opnet based co-simulated platform to carry out a cyber-intrusion in cyber network for modern power systems and the smart grid. The IEEE 30 bus power system model is used to demonstrate the effectiveness of the simulated testbed. The experiments were performed by disturbing the circuit breakers reclosing time through a cyber-attack. Different disturbance situations in the considered test system are considered and the results indicate the effectiveness of the proposed co-simulated scheme.

  7. A Security Architecture for Data Aggregation and Access Control in Smart Grids

    E-Print Network [OSTI]

    Ruj, Sushmita; Stojmenovic, Ivan

    2011-01-01

    We propose an integrated architecture for smart grids, that supports data aggregation and access control. Data can be aggregated by home area network, building area network and neighboring area network in such a way that the privacy of customers is protected. We use homomorphic encryption technique to achieve this. The consumer data that is collected is sent to the substations where it is monitored by remote terminal units (RTU). The proposed access control mechanism gives selective access to consumer data stored in data repositories and used by different smart grid users. Users can be maintenance units, utility centers, pricing estimator units or analyzing and prediction groups. We solve this problem of access control using cryptographic technique of attribute-based encryption. RTUs and users have attributes and cryptographic keys distributed by several key distribution centers (KDC). RTUs send data encrypted under a set of attributes. Users can decrypt information provided they have valid attributes. The ac...

  8. Where computer security meets national security1 Helen Nissenbaum

    E-Print Network [OSTI]

    Nissenbaum, Helen

    of International Relations. Key words: cyber-security, computer security, securitization Introduction OverWhere computer security meets national security1 Helen Nissenbaum Department of Culture conceptions of security in contemporary concerns over the vulnerability of computers and networks to hostile

  9. The Evolution of the Internet Community and the "Yet-to-Evolve" Smart Grid Community: Parallels and Lessons-to-be-Learned

    E-Print Network [OSTI]

    McParland, Charles

    2010-01-01

    discussion of Smart Grid security is beyond the scope ofboth Internet and Smart Grid security domains co-operate topractice Internet security mechanisms and those Smart Grid

  10. Security Division 2007 Annual Report

    E-Print Network [OSTI]

    research programs. These programs, which include Cyber Security, Pervasive Information TechnologiesComputer Security Division 2007 Annual Report #12;TAble of ConTenTS Welcome Division Organization The Computer Security Division Responds to the Federal Information Security Management Act of 2002 Security

  11. An Approach for Reduction of the Security Overhead in Smart Grid Communication Infrastructure Employing Dedicated Encryption

    E-Print Network [OSTI]

    Kavcic, Aleksandar

    Employing Dedicated Encryption Miodrag J. Mihaljevi´c Mathematical Institute, Serbian Academy of Sciences requirements and employment of certain light-weight and highly secure encryption dedicated to the noisy to address the following issues: utilization of the inherent noise for design dedicated cryptographic

  12. Protecting Intelligent Distributed Power Grids Against Cyber...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    distribution, IT networks, and control systems-that use automated data analysis and demand response capabilities to increase system functionality, efficiency, and...

  13. Comments on: Grid Cyber Vulnerability & Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity ofkandz-cm11 OutreachProductswsicloudwsiclouddenDVA N C E

  14. Cyber threat metrics.

    SciTech Connect (OSTI)

    Frye, Jason Neal; Veitch, Cynthia K.; Mateski, Mark Elliot; Michalski, John T.; Harris, James Mark; Trevino, Cassandra M.; Maruoka, Scott

    2012-03-01

    Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of cyber threats - a domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. The purpose of this report is to support the Operational Threat Assessment (OTA) phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.

  15. Security

    Broader source: Energy.gov [DOE]

    Security refers to the security of the stream of principal and interest repayments and what happens in the event that a secured loan defaults.

  16. PACIFIC NORTHWEST CYBER SUMMIT

    SciTech Connect (OSTI)

    Lesperance, Ann M.; Matlock, Gordon W.; Becker-Dippmann, Angela S.; Smith, Karen S.

    2013-08-07

    On March 26, 2013, the Snohomish County Public Utility District (PUD) and the U.S. Department of Energy’s (DOE’s) Pacific Northwest National Laboratory (PNNL) jointly hosted the Pacific Northwest Cyber Summit with the DOE’s Office of Electricity Delivery and Energy Reliability, the White House, Washington State congressional delegation, Washington State National Guard, and regional energy companies.

