About the Cybersecurity for Energy Delivery Systems Program
A key mission of the Department of Energy's (DOE) Office of Electricity Delivery and Energy Reliability (OE) is to enhance the reliability and resilience of the nation's energy infrastructure. Cybersecurity of energy delivery systems is critical for protecting the energy infrastructure and the integral function that it serves in our lives.
OE designed the Cybersecurity for Energy Delivery Systems (CEDS) program to assist the energy sector asset owners (electric, oil, and gas) by developing cybersecurity solutions for energy delivery systems through integrated planning and a focused research and development effort. CEDS co-funds projects with industry partners to make advances in cybersecurity capabilities for energy delivery systems.
Critical Importance of Energy Delivery Systems
Energy delivery systems are the backbone of the energy sector - a network of processes that produce, transfer, and distribute energy and the interconnected electrontic and communication devices that monitor and control those processes. Energy delivery systems include control systems, the brains that operate and monitor our energy infrastructure. Two examples of such systems are the Supervisory Control and Data Acquisition (SCADA) and the Distributed Control Systems (DCS). Most early SCADA system designs did not anticipate the security threats posed by the integration of advances in computers and communication such as off-the-shelf software and operating systems, public telecommunication networks, and the Internet. Energy delivery systems have become more productive and efficient, but the energy sector is faced with an unprecedented challenge in protecting systems against cyber incidents and threats.
The CEDS program emphasizes collaboration among the government, industry, universities, national laboratories, and end users to advance research and development in cybersecurity that is tailored to the unique performance requirements, design and operational environment of energy delivery systems. The aim of the program is to reduce the risk of energy disruptions due to cyber incidents as well as survive an intentional cyber assault with no loss of critical function. This program has resulted in increased security of energy delivery systems around the country.
CEDS program activities fall under five project areas, guided by the Roadmap to Achieve Energy Delivery Systems Cybersecurity. They are:
- Build a Culture of Security. Through extensive training, education, and communication, cybersecurity “best practices” are encouraged to be reflexive and expected among all stakeholders.
- Assess and Monitor Risk. Develop tools to assist stakeholders in assessing their security posture to enable them to accelerate their ability to mitigate potential risks.
- Develop and Implement New Protective Measures to Reduce Risk. Through rigorous research, development, and testing, system vulnerabilities are revealed and mitigation options are identified which has led to hardened control systems.
- Manage Incidents. Facilitate tools for stakeholders to improve cyber intrusion detection, remediation, recovery, and restoration capabilities.
- Sustain Security Improvements. Through active partnerships, stakeholders are engaged and collaborative efforts and critical security information sharing is occurring.
DOE is helping to address the critical security challenges of energy delivery systems through a focused R&D effort and integrated planning.
R&D: National SCADA Test Bed
Securing energy delivery systems is essential for protecting energy infrastructure. The National Research Council identified "protecting energy distribution services by improving the security of SCADA systems" as one of the 14 most important technical initiatives for making the Nation safer across all critical infrastructures. In addition, the National Strategy to Secure Cyberspace (2003) states that "securing DCS/SCADA is a national priority."
The National SCADA Test Bed (NSTB) provides frontier research development as well as a core testing environment to help industry and government identify and correct vulnerabilities in SCADA equipment and control systems within the energy sector. NSTB is a one-of-a-kind national resource that draws on the integrated expertise and capabilities of the Argonne, Idaho, Lawrence Berkeley, Los Alamos, Oak Ridge, Pacific Northwest, and Sandia National Laboratories. NSTB combines a network of the national labs' state-of-the-art operational system testing facilities with expert research, development, analysis, and training to discover and adress critical security vulnerabilities and threats the energy sector faces. NSTB offers more than 17 testing and research facilities, encompassing field-scale control systems, 61 miles of 138 kV transmission lines, 7 substations, and advanced visualization and modeling tools.
More about the National SCADA Test Bed
Asset owners and operators, government agencies, and other stakeholders are pursuing various strategies to improve control systems security. To provide a unifying framework, DOE partnered with industry, DHS, and Natural Resources Canada in 2005 to facilitate the development of the Roadmap to Achieve Energy Delivery Systems Cybersecurity. DOE has used the Roadmap to encourage industry, government, and academic collaboration to stimulate the creation of more secure, next-generation control systems.
The Energy Sector Control Systems Working Group (ESCSWG) updated this roadmap to build upon the successes of the energy sector and address gaps created by the changing energy sector landscape and advancing threat capabilities, and to emphasize a culture of security. Released in 2011, the updated Roadmap to Achieve Energy Delivery Systems Cybersecurity identifies the critical needs and priorities of the energy sector and provides a path for improving security, reliability, and functionality of energy delivery systems.
The ESCSWG is a public-private partnership consisting of energy delivery systems cybersecurity experts from government and industry that support the Electricity Sub-sector Coordination Council, Oil and Natural Gas Sector Coordinating Council, and the Government Coordinating Council for Energy under the Critical Infrastructure Partnership Advisory Council framework. CEDS has co-chaired and supported the ESCSWG efforts since its formation in 2007.
To enhance the Roadmap's effectiveness, the ESCSWG created the interactive energy Roadmap (ieRoadmap), an online database where industry can share its R&D efforts for achieving Roadmap goals, evaluate its progress, and discover collaborative opportunities for future projects.
Implementation of New Protective Measures: Leveraging Government and Industry Expertise
To accelerate the development of next-generation control systems, CEDS supports industry-led, cost-shared projects that improve cyber intrusion detection, remediation, recovery, and restoration capabilities of both the energy delivery systems as well as the cyber-physical interfaces. Each project works closely with NSTB labs and other private-sector partners to develop and commercialize tools and technologies that can make real and immediate impacts on energy sector cybersecurity. The industry-led project teams leverage the subject-matter expertise, unique capabilities, and specialized facilities of participating NSTB national laboratories.
Long-Term R&D: Academia-Led Projects
Through partnerships with academia, CEDS is supporting the development of frontier research, providing a platform to bring power systems engineering and computer science together, to meet the current and future needs of providing cybersecurity for energy delivery systems. The Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) project is a partnership of professors, researchers, and students from the University of Illinois at Urbana-Champaign, Dartmouth College, Cornell University, University of California at Davis, and Washington State University. TCIPG is developing technologies for a secure, real-time communication system; an automated cyber attack response system; risk and security assessment tools; security validation; and smart grid applications including wide-area control and monitoring, controllable load demand response, and the integration of plug-in hybrid electric vehicles. It is an expansion of the original TCIP project, a five-year effort begun in fall 2005 funded primarily by the National Science Foundation, with support from DOE and DHS. As TCIP, the project developed a range of hardware and software solutions, including a highly efficient technique for protecting message exchanges in existing, already-deployed power systems and a strategy for managing complex security policies in large networks that may have thousands of access rules.
CEDS also supports The Software Engineering Institute (SEI), a federally funded R&D center at Carnegie Mellon University. SEI provides a unique set of interdisciplinary capabilities, expertise, and partnerships to conduct frontier research and analysis. SEI provides independent expertise in support of the CEDS mission by working in public-private partnership to develop, pilot, implement and transition to the electricity sector improved software and systems engineering practices. Activities include: Supporting public-private efforts to develop security architecture and interoperability guidelines for the electricity sector; Providing guidance in identifying and managing electricity sector risk; and Transitioning other cybersecurity tools to the electricity sector.