Securing Critical Infrastructure through Resiliency R&D ... · Think like a Hacker, Act like an...
Transcript of Securing Critical Infrastructure through Resiliency R&D ... · Think like a Hacker, Act like an...
American Public Power Association (APPA) Cybersecurity Summit November 2018
Wayne Austad,
Technical Director
Cybercore Integration Center
Securing Critical
Infrastructure through
Resiliency R&D and
Workforce Education
The Idaho National Laboratory – 70 Years of Groundbreaking Nuclear Energy R&D
Energy and Environment
National Reactor Testing Station
1949 1997
Environmental Management Mission
2005
INEEL & ANL-W combined to create the new Idaho
National Laboratory
Nuclear Energy
2019
Advancing Nuclear Energy
Securing & Modernizing Critical
Infrastructure
Enabling CleanEnergy Systems
1974
Energy Mission – Reactor Science, Safety and
Sustainability Solutions
Building a New Laboratory
National and Homeland Security
2
INL’s Strategic Science & Technology Initiativesto Achieve Our Energy Security Mission
Cyber-informed science and engineering
Nuclear energy competitiveness and
leadership
Integrated nuclear fuel cycle
solutions
Integrated energy
systems
Advanced design and
manufacturing
Strategic Science & Technology Initiatives
Strategic S&T initiatives are built on solid foundations to address grand challenges and advance energy and security goals for the nation
3
Control Systems Cybersecurity
Electric Grid Resilience
Nonproliferation/Safeguards
Nuclear Forensics/Ultratrace Detection
Armor Development
Emergency Training & Response
Wireless Communications & RF Modeling Materials & Energetics
National & Homeland Security Directorate –R&D, Demonstration & Deployment (RDD&D) Capabilities
Continual Focus on the Nation’s Global Security Challenges
4
Unique National Security Infrastructure and Capabilities
Innovation in nuclear, control systems, power grid, wireless and physical security
Research and Education Campus
Controls & Energy Security Labs
~20k TNT, VA Center
National Security Test Range
First Responder Training
Radiological Ranges
Electro-refining, SNM for Test/R&D
Nuclear Materials R&D
Commercial Feeds,
Test Loops/Spurs
Electric Grid Test Bed
Wireless Test Bed
Agile Spectrum
100% Quality Product
Specific ManufacturingWater Security Test Bed
Municipal Water System
Full-scale real-world testing and demonstrations for deployment(designed, built and operated by INL)
Integrated testing across multidisciplinary areas (radiological, physical security, explosive, power, controls, cyber)
Rapid development through model, test, validate, and refine(high fidelity, effects-based modeling, rapid testing and measurement)
Access to the full range of support services (lineman, engineers, rad techs, fire fighters and security forces)
Ability to develop prototypes, manufacturing process and resolve uncertainty
5
Integrating diverse capabilities to protect and mitigate current and emerging natural and man-made threats to the nation’s critical infrastructure.
Energy Power Grid Research & Development
CITRC
Wireless
Test Bed
REC
Full-Scale
Power &
Wireless
RDD&D
Utility Substation
Equipment &
Configuration
Power Grid
Distribution
Reliability
Cybersecurity R&D Labs
Data Visualization &
Advanced Modeling
& Simulation
890 sq. mile
test range
6
Critical National Challenges in Control Systems CyberA More Holistic Approach to People, Partnerships, and Technology is Needed
National measure/countermeasure approach is not
sustainable, scalable, or anticipatory
Fundamental science &
engineering of cyber challenges are inadequately advanced
R&D and complex solutions require
expensive systems and large-scale proving grounds
Technical expertise is
in limited supply and mostly consumed
in operations
7
Cybercore Integration Center Build an Enduring Control Systems Cybersecurity Innovation Capability
Virtual Research Park Interdisciplinary
Talent Pipeline
8
• Cyber-informed Engineering
• Situational Awareness
• Automated Response
• Embedded Security
• Secure Communications
Research & Development
9
Spectrum of RDD&D for integration and focus
Mitigate exploits before there is an
impact, particularly on legacy devices.
Automated Threat Responses and Resilient, Self-
Healing Systems
Engineering-based risk analysis,
hardening, detection, & threat disruption
devices.