  17. Security is Not an Option | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security is Not an Option Security is Not an Option A 10-year roadmap for achieving control system cyber security in the energy industry has been hailed as a model for other...

  18. Coordinated Variable Structure Switching Attacks for Smart Grid 

    E-Print Network [OSTI]

    Liu, Shan

    2013-02-11

    attacks for smart grid systems has the potential to disrupt large-scale power system operation within a short interval of time. Through successful cyber intrusion, an opponent can remotely apply a state- dependent coordinated switching sequence on one...

  19. FUTURE POWER GRID INITIATIVE Actionable Visualization Tools for

    E-Print Network [OSTI]

    » integrate information from domains external to the power industry (e.g., weather) with power grid of the power grid: e.g., weather, political/social, cyber, etc. This integrated functionality is supported, efficient and reliable future grid. Building on the Electricity Infrastructure Operations Center (EIOC

  20. ORISE: Securing the Golden State from threats foreign and domestic

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    exercise planning, and the Emergency Operations Center's role in cyber security. These training modules were each provided free of charge to local agencies and most participants...

  1. IEEE TRANSACTIONS ON SMART GRID, VOL. 2, NO. 4, DECEMBER 2011 645 Malicious Data Attacks on the Smart Grid

    E-Print Network [OSTI]

    Tong, Lang

    -time electricity markets. Also considered in this paper are countermeasures to mali- cious data attack widely reported that the U.S. electrical grid has been penetrated by cyber spies [1]. We consider

  2. Risk assessment for physical and cyber attacks on critical infrastructures.

    SciTech Connect (OSTI)

    Smith, Bryan J.; Sholander, Peter E.; Phelan, James M.; Wyss, Gregory Dane; Varnado, G. Bruce; Depoy, Jennifer Mae

    2005-08-01

    Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies. Existing risk assessment methodologies consider physical security and cyber security separately. As such, they do not accurately model attacks that involve defeating both physical protection and cyber protection elements (e.g., hackers turning off alarm systems prior to forced entry). This paper presents a risk assessment methodology that accounts for both physical and cyber security. It also preserves the traditional security paradigm of detect, delay and respond, while accounting for the possibility that a facility may be able to recover from or mitigate the results of a successful attack before serious consequences occur. The methodology provides a means for ranking those assets most at risk from malevolent attacks. Because the methodology is automated the analyst can also play 'what if with mitigation measures to gain a better understanding of how to best expend resources towards securing the facilities. It is simple enough to be applied to large infrastructure facilities without developing highly complicated models. Finally, it is applicable to facilities with extensive security as well as those that are less well-protected.

  3. Sandia Energy - Grid Integration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity ofkandz-cm11 Outreach Home RoomPreservation of Fe(II)Geothermal Energy & Drilling Technology HomeGrid CyberGrid Integration

  4. Towards a Secure and Efficient System for End-to-End Provenance Patrick McDaniel, Kevin Butler,

    E-Print Network [OSTI]

    Smith, Adam D.

    of sensor data as it is recorded and aggre- gated in cyber-physical systems such as the smart-grid and SCADA

  5. Teaching the Grid: Learning Distributed Computing with the M-grid Framework

    E-Print Network [OSTI]

    Walters, Robert

    . This situation arises in a number of different scenarios, including Grid computing which is a secure, service how to use as real Grid software requires extensive setting up and complex security processes. M-grid it is executed. Established Grid systems have extensive security infrastructures associated with them

  6. O`ahu Grid Study: Validation of Grid Models

    E-Print Network [OSTI]

    O`ahu Grid Study: Validation of Grid Models Prepared for the U.S. Department of Energy Office Resource Technologies for Energy Security Subtask 7.2 Deliverable By GE Global Research Niskayuna, New York

  7. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    DOE Patents [OSTI]

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  8. Coordinated resource management for guaranteed high performance and efficient utilization in Lambda-Grids

    E-Print Network [OSTI]

    Taesombut, Nut

    2007-01-01

    leverages the Globus’s Grid Security Infrastructure (GSI) [DVC-RB) and rely on Grid Security Infrastructure (GSI) [34]and SGE [81]. We use Grid Security Infrastructure (GSI) for

