1:45 PM - 2:45 PM

Cyber-Resilient Power Grid Control Systems: Tales from the Bleeding Edge

Modern society depends on critical infrastructure – the power grid, the water system, the oil and gas infrastructure. Over the last two decades, OT and IT infrastructures coalesced, with control systems such as SCADA for the power grid transitioning from proprietary communication protocols to IP (the internet protocol) for cost, availability, and simplicity reasons. This transition removed the air gap traditionally relied upon in securing critical infrastructure.

While deploying critical infrastructure systems according to best practices may be sufficient to counter common hackers, it is less effective against well-funded nation-state actors. As the geopolitical situation deteriorates in recent years, the risk nation-state actors pose to our critical infrastructure increases dramatically.

Beyond continuously improving best practices and enforcing them, it becomes necessary to construct control systems that are intrusion-tolerant: they continue to operate correctly even in the face of a successful attack, where part of the system is compromised by a sophisticated adversary. Such systems include AI-based intrusion-detection capabilities that are effective in providing the necessary situational awareness to well-trained operators.

The session will describe our experience developing, red-teaming, and test-deploying an intrusion-tolerant SCADA system for the power grid as part of several DARPA, DoD, and DoE projects, with national labs (PNNL, SANDIA), SCADA manufacturers (Siemens, GE), and utility (Hawaiian Electric) partners. We aim to foster a discussion conducive to broader integration and deployment of such capabilities toward a cyber-resilient grid.

Quick Info

  • March 4, 2024
  • 1:45 PM - 2:45 PM
  • Grand Salon B: Section 9 & 12