SBIR-STTR Award

The goal of this study is to attempt to place, where possible, highly efficient encryption and authentication algorithms in legacy devices already installed in the SCADA network. Where this is not possible, low cost inline security units will be proposed. On the larger scale, multi-level secure Internet protocols will be examined as a method to facilitate the sharing of control and status information between authenticated and authorized utilities and security agencies in times of crisis. This multilevel secure Internet protocol could allow a laptop computer with a properly authorized and authenticated operator to log on and view critical status information and begin immediate mitigation in the event of a major network issue even if both the primary and redundant control centers are inaccessible

This effort will seek to provide end-to-end security for America's existing critical infrastructure. Asier has gathered a broad coalition of SCADA industry leaders for this effort. Asier and its partners will demonstrate a low cost encryption / authentication firmware upgrade that can be installed over the air (OTA). At the same time Asier will work with the SCADA industry to develop and demonstrate a variety of other security solutions that can be immediately retrofitted into the existing SCADA network. Particular attention will be paid to addressing the security issues with web-based SCADA management software. Cost control and ease of deployment will be of paramount concern. The presence of so many industry leaders and their generous contributions of hardware and engineering time allow this project to have a scope far larger than its budget would normally allow. Serious reliability and interoperability testing of the demonstrated solutions should be possible during this effort. We will work to ensure that the solutions developed during this effort will be certified for deployment. Some of the companies involved expect to commercialize and deploy solution during the course of this project.