  9. Course Description Grid Computing, NGSSC, 2p

    E-Print Network [OSTI]

    Elmroth, Erik

    #12;­ Grid security: Grid security demands and solutions for, e.g., authen- tication, authorityCourse Description Grid Computing, NGSSC, 2p Erik Elmroth, Olle Mulmo, and Leif Nixon February 14, 2003 General information This course is designed to give a broad overview of the concept of grid comput

  10. Cyber sleuths face off

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantityBonneville Power Administration would like submit theCovalent Bonding inCustomer-Comments Sign In AboutCyber Train

  11. Sandia Energy - Assessment Program

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Assessment Program Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure National Supervisory...

  12. Sandia Energy - SCADA Engineering Solutions

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Engineering Solutions Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure National...

  13. Sandia Energy - SCADA Testbeds

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    SCADA Testbeds Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure National Supervisory...

  14. Sandia Energy - National SCADA Testbed

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    National SCADA Testbed Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure National...

  15. Sandia Energy - National Supervisory Control and Data Acquisition...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    (SCADA) Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure National Supervisory Control...

  16. Sandia Energy - SCADA Training Courses

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Courses Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure National Supervisory Control...

  17. Sandia Energy - SCADA Vulnerability Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    SCADA Vulnerability Assessments Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure National...

  18. Sandia Energy - Phasor Measurement Units

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Units Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure Phasor Measurement Units...

  19. Recommended Practice: Creating Cyber Forensics Plans for Control Systems

    SciTech Connect (OSTI)

    Eric Cornelius; Mark Fabro

    2008-08-01

    Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are not comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.

  20. Cyber and physical infrastructure interdependencies.

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

    2008-09-01

    The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

  1. Human dimensions in cyber operations research and development priorities.

    SciTech Connect (OSTI)

    Forsythe, James Chris; Silva, Austin Ray; Stevens-Adams, Susan Marie; Bradshaw, Jeffrey

    2012-11-01

    Within cyber security, the human element represents one of the greatest untapped opportunities for increasing the effectiveness of network defenses. However, there has been little research to understand the human dimension in cyber operations. To better understand the needs and priorities for research and development to address these issues, a workshop was conducted August 28-29, 2012 in Washington DC. A synthesis was developed that captured the key issues and associated research questions. Research and development needs were identified that fell into three parallel paths: (1) human factors analysis and scientific studies to establish foundational knowledge concerning factors underlying the performance of cyber defenders; (2) development of models that capture key processes that mediate interactions between defenders, users, adversaries and the public; and (3) development of a multi-purpose test environment for conducting controlled experiments that enables systems and human performance measurement. These research and development investments would transform cyber operations from an art to a science, enabling systems solutions to be engineered to address a range of situations. Organizations would be able to move beyond the current state where key decisions (e.g. personnel assignment) are made on a largely ad hoc basis to a state in which there exist institutionalized processes for assuring the right people are doing the right jobs in the right way. These developments lay the groundwork for emergence of a professional class of cyber defenders with defined roles and career progressions, with higher levels of personnel commitment and retention. Finally, the operational impact would be evident in improved performance, accompanied by a shift to a more proactive response in which defenders have the capacity to exert greater control over the cyber battlespace.

  2. Grid Transformation Workshop Results Grid Transformation Workshop Results 2 April 2012

    E-Print Network [OSTI]

    Grid Transformation Workshop Results April 2012 #12;Grid Transformation Workshop Results 2 April 2012 Grid Transformation Workshop Results plications. We will explore the basics of data modeling. Each approach will be evaluated with the following criteria: feasibility, dependability, security

  3. Computer Security Division 2008 Annual Report

    E-Print Network [OSTI]

    played an active role in implementation planning for the Comprehensive National Cyber Security InitiativeComputer Security Division 2008 Annual Report #12;TAble of ConTenTS Welcome 1 Division Organization 2 The Computer Security Division Responds to the Federal Information Security Management Act

  4. Modelling Chinese Smart Grid: A Stochastic Model Checking Case Study

    E-Print Network [OSTI]

    Yüksel, Ender; Nielson, Flemming; Zhu, Huibiao; Huang, Heqing

    2012-01-01

    Cyber-physical systems integrate information and communication technology functions to the physical elements of a system for monitoring and controlling purposes. The conversion of traditional power grid into a smart grid, a fundamental example of a cyber-physical system, raises a number of issues that require novel methods and applications. In this context, an important issue is the verification of certain quantitative properties of the system. In this technical report, we consider a specific Chinese Smart Grid implementation and try to address the verification problem for certain quantitative properties including performance and battery consumption. We employ stochastic model checking approach and present our modelling and analysis study using PRISM model checker.

