Network Randomization and Dynamic Defense for Critical Infrastructure Systems
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Critical Infrastructure control systems continue to foster predictable communication paths, static configurations, and unpatched systems that allow easy access to our nation's most critical assets. This makes them attractive targets for cyber intrusion. We seek to address these attack vectors by automatically randomizing network settings, randomizing applications on the end devices themselves, and dynamically defending these systems against active attacks. Applying these protective measures will convert control systems into moving targets that proactively defend themselves against attack. Sandia National Laboratories has led this effort by gathering operational and technical requirements from Tennessee Valley Authority (TVA) and performing research and development to create a proof-of-concept solution. Our proof-of-concept has been tested in a laboratory environment with over 300 nodes. The vision of this project is to enhance control system security by converting existing control systems into moving targets and building these security measures into future systems while meeting the unique constraints that control systems face.
- Research Organization:
- Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Organization:
- USDOE Office of Electricity Delivery and Energy Reliability (OE), Power Systems Engineering Research and Development (R&D) (OE-10)
- DOE Contract Number:
- AC04-94AL85000
- OSTI ID:
- 1179040
- Report Number(s):
- SAND2015--3324; 583508
- Country of Publication:
- United States
- Language:
- English
Similar Records
Game Theory and Uncertainty Quantification for Cyber Defense Applications
Proactive Defense for Evolving Cyber Threats