DOE Cybersecurity “Chess Master” Project

 

Veracity Industrial Networks is proud to be actively working with our partners Sempra Energy and Schweitzer Engineering Labs on an important cybersecurity initiative sponsored by the United States Department of Energy. Veracity recently delivered Phase 1 of the project, allowing testing and deployment to continue.

 

This page provides an update on what the project covers and provides links to background and documents related to this project and DOE’s Cybersecurity for Energy Delivery Systems (CEDS) program.

 

Department of Energy Project Update

Veracity is part of a three-company team tapped by the U.S. Department of Energy (DOE) to develop a secure networking solution that reduces cyberattacks against U.S. industrial and utility networks.

The project is known as “Chess Master.”

DOE’s “Poster” for the Chess Master project

PDF

DOE’s Chess Master Fact Sheet, the goal of which is to “strengthen cybersecurity with central visibility of operational networks that deny-by-default to help prevent unexpected, and therefore undesired, cyber-activity”

PDF

 

Agency Funding Doesn’t Slow Down to Cyber Startups

http://www.tandemnsi.com/2017/02/agency-funding-doesnt-slow-cyber-startups/

WHAT ARE THE KEY THREATS TO OUR CRITICAL INFRASTRUCTURE?

Cyberattacks are not new. Our news is filled with them on a daily basis. However, most attacks happen on “information technology” networks and involve theft of data or the ransoming of data encrypted by the hacker.

Attacks on our “OT” (Operational Technology) networks are different. These networks control our electric power, water, oil and gas and chemical manufacturing facilities. If these networks are compromised, the consequences might be far more negative than the loss of credit card information.

DOE tries to spur development of defenses against Ukraine-style electrical grid cyberattack

https://www.cyberscoop.com/doe-tries-spur-development-defenses-ukraine-style-electrical-grid-cyberattack/

Dragos analysis of the “crashoverride” attack

https://dragos.com/blog/crashoverride/

THE SECURITY OF OUR NATIONS POWER GRID

Securing our nation’s power grid from cyberattacks is a major concern, in part because of the potential and somewhat unknown long term consequences of a widespread power outage. Here is the letter 19 Senators sent to the White House, inquiring about status of power grid security, as well as a 2016 Vulnerability Analysis from the Office of Energy Policy and Systems Analysis (EPSA) in the U.S. Department of Energy.

THE DOE’S HISTORY WITH CYBERSECURITY INITIATIVES

The Department of Energy has a long supported the development of cybersecurity technologies for use in critical installations.  The documents here represent the background, initial plan and roadmap for a range of cybersecurity initiatives.  These also set the stage for the work that Veracity is doing today.

The Department of Energy’s “Roadmap to Achieve Energy Delivery Systems Cybersecurity” from 2011 gives an overview of the entire venture.

https://energy.gov/sites/prod/files/Energy%20Delivery%20Systems%20Cybersecurity%20Roadmap_finalweb.pdf

Cybersecurity Research, Development and Demonstration (RD&D) for Energy Delivery Systems overview

https://energy.gov/oe/cybersecurity-research-development-and-demonstration-rdd-energy-delivery-systems

The vision for the CEDS program is “By 2020, resilient energy delivery systems are designed, installed, operated, and maintained to survive a cyber-incident while sustaining critical functions” The DOE CEDS program initiatives are outlined here:

https://www.energy.gov/oe/ceds-fact-sheets

The Watchdog Project is a DOE project that proceeded Chessmaster and looked at the viability of an SDN-based flow controller SDN as an enabling technology for industrial cybersecurity.  This White Paper gives some of the details:

https://cdn.selinc.com/assets/Literature/Publications/Technical%20Papers/6655_SoftwareDefined_RS_20140423.pdf?v=20170622-123719