dr carol hawk
play

Dr. Carol Hawk March 28, 2017 U.S. Government Role and - PowerPoint PPT Presentation

U.S. Department of Energy Cybersecurity for Energy Delivery Systems (CEDS) Program Research and Development (R&D) Dr. Carol Hawk March 28, 2017 U.S. Government Role and Responsibilities DOE - Sector-Specific Agency Department of Homeland


  1. U.S. Department of Energy Cybersecurity for Energy Delivery Systems (CEDS) Program Research and Development (R&D) Dr. Carol Hawk March 28, 2017

  2. U.S. Government Role and Responsibilities DOE - Sector-Specific Agency Department of Homeland Security (DHS) Provide strategic guidance, promote national unity of (SSA) to: effort, and coordinate the overall Federal effort for Collaborate with infrastructure secure and resilient critical infrastructure including  identification and analysis of interdependencies among owners and operators to critical infrastructure sectors strengthen the security and resilience of critical infrastructure Critical Infrastructure Sector  Serve as a day-to-day Federal •Chemical interface for the prioritization and •Commercial Facilities •Communications coordination of sector-specific •Critical Manufacturing activities •Dams •Defense Industrial Base  Carryout incident management •Emergency Services responsibilities consistent with • Energy statutory authority and other •Financial Services •Food and Agriculture appropriate policies •Government Facilities •Healthcare and Public Health  Provide technical assistance to •Information Technology the sector to identify •Nuclear Reactors, Materials, & Waste vulnerabilities and help mitigate •Transportation Systems •Water and Wastewater Systems incidents 2

  3. Department of Energy’s Cybersecurity Roles Office of Electricity Delivery & Energy Reliability (OE) focuses on DOE’s role as a Sector Specific Agency (SSA) 3 3

  4. Cybersecurity and Emerging Threats Office of Electricity Delivery and Energy Reliability (OE) CEDS R&D CEDS OPS Next-Generation Building Capabilities to Technologies Address Today’s Threats Research and develop tools Make effective use of readily and technologies to advance available existing resilient energy delivery technologies to create systems designed, installed, solutions to address operated, and maintained to immediate problems in the survive a cyber incident while energy sector on a wide- sustaining critical functions. scale basis through collaborations with industry. 4

  5. Roadmap – Framework for Collaboration • Energy Sector’s synthesis of energy delivery systems security challenges, R&D needs, and implementation milestones • Provides strategic framework to – align activities to sector needs – coordinate public and private programs – stimulate investments in energy delivery systems security Roadmap Vision Resilient energy delivery systems are designed, installed, operated, and maintained to survive a cyber incident while sustaining critical functions. 5

  6. Coordination with Other Federal Cybersecurity R&D Programs • Primary mechanism for U.S. Government, unclassified Networking and IT R&D (NITRD) coordination • Supports Networking and Information Technology policy making in the White House Office of Science and Technology Policy (OSTP) 6 6

  7. CEDS Encourages Partnerships Asset Owners/Operators Academia Solution Providers National Labs • Ameren • ABB • Argonne National Laboratory • Orange & Rockland • Open • Arizona State University Utility Information • Arkansas • Brookhaven National • Alstom Grid • Carnegie Mellon University Security Electric Laboratory • Pacific Gas & • Applied • Dartmouth College Foundation Cooperatives Electric • Idaho National Laboratory Communication • Florida International University Corporation • OSIsoft Services • Peak RC • Lawrence Berkeley National • Georgia Institute of • Avista Laboratory • Parsons • Applied Control • PJM Interconnection Technology • Burbank Water • Lawrence Livermore National Solutions • Power • Rochester Public • Illinois Institute of Technology and Power Laboratory Standards Utilities • Cigital, Inc. • Iowa State University Laboratory • Los Alamos National • BPA • Sacramento • Critical • Lehigh University Laboratory • Qubitekk • CenterPoint Intelligence Municipal Utilities • Massachusetts Institute of • National Renewable Energy Energy District • RTDS • Cybati Technology Laboratory Technologies • Chevron • San Diego Gas and • Eaton • Oregon State University • Oak Ridge National Inc. Electric • ComEd • Enernex Laboratory • Rutgers University • Schneider • Sempra • Dominion • EPRI • Pacific Northwest National • Tennessee State University Electric • Snohomish PUD • Duke Energy Laboratory • Foxguard • Texas A&M EES • SEL • Southern Company • Electric Solutions • Sandia National Laboratories • University of Arkansas • Siemens Reliability • Southern California • GE Other • University of Arkansas-Little • Telvent Council of Edison • Grid Protection Rock Texas • Utility Advisors • Energy Sector Control • TVA Alliance • University of Buffalo - SUNY Systems Working Group • Entergy • Utility • Virgin Islands Water • Grimm • University of Illinois • International Society of Integration • FP&L and Power Authority • Honeywell Automation • UC Davis Solutions • HECO • WAPA • ID Quantique • NESCOR • UC Berkeley • UTRC • Idaho Falls • WGES • Intel • NRECA • University of Houston • Veracity Power • NexDefense • Open Information Security • University of Tennessee- • ViaSat • Inland Empire Foundation • OPAL-RT Knoxville Energy • University of Texas at Austin • NIPSCO • Washington State University 7 7

