Post on 27-Oct-2020
2017 Cyber Security
R&D Showcase and Technical Workshop
July 11 - 13, 2017 | Washington, D.C.
CIRI and CREDC(Research Centers in Resiliency)
David M. Nicol | University of Illinois
July 12, 2017 at Urbana-Champaign
Team Profiles
Cyber Resilient EnergyDelivery Consortium
(DoE and DHS)
Critical InfrastructureResilience Institute
(DHS CoE)
Customer Needs
DHS components need technical solutions and insight
CIRI performers provide knowledge for DHS use
CIRI project outcomes aim to influence policy, provide
technical capabilities to DHS components, their
clients, and impact the homeland security enterprise
CREDC customers are energy delivery equipment
suppliers and utilities
Need strategic insight into future needs
Need adoptable technology to deal with current and
emerging threats
Approach (CIRI)Find what is needed, possible, and viable
• Involve stakeholders, technology providers, and researchers at every step
to identify and prioritize opportunities
needed
ResearchStakeholders
Vendors
possible
viable
- Meet regulatory requirements
- Improve competitive standing
- New policy and law
- Scalability
- Training and workforce development
- Business case
- Workforce development
- Customer trust
- Supply chain
- Technology
- Analytic Methodologies
- Tools
- Existing policy and law
Approach (CIRI)Insurance & BusinessCase for Resiliency
Macro and Micro Industrial Supply Chains
Infrastructure Dependencies and Interdependencies
Communication
NEUGaTech
NYUStanford/Cornell
Stanford/UCLA (cyber inter-dependencies)UIUC (Cybersecurity Manufacturers)UIUC (Ports)
UNYB (Mobile Security)UCSD (Internet mapping)UIUC (IMPACT)UIUC (supply-chain, devices)
UIUC (Cyber-insurance)UIUCPenn
USCUW
Approach (CREDC)
Identify and perform cutting edge research and
development whose results are actually used to
increase cyber-resiliency of energy delivery systems
Approach (CREDC)
• Annual Industry Day• Industrial Advocates
Approach (CREDC)CREDC research develops tools and technology that improves cyber-security & resiliency on the operational technology side of energy delivery systems
Research Theme Areas
• Cyber-protection Technology
• Cyber Monitoring, Metrics, and Evaluation
• Risk Assessment of EDS Technology and Systems
• Data Analytics for Cyber Event Detection, Management, Recovery
• Resilient EDS Architectures and Networks
• Impact of Disruptive Technologies on EDS
• Validation and Verification
Benefits
Shared insights/perspectives with government agencies
Helping to differentiate important from urgent
Recommendations to government and industry on
Policy
Risk assessment
Technology trends
Technological solutions aimed for non-expert user
“Competition”
NIST Community Resilience Center of Excellence
Cybersecurity Center for Secure Evolvable Energy
Delivery Systems
Not so much competation as academic centers in
related space
Current Status Both CIRI and CREDC finishing year 2 (of 5)
All deliverables scheduled have been meet
At program level, #talks, #papers, #industrial partners
On track for other deliverables
CREDC:
increased emphasis on self-sufficiency program
CIRI: moving towards
formation of End-To-End project(s)
tech transfer stage of projects
Transition/Completion Activities
CIRI
Testing NIST framework dashboard in industrial settings
Evaluating system modeling tool in industrial settings with
potential partner/user
Risk assessment tool under evaluation in industrial settings
CREDC: project technical partnerships with
SEL, SDGE, ReliabilityFirst, Leviathan Security, Red Trident
others under development
Lessons LearnedProgram-scale
• Need clear understanding of value proposition to industry of
working with universities
Beyond access to students!
Gap analysis is critical
Academics tend not to know what is happening in the
commercial sector
Understand demands on sponsors
Expectation is transitive
Solve a small problem before it becomes a big problem
Lessons LearnedTechnical-scale
• Listen to industry’s perceived needs, understand technical
and budget constraints
• Find the value-add of research beyond “fire insurance”
• Tie ROI to features/attributes/functionality valuable in a
positive way every day
• Expect transition in industrial organization
• Work to establish connections beyond individual contacts
• Retirement or promotion ain’t good for everyone
Contact Info
David M. Nicol
Franklin W. Woeltge Professor of ECE
University of Illinois at Urbana-Champaign
dmnicol@Illinois.edu
(217) 244-1925
2017 Cyber Security
R&D Showcase and Technical Workshop
July 11 - 13, 2017 | Washington, D.C.