Superstorm Sandy caused a major disruption to passenger-rail and other commuter systems throughout New York and New Jersey. To address this issue, New Jersey Transit (NJT) established the NJ TRANSITGRID project, an effort designed to power bus, ferry, and limited passenger-rail service during natural or man-made disasters. Given the importance of these transportation systems, NJT partnered with Sandia National Laboratories (Sandia) to assess the cyber-resilience of the information systems that monitor and control the electrical systems within the microgrid. The Sandia “tabletop” assessment is based on the most recent 20% design packages. From this assessment, the Sandia team identified several security areas that were undefined or did not implement industry best practices. Finally, the Sandia team presented possible follow-on assessment activities and recommended investigating multiple hardening technologies. Addressing these findings and adding state-of-the-art detection and mitigation technologies will help ensure the NJ TRANSITGRID is built with more comprehensive cyber-resilience features.
Sandia National Laboratories has funded the research and development of a new capability to interactively explore the effects of cyber exploits on the performance of physical protection systems. This informal, interim report of progress summarizes the project’s basis and year one (of two) accomplishments. It includes descriptions of confirmed cyber exploits against a representative testbed protection system and details the development of an emulytics capability to support live, virtual, and constructive experiments. This work will support stakeholders to better engineer, operate, and maintain reliable protection systems.
This report describes a research project to examine the hardware used in automated control systems like those that control the electric grid. This report provides an overview of the vendors, architectures, and supply channels for a number of control system devices. The research itself represents an attempt to probe more deeply into the area of programmable logic controllers (PLCs) - the specialized digital computers that control individual processes within supervisory control and data acquisition (SCADA) systems. The report (1) provides an overview of control system networks and PLC architecture, (2) furnishes profiles for the top eight vendors in the PLC industry, (3) discusses the communications protocols used in different industries, and (4) analyzes the hardware used in several PLC devices. As part of the project, several PLCs were disassembled to identify constituent components. That information will direct the next step of the research, which will greatly increase our understanding of PLC security in both the hardware and software areas. Such an understanding is vital for discerning the potential national security impact of security flaws in these devices, as well as for developing proactive countermeasures.
This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.