skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Secure Control Systems for the Energy Sector

Abstract

Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact ofmore » the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.« less

Authors:
; ;
Publication Date:
Research Org.:
Schweitzer Engineering Laboratories, Incorporated
Sponsoring Org.:
USDOE
OSTI Identifier:
1087721
DOE Contract Number:
FC26-07NT43311
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
24 POWER TRANSMISSION AND DISTRIBUTION; 97 MATHEMATICS AND COMPUTING

Citation Formats

Smith, Rhett, Campbell, Jack, and Hadley, Mark. Secure Control Systems for the Energy Sector. United States: N. p., 2012. Web. doi:10.2172/1087721.
Smith, Rhett, Campbell, Jack, & Hadley, Mark. Secure Control Systems for the Energy Sector. United States. doi:10.2172/1087721.
Smith, Rhett, Campbell, Jack, and Hadley, Mark. 2012. "Secure Control Systems for the Energy Sector". United States. doi:10.2172/1087721. https://www.osti.gov/servlets/purl/1087721.
@article{osti_1087721,
title = {Secure Control Systems for the Energy Sector},
author = {Smith, Rhett and Campbell, Jack and Hadley, Mark},
abstractNote = {Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.},
doi = {10.2172/1087721},
journal = {},
number = ,
volume = ,
place = {United States},
year = 2012,
month = 3
}

Technical Report:

Save / Share:
  • The Padlock Project is an alliance between Tennessee Valley Authority (TVA), Sandia National Laboratories (SNL), and Schweitzer Engineering Laboratories Inc. (SEL). SEL is the prime contractor on the Padlock project. Rhett Smith (SEL) is the project director and Adrian Chaves (SNL) and John Stewart (TVA) are principle investigators. SEL is the world’s leader in microprocessor-based electronic equipment for protecting electric power systems. The Tennessee Valley Authority, a corporation owned by the U.S. government, provides electricity for 9 million people in parts of seven southeastern states at prices below the national average. TVA, which receives no taxpayer money and makes nomore » profits, also provides flood control, navigation and land management for the Tennessee River system and assists utilities, and state and local governments with economic development.« less
  • Recent developments in renewable energy (RE) related to upward revisions to potential estimates, declining costs, and improved performance have created new opportunities for using RE to cost-effectively meet energy security challenges in India. Under the “Modestly Secure and Clean” scenario, 40% of energy needs in 2030 are met by wind (15%), solar (10%), other RE (5%), and energy efficiency (10%) at a cost comparable to the “Baseline” scenario where only 10% of the electricity demand is provided by these resources and will lead to elimination of coal imports. If the rapid drop of solar prices continues, an electricity mix wheremore » 60% of the demand is provided by these sources can be achieved at comparable costs. Given the seasonal and diurnal complementary nature of solar and wind resources in India, and high- level of correlation with the load shape, such a mix is both cost effective and technically feasible.« less
  • This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.
  • This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despitemore » much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.« less
  • This is the final report of Phase 2 of the Secure Power Systems Professional project, a 3 phase project. DOE will post to their website upon release.