The Berkeley Lab Data Science and Technology Department is an active participant in a number of projects in the arena of cybersecurity for energy delivery systems. Recently, this work has been funded largely via DOE’s Cybersecurity for Energy Delivery systems program. These projects include collaborations with academic, vendor, and utility partners.
LBNL’s work in security for power grid control systems emphasizes both its historical role in developing, deploying and testing the Zeek (Bro) Network Security Monitor, as well as novel ideas that leverage and integrate physics — physical limitations, physical sensor output, and insight into commands sent to control systems — to help monitor and protect networked energy system devices under control.
Solar power opens up new targets for cyber attackers (Archer News) — May 30, 2019
Cyberattacks threaten smart inverters, but scientists have solutions (Solar Power World) — April 30, 2019
Expert Q&A: Safeguarding the Nation’s Energy Infrastructure — Oct. 26, 2018
Electric grid protection through low-cost sensors, machine learning (GCN) — September 21, 2018
Cyber Defense Tool Is an Early Warning System for Grid Attacks (IEEE Spectrum Energywise Blog) — March 27, 2018
Berkeley Lab Aims to Strengthen the Cybersecurity of the Grid — September 27, 2017
Detecting Cybersecurity Threats by Taking the Grid’s Pulse (IEEE Spectrum Energywise Blog) — Jul. 12, 2016
Ciaran Roberts, Anna Scaglione, Mahdi Jamei, Reinhard Gentz, Sean Peisert, Emma M. Stewart, Chuck McParland, Alex McEachern, and Daniel Arnold, “Learning Behavior of Distribution System Discrete Control Devices for Cyber-Physical Security,” IEEE Transactions on Smart Grid, accepted 31 July, 2019. [DOI]
Mahdi Jamei, Anna Scaglione, Ciaran Roberts, Emma Stewart, Sean Peisert, Chuck McParland, and Alex McEachern, “Anomaly Detection Using μPMU Measurements in Distribution Grids,” IEEE Transactions on Power Systems, October 25, 2017.
Mahdi Jamei, Emma Stewart, Sean Peisert, Anna Scaglione, Chuck McParland, Ciaran Roberts, and Alex McEachern, “Micro Synchrophasor-Based Intrusion Detection in Automated Distribution Systems: Towards Critical Infrastructure Security,” IEEE Internet Computing,” Sept./Oct. 2016. [CDL]
Chuck McParland, Sean Peisert, and Anna Scaglione, “Monitoring Security of Networked Control Systems: It’s the Physics,” IEEE Security and Privacy,12(6), November/December 2014. [BibTeX] [DOI]
A portion of the software developed through this project can be downloaded via Github.
Listings of specific projects in cybersecurity for energy delivery systems are available.
This project aims to develop techniques for enabling data analysis for the purposes of detecting and/or investigating cyberattacks against energy delivery systems while also preserving aspects of key confidentiality elements within the underlying raw data being analyzed. The result will be a complete solution for anonymization of data collected from OT and IT networks pertaining to energy grid cyberattack detection that has been tested for its ability to retain privacy properties and still enable attack detection. It is funded by DOE CESER’s CEDS program and is led by Sean Peisert.
This project is developing the methodology and tools allowing Electric Storage Systems (ESS) to automatically reconfigure themselves to counteract cyberattacks, both directly against the ESS control systems and indirectly through the electric grid. It is funded by DOE CESER’s CEDS program and is led by Daniel Arnold.
The mission of Trusted CI is to improve the cybersecurity of NSF computational science and engineering projects, while allowing those projects to focus on their science endeavors. The PI of this center at Indiana University is Von Welch. LBNL’s role in this center is led by Sean Peisert.
This project is performing R&D to enable distribution grids to adapt to resist a cyber-attack by (1) developing adaptive control algorithms for DER, voltage regulation, and protection systems; (2) analyze new attack scenarios and develop associated defensive strategies. It is funded by DOE CESER’s CEDS program and is co-led by Sean Peisert and Daniel Arnold.
