Developing systems to protect the nation’s electric grid has been a key goal for many public, private and government developers for years – yet exerts say the grid is still largely vulnerable of serious cyberattackers.
The Defense Advanced Research Projects Agency (DARPA) is looking to bolster the nation’s grid defenses with a system called Rapid Attack Detection, Isolation and Characterization (RADICS) that will detect and automatically respond to cyber-attacks on US critical infrastructure.
“DARPA is interested specifically in early warning of impending attacks, situation awareness, network isolation and threat characterization in response to a widespread and persistent cyber-attack on the power grid and its dependent systems. Potentially relevant technologies include anomaly detection, planning and automated reasoning, mapping of conventional and industrial control systems networks, ad hoc network formation, analysis of industrial control systems protocols, and rapid forensic characterization of cyber threats in industrial control system devices,” the research agency stated.
Exact details of what the RADICS system will entail were not disclosed yet but the agency will hold a Proposers Day on Dec. 4 to detail it further.
DARPA has taken aim at the power infrastructure security situation in the past. Its High-Assurance Cyber Military Systems (HACMS) program, announced in 2012, looks to develop and build technology for what DARPA calls “high-assurance cyber-physical systems, where high assurance is defined to mean functionally correct and satisfying appropriate safety and security properties.”
HACMS seeks to develop secure embedded systems in everything from large supervisory control and data acquisition (SCADA) systems that manage physical infrastructure, to medical devices, computer peripherals such as printers and routers, to communication devices such as cell phones and radios, vehicles, airplanes and satellites.
The idea DARPA said was to produce a set of open source tools integrated into a software workbench, which will be widely distributed for use in both the commercial and defense software sectors, DARPA stated.
Key HACMS technologies include semi-automated software synthesis systems, verification tools such as theorem provers and model checkers, and specification languages. HACMS aims to produce a set of publicly available tools integrated into a high-assurance software workbench, widely distributed to both defense and commercial sectors.
The US Department of Energy has also spent millions developing security systems for the grid. The DOE in fact recently held Grid Security Exercise III (GridEx III) that brought together 350 organizations and an estimated 10,000 individuals to test and discuss grid threats. The DOE said of the exercise: “During a real-world attack on the grid, the Department of Energy would be responsible for collecting, evaluating, and sharing information on our energy infrastructure, as well as working with Federal, state, and local entities and industry to help facilitate the restoration of damaged energy infrastructure. We tested all of these mechanisms at GridEx III. In addition, we discussed policy and legal challenges on a variety of topics, including how to share information and resources, coordinate our response, overcome regulatory barriers, and integrate public and private efforts so that we bring to bear our joint capabilities. This is particularly important because 90 percent of energy infrastructure is in private hands. The North American Electric Reliability Corporation (NERC), the sponsoring organization for GridEx III, will complete a report of findings and recommendations from the exercise, scheduled for release in the first quarter of 2016.”
Watchdogs at the Government Accountability Office recently wrote of the country’s infrastructure: “The cyber threat to critical infrastructure continues to grow and represents a serious national security challenge. Foreign malicious actors have directly attacked and extracted highly sensitive materials from the networks of government agencies and major critical infrastructure companies. To address the threat, a proactive and coordinated effort is necessary to strengthen and maintain secure, functioning, and resilient critical infrastructure–including privately owned or operated assets, networks, and systems–that are vital to public confidence and the nation’s security, economy, health, and safety.”