Control Systems Cybersecurity
A multi-sector, interdisciplinary approach to securing digital systems and critical functions.
INL’s cyber and controls expertise guided by intel-informed threat analysis provides unique products and capabilities. U.S. critical infrastructure that provides electrical power, clean water and other vital services to ensure our national security, lifeline services and economic prosperity are vulnerable to cyberattacks. All critical infrastructure relies on industrial control systems to serve as the command center for these vital assets.
To achieve mission success, INL combines seasoned control systems cybersecurity analysts, experienced power engineers, cyber researchers, and control systems experts to perform cutting-edge analysis, research and development. This supports national security initiatives that strengthen the security and resilience of critical infrastructure against cyberattacks.
Capabilities
- OpDefender – INL-developed a hardware and software device that filters out dangerous control systems commands, preventing hackers from taking over industrial facilities.
Cybersecurity researchers perform vulnerability assessments that illuminate and alert both the manufacturers and end users to equipment weaknesses, need for added protections, mitigation research or patch development.
Analysts combine traditional all-source threat analysis with the technical acumen of understanding engineering and systems documentation, OT networks, programming languages, and foreign language skills to produce technically sound analytic products.
A framework and tools for a change in philosophy and engineering practices for system design to secure existing infrastructure and build novel technology to withstand the modern and future cyber-adversary.
- CIE Resource Library and Implementation Guide
- Workshops and Webinar Series
- Tools and resources
This multi-phase methodology is based on INL’s Critical Function Assurance (CFA) approach to identify, prioritize and mitigate the risk inherent in delivering critical functions that depend on digital technology.
- CCE Accelerate Training Workshops
- Licensed Partners
The Controls Resource Laboratory is an environment for government and private industry partners to experience the possible effects of kinetic cyber-physical attacks. CRL allows users to perform security research on industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems.
Idaho National Laboratory has invested in the Cybercore Integration Center to advance the cybersecurity of vital cyber-physical systems through leadership, federal partnerships, and research and development. The center focuses on:
- Securing the systems that control our current critical infrastructures and military platforms.
- Designing the next generation of infrastructure through Cyber-Informed Engineering (CIE) principles.
- Accelerating the development of the control systems cybersecurity workforce of the future.
The Cybercore Integration Center is housed in an 80,000-square-foot, state-of-the-art facility equipped with secure office space and configurable laboratories. It also offers access to INL’s 890 square mile desert Site for utility-scale research, development, testing and training opportunities.
Related Energy Programs and Resources
Cyber Testing Resilience for Industrial Control Systems
(CyTRICS)
Cybersecurity Operational Technology Environment (CyOTE)
Liberty Eclipse
OT Defender Fellowship
CyberStrike Training
Software Bill of Materials
Supply Chain Cybersecurity Principles
Cyber SHIELD
Cybersecurity Training and Workforce Development
INL provides innovative training and development opportunities to meet emerging threats and workforce demands aimed at securing industrial control systems (ICS) across sectors.
ICS Cybersecurity Training
A collaboration with Cybersecurity Infrastructure Security Agency
Cybersecurity
Internships
Full-time paid internships offered.
U.S. Air Force Fellowship
Two distinguished USAF members selected annually.
STEM Cyber Summer Camps
Offered annually in eastern Idaho.
Additional Cybersecurity Tools
- Control Resource Laboratory – allows users to perform security research on industrial control systems (ICS) and supervisory control and data acquisition (SCADA).
- Cyber-CHAMP – a cyber workforce development evaluation process and assessment framework.
- Cyber Security Evaluation Tool (CSET) – A desktop or web-based tool for asset owners to evaluate control system and IT security practices against industry standards.
- Malcolm Tool Suite – a powerful open-source network traffic analysis tool.
- All Hazards Analysis Tool (AHA) – a data modeling resource for interconnectedness and interdependencies.
- CIRRUS – A Cloud Assessment Software – allows small business and utilities of all sizes to quickly assess their cyber hygiene.