Cyber networks support many important functions within energy delivery systems, from sending data between a smart meter and utility to controlling oil or gas flow in a pipeline. However, they are vulnerable to disturbances. According to the ICS-CERT Monitor, a publication of the U.S. Department of Homeland Security, a third of the 245 reported cyber incidents in industrial control systems that happened in 2014 occurred in the energy sector. The U.S. Department of Energy (DoE) initiative awards $28.1 million to a consortium of eleven universities and research organizations, with the goal of improving computer/communication networks for energy delivery systems like power grids and pipelines.
Washington State University will participate in a new, five-year $28.1 million U.S. Department of Energy (DoE) initiative to improve computer/communication networks for energy delivery systems like power grids and pipelines.
WSU reports that WSU researchers are joining with eleven universities and national laboratories on the Cyber Resilient Energy Delivery Consortium (CREDC), led by the University of Illinois at Urbana-Champaign, to improve the resilience and security of the cyber networks that serve as the backbone of the infrastructure that delivers energy to the nation — known as energy delivery systems (EDS) — for the electric power and oil and gas industries.
“EDS cyber resiliency challenges of the next five years are not fully understood,” said Carl Hauser, associate professor in WSU’s School of Electrical Engineering and Computer Science. “CREDC is a long-term commitment by the Department of Energy to find the problems and solve them.”
“The challenge is that increased efficiencies and capabilities in energy delivery rely on greater use of computers and communication networks, which simultaneously raises the potential for serious problems,” said David Nicol, director of the Information Trust Institute at Illinois, and Franklin W. Woeltge Professor of Electrical and Computer Engineering and CREDCprincipal investigator. “We need to be able to integrate advanced cyber components with the assurance that we aren’t making systems more vulnerable.”
One third of cyber incidents were in energy
Cyber networks support many important functions within energy delivery systems, from sending data between a smart meter and utility to controlling oil or gas flow in a pipeline. However, they are vulnerable to disturbances. According to the ICS–CERT Monitor, a publication of the U.S. Department of Homeland Security, a third of the 245 reported cyber incidents in industrial control systems that happened in 2014 occurred in the energy sector.
CREDC will work to make these systems more secure and resilient. In the cyber world, “security” refers to the ability to keep data confidential and uncorrupted while “resiliency” is the ability to withstand attacks, provide an acceptable level of service in the midst of an incident and recover quickly following an attack.
Northeast blackout prompts collaboration
WSU has worked with Illinois for more than a decade in the area of EDSresilience, particularly in the area of electric power. Early research came about after the 2003 Northeast blackout that affected a huge swath of New England and parts of the Midwest. At that time, researchers determined that while the blackout was not from a cyber security issue, they didn’t know whether a future incident could be.
“Over the next five years, there was a really concerted effort, from the DoE and others, to make the power industry more aware of cyber security issues,’’ said Hauser.
In addition to Hauser, WSU researchers Anjan Bose, Chen-ching Liu, Anurag Srivastava, and Adam Hahn are involved in the project.
WSU previously partnered in two Illinois-led initiatives, including the $7.5 million Trustworthy Cyber Infrastructure for the Power Grid (TCIP) and the $18.4 million Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) projects, supported by the DoE, Homeland Security, and the National Science Foundation. Both projects focused on scientific and engineering research to support cyber security and resilience for the grid. They also involved building relationships with the power industry to listen to concerns and focus research problems.
Looking at technology, costs
The new consortium’s areas of focus will include cyber protection technologies; cyber monitoring, metrics and event detection; risk assessment of EDS technology; data analytics for cyber event detection; resilient EDS architectures and networks; and the impact of disruptive technologies, such as the Internet of Things and cloud computing, on EDSresiliency. CREDC broadens the research scope to include the oil and gas industry as well as electric power.
The group will also look at business aspects of cyber resiliency. A major impediment to more resilient systems is the cost of upgrading legacy equipment. Researchers will analyze the return on investment in new technology and design models that will help businesses choose the most cost-effective, high-impact solutions.
The goal, Nicol said, is to create a pipeline through which foundational research will lead to applied research and development, which in turn will result in technology that is effective and affordable and can be implemented quickly in the field. The consortium will collaborate with industry partners — ranging from Fortune 500 companies like Honeywell to utilities such as Illinois-based Ameren—to accelerate the tech transfer process.
WSU notes that in addition to WSU, the consortium includes research experts from Argonne National Laboratory, Arizona State University, Dartmouth College, the Massachusetts Institute of Technology, Oregon State University, the Pacific Northwest National Laboratory, Rutgers University, Tennessee State University, and the University of Houston. TheDOE is contributing $22.5 million, with $5.6 million in recipient cost-share.