Consequence-driven
Cyber-informed Engineering
Identify innovative mitigations and secure future
technologies within engineered designs
Security of Embedded
Technologies & Systems
Secure & Robust Wireless
Communications
Integrate security based on “physics”
of the channel communication
Analysis of key monitoring points, sensors, forensics, and R&D to address
gaps
Situational Awareness in Operational Technology
Risk and Impact Analysis Informs R&D
Fundamentals of the Engineered Process
10
Component and System Security
Long-Term vision requires both Engineered Approaches and Composable Security
Step 1 Step 2 Step 3 Step 4
Consequence Prioritization
System of Systems
Breakdown
Consequence-based Targeting (mapping the ICS Cyber Kill Chain)
Mitigations and Protections
(including tripwire development)
Kill Chain MitigationsKill Chain Analysis
Consequence-driven Cyber-informed Engineering (CCE)CCE for existing processes and critical functions …
Determine critical
functions; identify
processes that
cannot fail
Identify key attack
points to interrupt
critical system
functions;
information, access,
actions
Attack path
illumination; identify
options available to
adversary, and map
the steps they will
take
Design-out the
cyber-risk; interrupt
attacker options with
engineering controls
and threat tripwires
11
Changing the way engineers, operations personnel, and senior leaders understand
and mitigate cyber risk to their most critical subsystems and processes
Cyber-Informed
Engineering Lifecycle
CIE Framework: • Consequence/Impact Analysis
• Systems Architecture
• Engineered Controls
• Design Simplification
• Resilience Planning
• Engineering Information Control
• Procurement and Contracting
• Interdependencies
• Cyber Security Culture
• Digital Asset Inventory
• Active Process Defense
Think like a Hacker,
Act like an Engineer
System Design and
Development/
Implementation
Concept
Development
Requirements
Engineering
System
Architecture
Systems
Integration
Test and
Evaluation
Transition,
Operations and
Maintenance
Traditional OT
Cybersecurity
Risk Mitigation
Cyber-Informed Engineering (CIE) – New DesignsApply to the full Systems Development Lifecycle, V-Model
Security as engineering & operational culture,
not just the application of market technology12
• Pilot of a two-way operational
technology data sharing and
analysis capability to
determine what to monitor,
how to process data, and
how to share sensitive data
while protecting privacy.
– 4 utilities in diverse
environments:
transmission,
distribution, and
generation
– National laboratories
– DOE
– Cybersecurity experts
• Collaboration “with energy
sector partners to facilitate
the timely bi-directional
sharing of unclassified
and classified threat
information and develop
situational awareness tools
to enhance the sector's
ability to identify, prioritize,
and coordinate the
protection of their critical
infrastructure and key
resources.”
– E-ISAC
– National laboratories
– DOE
Cybersecurity for the Operational Technology Environment (CYOTE)
Cybersecurity Risk Information Sharing
Program (CRISP)
13
Focused on developing automated
response capabilities to protect critical
California infrastructure against cyber-
attacks … through [increasingly]
automated, machine-to-machine
communications to assess key indicators
and develop appropriate responses.
California Energy Systems for the 21st Century (CES-21)
14
Next Generation Control Systems: From Reliable to Resilient to Self-Healing
15
Resilient Design provides an
adaptive capacity and agility for
response to threats, including those
that are not well characterized by
traditional means
State Awareness provides essential
knowledge of operating parameters to
fully characterize the decision space
Threats are those elements that counter
normalcy and destabilize control system
networks – human error and malicious
attacks, complex latencies and
interdependencies
A resilient control system is one that maintains state awareness and an
accepted level of operational normalcy in response to disturbances,
including threats of an unexpected and malicious nature.
INL WSComm: Underlay Control Channel: Least burden on spectrum
Incumbent (Primary) Wideband OFDM and other signals / interference
WSComm Underlay contribution to average of sumWSComm Underlay elimination from average of sum
WSComm robustly integrates an “underlay control or communications
channel” with a dynamic high bandwidth “overlay channel” to create a new
foundation for adaptive spectrum use and cognitive radio technology
INL WSComm: High-data-rate Overlay Secondary-user Channels: White-spaces are identified and synchronized by underlay control channel sensing algorithm
… Foundational platform for series of innovations in agile and secure communications
Incumbent (Primary) Narrowband FH signal / interference
f
Signal
Power
Density
Noise
level
WSComm: Wireless Spectrum Communications
16
• Industry Training
• Educational Programs
Workforce Education
17
The National Workforce Capability Gap
Actionable threat analysis and information sharing
High quality and immediate incident response
Innovative R&D, deployable of long-term solutions
Advanced technology education
Relevant training and performance-based competency
Available specialized
expertise to address control
systems cybersecurity
threats is less than 10%* of
what the nation needs.
A multidimensional, long-term
workforce development
approach is needed:
• Hands-on training
• Initial competency
• Professional teaming
*INL’s insight gained from the many requests for
expertise from U.S. Government and private
sector leads to this estimation.18
Segregated areas for Red Team/Blue Team
Classroom supports up to 42 students Integrated substation with chemical plant
Visit: https://ics-cert.us-cert.gov/Training-AvailableThrough-ICS-CERT
DHS ICS Cybersecurity (301) – Red/Blue Training
19
CyberStrike Workshop
Training that provides self-contained
substation and generation environments for
hands-on, relevant participant experiences.
Hands-on Labs
• Open Source Intelligence
• Denial of Service
• Controlling the HMI
• Bypassing the HMI
• Firmware Analysis
• Passive Man in the Middle
• Active Man in the Middle
• Preventing Attack via Network
Segmentation
• 8-hour hands-on workshop
• Two workshop variations:
Electricity, Oil and Natural Gas
• Training platforms:
PLC, HMI, network switch
20
INL Contract RegionalStrategic University
Partnerships for Education & Research
Joint Appointments Researchers Students
Strategically align interdisciplinary programs, with hands-on collaboration on hard national challenges,
to enable the innovation and excitement that accelerate talent pipelines.
Institutional Approach to Academic Partnerships
21
22