  5. Defense on the Move: Ant-Based Cyber Defense

    SciTech Connect (OSTI)

    Fink, Glenn A.; Haack, Jereme N.; McKinnon, Archibald D.; Fulp, Errin W.

    2014-04-15

    Many common cyber defenses (like firewalls and IDS) are as static as trench warfare allowing the attacker freedom to probe them at will. The concept of Moving Target Defense (MTD) adds dynamism to the defender side, but puts the systems to be defended themselves in motion, potentially at great cost to the defender. An alternative approach is a mobile resilient defense that removes attackers’ ability to rely on prior experience without requiring motion in the protected infrastructure itself. The defensive technology absorbs most of the cost of motion, is resilient to attack, and is unpredictable to attackers. The Ant-Based Cyber Defense (ABCD) is a mobile resilient defense providing a set of roaming, bio-inspired, digital-ant agents working with stationary agents in a hierarchy headed by a human supervisor. The ABCD approach provides a resilient, extensible, and flexible defense that can scale to large, multi-enterprise infrastructures like the smart electric grid.

  6. Game Theoretic Methods for the Smart Grid

    E-Print Network [OSTI]

    Saad, Walid; Poor, H Vincent; Ba?ar, Tamer

    2012-01-01

    The future smart grid is envisioned as a large-scale cyber-physical system encompassing advanced power, communications, control, and computing technologies. In order to accommodate these technologies, it will have to build on solid mathematical tools that can ensure an efficient and robust operation of such heterogeneous and large-scale cyber-physical systems. In this context, this paper is an overview on the potential of applying game theory for addressing relevant and timely open problems in three emerging areas that pertain to the smart grid: micro-grid systems, demand-side management, and communications. In each area, the state-of-the-art contributions are gathered and a systematic treatment, using game theory, of some of the most relevant problems for future power systems is provided. Future opportunities for adopting game theoretic methodologies in the transition from legacy systems toward smart and intelligent grids are also discussed. In a nutshell, this article provides a comprehensive account of the...

  7. What is a Grid? Grid Today, AUGUST 12, 2002: VOL. 1 NO. 9

    E-Print Network [OSTI]

    ) · authentication, delegation, and secure communication (the basic Grid security services) · identity certificateWhat is a Grid? Grid Today, AUGUST 12, 2002: VOL. 1 NO. 9 (http://www.gridtoday.com/02/0812/020812.html) I would like to provide perspective on the question of what is a Grid - a perspective derived

  8. Sandia Energy - Grid Integration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity ofkandz-cm11 Outreach Home RoomPreservation of Fe(II)Geothermal Energy & Drilling Technology HomeGrid Cyber

  9. Transdisciplinary electric power grid science

    E-Print Network [OSTI]

    Brummitt, Charles D; Dobson, Ian; Moore, Cristopher; D'Souza, Raissa M

    2013-01-01

    The 20th-century engineering feat that most improved the quality of human life, the electric power system, now faces discipline-spanning challenges that threaten that distinction. So multilayered and complex that they resemble ecosystems, power grids face risks from their interdependent cyber, physical, social and economic layers. Only with a holistic understanding of the dynamics of electricity infrastructure and human operators, automatic controls, electricity markets, weather, climate and policy can we fortify worldwide access to electricity.

