Munis and Co-ops to Receive Cyber Security Protections
image credit: Credit: David Wagman
- Oct 15, 2020 3:58 pm GMTOct 15, 2020 1:44 pm GMT
- 343 views
The Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) awarded $12 million over a three-year period to develop and deploy cyber and cyber-physical solutions for distribution and municipal utilities.
Through the grant, CESER will partner with the American Public Power Association (APPA) and the National Rural Electric Cooperative Association (NRECA). As community-owned companies and cooperatives, these organizations rely on shared digital security resources.
The National Energy Technology Laboratory will develop and demonstrate the cyber and cyber-physical solutions that will be deployed. The solutions are expected to detect and respond to adversarial activity through community-led information sharing; use artificial intelligence to reduce false positives in threat detection; provide advanced analytics to pinpoint when and where a system was compromised; increase system resilience; and make use of autonomous defense at remote endpoints.
The cyber security solution also is intended to provide utilities with innovations at the hardware, firmware and software levels to protect key technology components that enable the safe control of physical systems that deliver electric power. CESER aims to deploy the solution to utilities by 2023.
The grant builds on an existing NRECA initiative known as Essence that was based around an algorithm that established a “normal” state for a computer network. System monitoring raised an alarm when anything out of the ordinary was detected.
Previous approaches to cybersecurity were prescriptive and required knowledge of a specific threat in order to create white lists, black lists and detection signatures. The Essence algorithm shifted the focus to identify unusual system behavior, respond to isolate affected areas and notify network engineers.
The National Rural Telecommunications Cooperative was a pioneer in deploying elements of Essence technology. Its early work tested a monitoring product that monitored for hot sockets that indicated fire or electrical problems.
With the grant award from DOE, Essence 2.0 will enable machine-to-machine learning and is designed to quickly detect and share information about anomalies in utility network traffic. The technology also is aimed at providing specific information that allows for isolation and definition of breach characteristics. That information can be shared with others in the industry to determine if a breach is a larger, coordinated attack.