We have defined a Medical Science DMZ as a method that allows data flows at scale while simultaneously addressing the HIPAA Security Rule and related regulations governing biomedical data and appropriately managing risk.
This project will bring together a multi-disciplinary UC-Lab team of cybersecurity and electricity infrastructure experts to investigate, through both cyber and physical modeling and physics-aware cybersecurity analysis, the impact and significance of cyberattacks on electricity distribution infrastructure. It is funded by the UC-Lab Fees Research Program. The overall project is led by Hamed Mohsenian-Rad; the LBNL portion is led by Sean Peisert.
The goal of this project is to create advanced, distributed data analytics capability to provide visibility and controllability to distribution grid operators. It is funded by the DOE Grid Modernization Initiative. The LBNL portion of this effort is led by Sean Peisert.
This project develops techniques for detecting DDoS attacks and disambiguating them from large-scale science flows. It is funded by the DOE iJC3 Cyber R&D program and is led by Sean Peisert.
This project takes a broad look at several aspects of security and scientific integrity issues in HPC systems. It is funded by DOE ASCR and is led by Sean Peisert.
The goal of this project is to develop technologies and methodologies to protect the nation’s power grid from advanced cyber and all-hazard threats. This will be done through the collection of disparate data and the use of advanced analytics to detect threats and response to them. It is funded by DOE OE’s CEDS program via the Grid Modernization Initiative and is co-led by Sean Peisert.
This project uses power data to monitor the use of computing systems, including supercomputers and large computing centers. It is led by Sean Peisert.
This project is designing and developing a key management system to meet the unique requirements of electrical power distribution systems. It is funded by DOE OE’s CEDS program and is led by Sean Peisert.
This project is developing a system-based workflow to securely acquire wireless data from mechanical ventilators in critical care environments, and leverage scalable web-based analytic platforms to advance data analytics and visualization of issues surrounding patients with respiratory failure.
This project focused on mapping and analyzing the qualities of resilient networks by investigating components of redundancy, diversity, quality of service, etc… The project’s goal is to be able to quantify and compare the resilience of networks in a scientifically meaningful way. This project was led at LBNL by Sean Peisert.
This project was funded by NSF’s SaTC program, and was co-led by Sean Peisert. The theme of this effort was to integrate Byzantine fault-tolerance (BFT) into intrusion detection systems (IDS), at both the fundamental and system levels, thereby improving both BFT and IDS. potential to improve BFT.
NetSage is a network measurement, analysis and visualization service funded by the National Science Foundation and is designed to address the needs of today’s international networks. This project is co-led by Sean Peisert at LBNL.
This project is using micro-PMU measurements and SCADA commands to develop a system to detect cyberattacks against the power distribution grid. It is funded by DOE OE’s CEDS program and is led by Sean Peisert.
Using seed funding from the NNSA CIO, this consortium of eight DOE laboratories worked to form an enduring, national computer security research laboratory to address cybersecurity threats. LBNL’s effort was led by Deb Agarwal and Sean Peisert.
This project sought to define and prototype a security layer using a method of intrusion detection based on mobile agents and swarm intelligence. The project was funded by NSF’s CISE Directorate, and was led by Sean Peisert.
The goal of this project was to design and implement a measurement network, which can detect and report the resultant impact of cyber security attacks on the distribution system network. It was funded by DOE OE’s CEDS program and was co-led by Chuck McParland and Sean Peisert.
This project developed mathematical and statistical techniques to analyze the secure access and use of high-performance computer systems. It was funded by DOE ASCR and was originally led by David H. Bailey.
This project looked at defining means for understanding what data can be sanitized, and how. At LBNL, this project was led by Sean Peisert and was funded by the Institute for Information Infrastructure Protection (I3P).
This project is looking at establishing a rigorous, scientific model of forensic logging and analysis that is both efficient and effective at establishing the data that is necessary to record in order to understand past events. This work was led by Sean Peisert.
This project looked at defining, analyzing, and seeking methods of ameliorating the insider threat.