  10. Toward Distributed Intelligent: A Case Study of Peer to Peer Communication in Smart Grid

    E-Print Network [OSTI]

    Wang, Wenye

    Toward Distributed Intelligent: A Case Study of Peer to Peer Communication in Smart Grid Mingkui, Raleigh, NC, USA Email: {mwei2, wwang}@ncsu.edu Abstract--Smart grid is an emerging cyber-physical system. As a result, traditional centralized control is not always effective in smart grid, and distributed control

  11. Hiding Traffic with Camouflage: Minimizing Message Delay in the Smart Grid under Jamming

    E-Print Network [OSTI]

    Wang, Wenye

    Hiding Traffic with Camouflage: Minimizing Message Delay in the Smart Grid under Jamming Zhuo Lu}@ncsu.edu Email: cliff.wang@us.army.mil Abstract--The smart grid is an emerging cyber-physical system that integrates power infrastructures with information technolo- gies. In the smart grid, wireless networks have

  12. Mathematical and Statistical Opportunities in Cyber Security

    E-Print Network [OSTI]

    Meza, Juan

    2009-01-01

    loss, to worms and computer viruses, to large scale criminalstudied problems in computer virus detection, host- based

  13. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01

    Attacks Against Water SCADA Systems . . . . . . . . . .2 d (bottom) [simulated results]. . Gignac SCADA supervisoryGignac canal network and SCADA system . . . . . . . . .

  14. MODELING SECURITY IN CYBER-PHYSICAL SYSTEMS

    E-Print Network [OSTI]

    Burmester, Mike

    network at the Davis-Besse nuclear power plant in Oak Harbor, Ohio, was infected [39]. There have been) sys- tems that monitor power, gas/oil transportation, water and waste-water distribution. Such systems

  15. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01

    buildings and smart structures portend immense datavehicles and buildings equipped with smart meters). Thebuilding’s occupants). The operating systems of upcoming infrastructures such as smart

  16. Tom Harper receives cyber security award

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity ofkandz-cm11 Outreach Home RoomPreservationBio-Inspired Solar FuelTechnologyTel:FebruaryEIA's Today In Energy storiesTom

  17. Camp Smith Microgrid Controls and Cyber Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:FinancingPetroleum Based Fuels| Departmentof Energy California StateCompetesCameron

  18. Strengthening Cyber Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:Financing ToolInternational Affairs, Before the CommitteeYears 2003 - 2008 U . S . D e p a

  19. Microsoft Word - Cyber Security flyer.docx

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirleyEnergyTher i nAand DOE SafetyofDepartment of EnergyNorthern Pass ProjectProject

  20. cyber security | OpenEI Community

    Open Energy Info (EERE)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on QA:QA J-E-1 SECTION JEnvironmental Jump to:EAand Dalton Jump to:Wylie, Texas: EnergyYBRZAP JumpLakecooling Home

  1. Cyber Assessment Methods for SCADA Security

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity of Natural GasAdjustmentsShirleyEnergyTher i n c i p aDepartmentEnergyEveryCustomer Service Handbook Marchby ISA - The

  2. Towards a Secure and Efficient System for End-to-End Provenance Appears in the Proceedings of the Second USENIX Workshop on Theory and Practice of Provenance (TaPP 2010)

    E-Print Network [OSTI]

    Zadok, Erez

    of sensor data as it is recorded and aggre- gated in cyber-physical systems such as the smart-grid and SCADA

  3. Towards a Secure and Efficient System for EndtoEnd Provenance Appears in the Proceedings of the Second USENIX Workshop on Theory and Practice of Provenance (TaPP 2010)

    E-Print Network [OSTI]

    Zadok, Erez

    of sensor data as it is recorded and aggre­ gated in cyber­physical systems such as the smart­grid and SCADA

  4. Guide to Critical Infrastructure Protection Cyber Vulnerability...

    Broader source: Energy.gov (indexed) [DOE]

    Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection...

  5. First-Ever Demonstration of Quantum Cryptography to Improve Security...

    Energy Savers [EERE]

    in the test bed that is part of the OE-funded Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) project at the University of Illinois Urbana-Champaign. For more...

  6. National Nuclear Security Administration Babcock & Wilcox Technical

    National Nuclear Security Administration (NNSA)

    a solution. One of the areas of concern was related to proposed changes in the fitness for duty standards after an issue was identified by NPO. The B&W Y-12 Cyber Security...