  8. CEDS Research & Development Program Structure Higher Risk, Longer Lower Risk, Shorter Medium Risk, Term Projects Mid-term Projects Term Projects • Core and Frontier National • National Laboratory Led • Energy Sector Led Laboratory Research Projects Projects Program • Academia Projects Partnering Path to Transition to Practice in the Energy Sector • CEDS builds research partnerships among energy sector utilities, asset owners and operators, suppliers, universities and national laboratories • Successfully transitioned more than 30 tools and technologies that reduce the risk of energy delivery being disrupted due to a cyber incident in the energy sector • Advancing the Roadmap’s vision of resilient energy delivery systems designed, installed, operated and maintained to survive a cyber incident while sustaining critical functions. 8

  9. Academic Collaboration Projects CREDC and SEEDS Cyber Resilient Energy Delivery Cybersecurity Center for Secure Evolvable Consortium (CREDC) Energy Delivery Systems (SEEDS) • Published or presented research on: • Project activities include: Cost effective security management Analysis, modeling, and detection of data and o o Systematic and Systems theoretical topology manipulation attacks, where grid o approaches connections are removed from system or their Trustworthy critical infrastructure research removal is spoofed o Tamper event detection using SCADA Visualization of real time data for situational o o hardware awareness Detection of data injection attacks Moving target defense, by frequently changing o o Remote testbeds for experimenting in cyber- access information o physical space Impact assessment of cyber attacks o Partners Partners 9

  10. Opportunities to Engage with CREDC Event Description Location Date Monthly CREDC Presentation by Blake Larsen, CIO and Vice Webinar March 3, 2017 Seminar Series President of IT, Western Refining 2017 CREDC Industry Engage with CREDC researchers, learn about Tempe, AZ March 27-29, 2017 Workshop CREDC research activities, impact current and future research plans, and network with industry sector leaders. Monthly CREDC Presentation by Michael M. Johnson, Chief Webinar April 7, 2017 Seminar Series Information Officer, U.S. Department of Energy (DOE) 2017 CREDC Summer Focus on cybersecurity and resiliency of energy St. Charles, Illinois June 11-17, 2017 Training delivery systems for the electric power and oil & gas industries Joint Information Trust Summit for electric cooperatives and municipal University of Illinois TBD Institute/CREDC and power providers Champaign, IL NRECA Cybersecurity Summit CREDC Industry Industry-focused outreach event organized by Pacific Northwest November 2017 Outreach Event PNNL, Washington State University, and Oregon State University 10

  11. CREDC IAB Members IAB Members Exelon Utilities Schweitzer Engineering Laboratories Formerly of Chevron Corporation Honeywell Building Solutions Western Refining North American Electric Reliability Corporation (NERC) Electric Power Research Institute (EPRI) Federal Energy Regulatory Commission (FERC) Jet Propulsion Laboratory, Cyber Defense Engineering and Science Directorate Idaho National Laboratory, National and Homeland Security (N&HS) 11

Recommend


More recommend