You are here

Home » Cybersecurity for Energy Delivery Systems (CEDS) Fact Sheets

Cybersecurity for Energy Delivery Systems (CEDS) Fact Sheets

A key mission of the Department of Energy's (DOE) Office of Electricity Delivery and Energy Reliability (OE) is to enhance the reliability and resilience of the nation's energy infrastructure. Cybersecurity of energy delivery systems is critical for protecting the energy infrastructure and the integral function that it serves in our lives. OE’s Cybersecurity for Energy Delivery Systems (CEDS) program helps the energy sector by developing cybersecurity solutions for energy delivery systems through integrated planning and a focused research and development effort. Below are short descriptions of some of the CEDS projects, followed by fact sheets which can be downloaded.  

  • ADDSec: The Artificial Diversity and Defense Security (ADDSec) project will develop solutions to introduce unpredictability and enhance situational awareness to energy delivery control systems, protecting them against cyber attack. The project will leverage software defined networking (SDN) to introduce randomness to control system networks and extend solutions from the local network area to the WAN.
  • Alliance: The Alliance project is developing a proximity card reader and controller that allows physical and cybersecurity access to be monitored, tracked, and controlled using a single system. The reader and controller consist of four easy-to-deploy components: an access terminal, an access control processor, enhanced firmware for the SEL-3620 and SEL-3622 security gateways, and a card enrollment solution.
  • ARMORE: The Applied Resiliency for More Trustworthy Grid Operation (ARMORE) project will provide reliable, secure communications, augmented defense-in-depth security, and an analysis framework to enable faster and more secure ways to transfer substation data from both legacy and modern devices. Similar to data encapsulation methods, placing ARMORE in line with the devices to be protected allows it to transparently provide enhanced security with the ability to report violations of stated policy.
  • CAPMS: Security policies must be implemented as a part of grid control systems as well as the servers and networks that are part of traditional information technology (IT) security management. The Cyber-Intrusion Auto-Response Policy and Management System (CAPMS) project is unifying both worlds and applying advanced cybersecurity incident behavioral models to analyze, predict, offer advice and, where appropriate, act autonomously to sustain energy delivery systems during a cybersecurity incident.
  • CODEF: The Collaborative Defense of Transmission and Distribution Protection and Control Devices against Cyber Attacks (CODEF) project is developing a distributed security domain layer that enables transmission and distribution grid protection and control devices to collaboratively defend against cyber attacks.
  • Cybersecurity Intrusion Detection and Security Monitoring: This project conducts research to accelerate development of a utility monitoring system to detect anomalous behavior, improve situation awareness, and provide visibility into wireless advanced metering infrastructure and distribution automation field area networks.
  • CYMSA: The Cyber-Physical Modeling and Simulation for Situational Awareness (CYMSA) project is developing a cybersecurity situational awareness technology suite to detect adversarial manipulation of power grid components and communications networks. The project involves novel cyber-physical modeling and simulation research on communications networks and substations.
  • Essence: The Energy Sector Security Appliances in a System for Intelligent Learning Network Configuration Management and Monitoring (Essence) project is developing tools that facilitate more secure operational network management. Software defined networking will provide a solution to assist small electric cooperatives with mapping their networks, analyzing traffic, and learning expected traffic flow to better inform human operators.
  • Patch and Update Management Program for Energy Delivery Systems: This project will research, develop, and demonstrate technology and techniques to identify, verify the integrity of, and facilitate deployment of patches and updates for energy delivery system software, hardware, and firmware. The project comprises several elements that can each stand alone to improve security posture and, when integrated, can provide a comprehensive solution to meet energy sector patch and update needs.
  • Secure Policy-Based Configuration Framework: The Secure Policy-Based Configuration Framework (PBCONF) project is developing an extensible, open-source, policy-based configuration framework to support the secure configuration and remote access of modern and legacy devices from a variety of vendors.
  • Secure Software Defined Radio Project: The Secure Software-Defined Radio Project (SEL-3070) is developing a flexible platform for secure wireless communications to utility distribution automation devices, providing capabilities not offered in cellular, narrow-band licensed, or other unlicensed-band radios.
  • Software Defined Networking: The Software Defined Networking project is developing an energy sector flow controller to be used with the SEL-2740S substation hardened switch, developed through the Watchdog Project. The SDN project is using the open-source OpenDayLight project as the core flow controller, which will be interoperable with OPENFLOW™ protocol-enabled network appliances.
ANL Self-Healing Fact Sheet September 2016.pdf (586.25 KB)
PNNL EDS Forensics Fact Sheet September 2016.pdf (277.67 KB)
SNL ADD Sec Fact Sheet September 2016.pdf (379.19 KB)
ADDSec fact sheet May 2016.pdf (379.2 KB)
Alliance Project fact sheet May 2015.pdf (289.85 KB)
ARMORE fact sheet September 2014.pdf (394.57 KB)
CAPMS fact sheet May 2015.pdf (309.83 KB)
CODEF fact sheet June 2015.pdf (276.06 KB)
Cybersecurity Intrusion Detection Security Monitoring fact sheet September 2014.pdf (515.93 KB)
CYMSA fact sheet September 2014.pdf (296.31 KB)
Essence fact sheet November 2014.pdf (350.87 KB)
Patch and Update Mgmt Program for Energy Delivery Systems June 2015.pdf (341.69 KB)
Secure Policy Based Configuration Framework fact sheet September 2014.pdf (551.33 KB)
Secure Software Defined Radio Project fact sheet January 2015.pdf (386.96 KB)
Software Defined Networking fact sheet May 2015.pdf (300.1 KB)