  7. Sandia Energy - Grid Modernization Consortium

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Homesum_a_epg0_fpd_mmcf_m.xls" ,"Available from WebQuantity ofkandz-cm11 Outreach Home RoomPreservation of Fe(II)Geothermal Energy & Drilling Technology HomeGrid CyberGrid

  8. Exhibit G (Rev 10, 10/24/12) Security Requirements Subcontract No. 241314 Page 1 of 32

    E-Print Network [OSTI]

    ) .........................................................................................6 3.1 Work site, Security Area, Badge and Data Information ....................................... 6/A..................................................................21 G6.0 Information Security (Feb 2012..........................................................................................24 G7.0 Cyber Information Security (Feb 2012

  9. Fast Process Security Assessment Theory Korkut Uygun and Yinlun Huang

    E-Print Network [OSTI]

    Huang, Yinlun

    plant security consists of three main components: physical security, cyber security, and processFast Process Security Assessment Theory Korkut Uygun and Yinlun Huang Dept. of Chemical Engineering.interscience.wiley.com). This communication introduces a comprehensive theory for process security assess- ment. The theory can quickly

  10. CLOUD-BASED SOFTWARE PLATFORM FOR DATA-DRIVEN SMART GRID MANAGEMENT Yogesh Simmhan, Saima Aman, Alok Kumbhare, Rongyang Liu, Sam Stevens, Qunzhi Zhou and

    E-Print Network [OSTI]

    Hwang, Kai

    CLOUD-BASED SOFTWARE PLATFORM FOR DATA-DRIVEN SMART GRID MANAGEMENT Yogesh Simmhan, Saima Aman and data networks into national power grids. This Smart Grid offers deep monitoring and controls, but needs. This article focuses on Cloud technologies used in a scalable software platform for the Smart Grid Cyber

  11. BROOKHAVEN NATIONAL LABORATORYS CAPABILITIES FOR ADVANCED ANALYSES OF CYBER THREATS

    SciTech Connect (OSTI)

    DePhillips M. P.

    2014-06-06

    BNL has several ongoing, mature, and successful programs and areas of core scientific expertise that readily could be modified to address problems facing national security and efforts by the IC related to securing our nation’s computer networks. In supporting these programs, BNL houses an expansive, scalable infrastructure built exclusively for transporting, storing, and analyzing large disparate data-sets. Our ongoing research projects on various infrastructural issues in computer science undoubtedly would be relevant to national security. Furthermore, BNL frequently partners with researchers in academia and industry worldwide to foster unique and innovative ideas for expanding research opportunities and extending our insights. Because the basic science conducted at BNL is unique, such projects have led to advanced techniques, unlike any others, to support our mission of discovery. Many of them are modular techniques, thus making them ideal for abstraction and retrofitting to other uses including those facing national security, specifically the safety of the nation’s cyber space.

  12. Challenges facing production grids

    SciTech Connect (OSTI)

    Pordes, Ruth; /Fermilab

    2007-06-01

    Today's global communities of users expect quality of service from distributed Grid systems equivalent to that their local data centers. This must be coupled to ubiquitous access to the ensemble of processing and storage resources across multiple Grid infrastructures. We are still facing significant challenges in meeting these expectations, especially in the underlying security, a sustainable and successful economic model, and smoothing the boundaries between administrative and technical domains. Using the Open Science Grid as an example, I examine the status and challenges of Grids operating in production today.

  13. Tools and Methods for Hardening Communication Security of Energy Delivery Systems

    SciTech Connect (OSTI)

    Gadgil, Shrirang; Lin, Yow-Jian; Ghosh, Abhrajit; Samtani, Sunil; Kang, Jaewon; Siegell, Bruce; Kaul, Vikram; Unger, John; De Bruet, Andre; Martinez, Catherine; Vermeulen, Gerald; Rasche, Galen; Sternfeld, Scott; Berthier, Robin; Bobba, Rakesh; Campbell, Roy; Sanders, Williams; Lin, Yow-Jian

