Grid securityNew Cyber Technologies Protect Utility Energy Delivery Systems

Published 3 November 2020

Researchers are taking new approaches to solve cybersecurity vulnerabilities for utilities and other industries that use process control technologies. These connected devices are used in operational technology settings and tend to be more vulnerable to cyberattacks than information technology equipment. The software identifies and mitigates vulnerabilities in operational technologies.

Pacific Northwest National Laboratory (PNNL) researchers are taking new approaches to solve cybersecurity vulnerabilities for utilities and other industries that use process control technologies. These connected devices are used in operational technology settings and tend to be more vulnerable to cyberattacks than information technology equipment. Working with utility advisors and companies that specialize in identifying vulnerabilities, PNNL researchers have developed two web-based tools to assess and mitigate threats inside and outside the firewall.

The first solution is an easy-to-use software application that helps utilities quickly identify control system devices connected to the internet and their known vulnerabilities. Another web-based tool offers a nondisruptive and safe way to detect vulnerabilities in energy delivery systems that can arise inside a utility’s firewall.   

Both technologies were developed at PNNL for the U.S. Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response. Both software tools are low cost, can be used together, and are designed for ease of use by control room operators and utility staff who are not cybersecurity experts.

Identifying Vulnerabilities in the Field
Mitigation of Externally Exposed Energy Delivery Systems, or MEEDS for short, monitors and identifies internet-connected energy delivery system devices, usually located in the field, that are vulnerable to cyberattack.

Threat actors can exploit these devices to gain control of critical networks and systems,” said PNNL principle investigator Sri Nikhil Gupta Gourisetti. “MEEDS offers a solution to mitigate externally exposed energy delivery systems without degradation or disruption of services.”

These control system devices include remote terminal units, protective relays, switch gear, and other sensing equipment that collect data and receive commands from grid operators to initiate physical actions and ensure reliable and efficient operation of the power grid. Devices and systems in this operational technology (OT) environment are often internet connected, putting them at greater risk of attack from cybercriminals.   

MEEDS provides an affordable and easy-to-use cyber-risk management system to find exposed and vulnerable networks and devices before attackers do. Designed specifically for critical infrastructures, such as energy utilities and connected facilities or buildings, MEEDS safely queries devices to identify risks. It operates by distilling data from large, online cyber-vulnerability databases to quickly assign a limited potential relative risk severity to those exposed devices.