The U.S. Department of Energy (DOE) is responsible for ensuring the delivery of reliable energy throughout the country. As power plants, electrical grids and transmission stations become more connected, they are susceptible to cyberattacks. The DOE wants to have a system in place with a cyber-resilient energy delivery system that will protect the electric power grids as well as the infrastructure for oil and natural gas from any cyber threat. The Office of Electricity Delivery and Energy Reliability (OE) has made it a top priority to make this possible by funding a research team whose goal is to develop a secure network solution to reduce cyberattack exposures for these mission-critical networks.
One of the requirements of this research is to use the OpenFlow specification to deliver an industrial control system extension to the open source SDN using open networking. The use of SDN comes after a successful completion of SDN projects sponsored by the DOE's Cybersecurity for Energy Delivery Systems (CEDS) program.
According to the report, it is important to design a communication infrastructure that is capable of providing control of devices and operational needs along with the right redundancy systems to maintain reliability for the electrical industry.
Open networking with the OpenFlow specification will allow operators in the energy sectors to more effectively manage their traffic using access control lists (ACLs) and routing protocols. And because it allows switches from different vendors to be part of the ecosystem, they will not be limited by propriety interfaces and scripting languages.
Electric industry operators will have the capability to control data flows with a deny-by-default cybersecurity policy, reroute critical information and identify and isolate affected network areas automatically. Software defined and open networking are able to advance cybersecurity because of the network access control they provide, while at the same time simplifying the management of today's highly complex networks.
Open networking and SDN also reduce the size of field device firmware, which will get rid of the administration overhead associated with some patch management and configuration.
The research team will be focusing on reducing the cyberattack surface of energy delivery systems, and it will include industry partners such as the Electricity Subsector Coordinating Council (ESCC), the Electricity Information Sharing and Analysis Center (E-ISAC), and industry-led research partnerships. Governmental partners will include: DHS via the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), Science & Technology, and the National Cybersecurity and Communications Integration Center (NCCIC); NIST Smart Grid Interoperability Panel (SGIP); DARPA; DOD and others.
By 2020, the OE wants to have a system in place for cybersecurity with a resilient energy delivery system that is designed, installed, operated, and maintained with the capability of surviving a cyberattacks while remaining operational.
Edited by Alicia Young