    2014-06-30

    This document summarizes the research and development work the TT Government Solutions (TTGS), d.b.a. Applied Communication Sciences (ACS), team performed for the Department of Energy Cybersecurity for Energy Delivery Systems (CEDS) program. It addresses the challenges in protecting critical grid control and data communication, including the identification of vulnerabilities and deficiencies of communication protocols commonly used in energy delivery systems (e.g., ICCP, DNP3, C37.118, C12.22), as well as the development of effective means to detect and prevent the exploitation of such vulnerabilities and deficiencies. The team consists of • TT Government Solutions (TTGS), a leading provider of communications solutions that has extensive experience in commercializing communications solutions. TTGS also has deep cyber security research and development expertise supporting a variety of customers. • University of Illinois at Urbana-Champaign (UIUC), a leader in the cyber security research for the power grid. UIUC brings unique experience in designing secure communication protocols to this project. • Electric Power Research Institute (EPRI), an independent nonprofit that conducts research and development relating to the generation, delivery and use of electricity for the benefit of the public. EPRI brings to this effort its extensive technical expertise and its utility connections, with members representing more than 90 percent of the electricity generated and delivered in the United States. • DTE Energy, the 10th largest electric utility in the US, which helps ensure that this project focuses on the needs of utilities and is rightly positioned to address the needs of the market place. We designed, developed, and demonstrated a modular and extensible ADEC-G (Agent-based, Distributed, Extensible Cybersecurity for the Grid) system for monitoring/detecting abnormal energy delivery systems (EDS) protocol usage and ensuring security coverage. Our approach consists of i. An online system with stateful model based checkers (SMBCs) that helps utilities monitor EDS protocol communication contexts and flag abnormal session behaviors; ii. An offline framework that security tool developers, operators, and auditors can use to verify security properties (leverages formal methods). The modular design of the ADEC-G online system enables its easy extension to cover added protocol features, to introduce new monitoring capabilities, and to apply to additional communication protocols. Its monitoring capabilities and user interface features also facilitate visibilities into ongoing communication patterns and quick grasps of suspicious communication activities. The offline framework provides a platform not only for rigorous validation of security coverage, but also for systematic refinement of checker design leveraging the counter traces generated by the model checking tool. The ADEC-G online monitoring/detection system and the offline validation framework are both operational and have been demonstrated in various settings. The ADEC-G online system has also been integrated into TTGS SecureSmart Managed Security Services offering and been employed to perform security assessment in a section of a utility’s operational network as well as in other Smart Grid security pilot project offerings. TTGS is also in discussions with several system integrators for incorporating the integrated SecureSmart Managed Security Services offering as the cyber security solution for the nce of Operations Technology (OT) and Information Technology (IT).

  14. Information Technology Security for Small Business

    E-Print Network [OSTI]

    Magee, Joseph W.

    Information Technology Security for Small Business (video script) Descriptive Text for the Visually symbolic of information technology security and cyber crime. Narration: "No matter how well you protect, "Information Technology Security for Small Business" and "It's not just good business. It's essential business

  15. Providing Security With Insecure Systems Andrew Odlyzko

    E-Print Network [OSTI]

    Odlyzko, Andrew M.

    not caused by cyber­in­security. Even taking the crash into account, the world economy has been doing veryProviding Security With Insecure Systems Andrew Odlyzko School of Mathematics, University: Security, Economics, Human Factors Extended Abstract A Martian who arrived on Earth today would surely con

  16. DepSys: Dependency Aware Integration of Cyber-Physical Systems for Smart Homes

    E-Print Network [OSTI]

    Stankovic, John A.

    and water and enable the running of many CPS applications. Like other Cyber-Physical Systems (CPSs), when 978-1-4503-1170-0 ...$5.00. network will act as a utility similar to electricity and wa- ter. Then, different CPS applications in domains such as health, security, entertainment, and energy can be installed

  17. Cybersecurity Management in the States: The Emerging Role of Chief Information Security Officers

    E-Print Network [OSTI]

    Goodyear, Marilu; Goerdel, Holly T.; Portillo, Shannon; Williams, Linda M.

    2010-01-01

    -Government and Cyber Security: The Role of Cyber Security Exercises. Proceedings of the 39th Hawaii International Conference on System Sciences. Kauai, Hawaii. January 4–7, 2006. IBM Center for The Business of Government8 CYBERSECURITY MANAGEMENT IN THE STATES...

  18. Secure Password-Based Authenticated Key Exchange for Web Services

    E-Print Network [OSTI]

    sign-on, delegation, and identity. The Grid Security Infrastructure (GSI) is the name given so. 1.3 Security in Grid Computing Security is one of the major requirements of Grid computing. Any Grid site deployment must at least provide the basic security mechanisms including authentication

  19. Austrian Grid Austrian Grid

    E-Print Network [OSTI]

    Bosa, Karoly

    . Keywords: Security Management, Access Control, Authorization 1. INTRODUCTION Access control is the part

  20. Cyberspace security system

    DOE Patents [OSTI]

    Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

    2014-06-24

    A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.