CYVET

Sat, 01 Jan 2022 00:00:00 +0000

Our new Cyber-Physical Security Assurance Framework based on Semi-Supervised Vetting applies the latest AI/ML and NLP technologies on hardware testbeds to advance the resilience of critical cyber-physical assets including electric grids and gas pipelines.

CYVET Pipeline

Overview

Organization

Sponsor: US Department of Energy (DOE)
- Office: Cybersecurity, Energy Security, and Emergency Response (CESER)
- Program: Cybersecurity for Energy Delivery Systems (CEDS)
- Award: CESER
Prime: Oak Ridge National Laboratory (ORNL)
- Subcontract: University of Nebraska-Lincoln (UNL)
Period: 2019-2023

Gallery

OSTI.gov: https://www.osti.gov/servlets/purl/1661247

CyBERT: Cybersecurity Claim Classification by Fine-Tuning the BERT Language Model

We introduce CyBERT, a cybersecurity feature claims classifier based on bidirectional encoder representations from transformers and a key component in our semi-automated cybersecurity vetting for industrial control systems (ICS)…The results showed that CyBERT outperforms these models on the validation accuracy and the F1 score, validating CyBERT’s robustness and accuracy as a cybersecurity feature claims classifier.

Kimia Ameri, Michael Hempel, Hamid Sharif, Juan Lopez, Kalyan Perumalla

PDF Cite DOI

Trust-but-Verify in Cyber-Physical Systems

Cyber-physical systems span a wide spectrum, from long-lived legacy systems to more modern installations. Trust is an issue that arises across the spectrum, albeit with different variants of goals and constraints. On the one end of the spectrum, legacy systems are characterized by function-based designs in which trust is an implicitly in-built concept…

Kalyan Perumalla

PDF Cite Slides DOI

Smart Semi-Supervised Accumulation of Large Repositories for Industrial Control Systems Device Information

A solution is needed for vetting the vendor-supplied feature claims and their adherence to cybersecurity requirements and standards. We are presently engaged in an effort to develop such a system. This paper demonstrates one vital aspect of this effort in proposing an end-to-end framework to accumulate a large repository of ICS device information for this vetting system, curate the dataset, and conduct extensive processing. This framework is designed to use web scraping, data analytics and Natural Language Processing (NLP) techniques to identify vendor websites, automate the collection of website-accessible documents and automatically derive metadata from them for identification of product documents relevant to the repository…

Kimia Ameri, Michael Hempel, Hamid Sharif, Juan Lopez, Kalyan Perumalla

PDF

A Novel Vetting Approach to Cybersecurity Verification in Energy Grid Systems

The cybersecurity auditing for Operation Technology is critical and has been largely missing from the cybersecurity research, especially in the energy sector. In this paper, we present a novel “cybersecurity vetting” approach (CYVET) to the problem of verification and validation of cybersecurity in complex cyber-physical installations underlying modern energy grid systems.

Kalyan Perumalla, Juan Lopez, Maksudul Alam, Olivera Kotevska, Michael Hempel, Hamid Sharif

PDF DOI

Additional Background

The cybersecurity auditing for Operation Technology (OT) is critical and has been largely missing from the cybersecurity research, especially in the energy sector. CYVET is a novel “cybersecurity vetting” approach (CYVET) to the problem of verification and validation of cybersecurity in complex cyber-physical installations underlying modern energy grid systems.

In Information Technology (IT), cybersecurity auditing is a widespread practice to ensure privacy, security, and trust. However, for the field of Operation Technology (OT) as used in electric energy systems, this is a relatively novel concept. In fact, OT itself only recently began to embrace IT principles, with the push for automation and centralized control driving this development. OT operators are simply not yet used to the idea of cybersecurity. To ameliorate the gap, product vendors for field devices are advancing the field by incorporating more and more security features into their products. However, customers are often either unaware of them, or do not use them, or cannot use them because of unsatisfied device ecosystem dependencies. There is thus a disconnect between what is offered, what is possible post-deployment, and what the customer expects.

There is a vast lack of cybersecurity oversight and insight, from a certification and a customer perspective alike, for OT systems in the energy sector. With new features constantly being added to new and existing products, customers are predominantly unaware what their purchased solutions are capable of, or not capable of. They often do not know if their current systems meet their own cybersecurity requirements as well as industry standards. Many of these facets not only indirectly depend on device capabilities, but also on device deployment decisions – Does a newly added feature work in an existing context? Can it be used as envisioned? Does it interfere with other cybersecurity requirements? Does it produce side effects that may interfere with other requirements?

Hence, what is needed is a security vetting system designed to provide insight into deployed systems, the match of capabilities to requirements, adherence to certification requirements, and so forth. There are few systems currently available that provide these energy grid security capabilities. OT systems are increasingly cyber-enabled, increasingly complex, and increasingly interdependent. This rapidly accelerating trend poses a clear risk for asset owners to lose confidence and for cybersecurity risk to go undiscovered until exploited by malicious parties.

A Testbed for Evaluating Performance and Cybersecurity Implications of IEC-61850 GOOSE Hardware Implementations

Sun, 08 Jan 2023 00:00:00 +0000

Survey of Cybersecurity Governance, Threats, and Countermeasures for the Power Grid

Thu, 20 Oct 2022 00:00:00 +0000

Design of a Novel Information System for Semi-Automated Management of Cybersecurity in Industrial Control Systems

Wed, 22 Jun 2022 00:00:00 +0000

Article is available as Open Access

An Accuracy-Maximization Approach for Claims Classifiers in Document Content Analytics for Cybersecurity

Wed, 15 Jun 2022 00:00:00 +0000

Open Access: https://www.mdpi.com/2624-800X/1/4/31.

CyBERT: Cybersecurity Claim Classification by Fine-Tuning the BERT Language Model

Thu, 04 Nov 2021 00:00:00 +0000

Open Access: https://www.mdpi.com/2624-800X/1/4/31.
This article belongs to the Special Issue Machine Learning and Data Analytics for Cyber Security.

Trust-but-Verify in Cyber-Physical Systems

Wed, 28 Apr 2021 00:00:00 +0000

https://dl.acm.org/doi/abs/10.1145/3445969.3450434

Smart Semi-Supervised Accumulation of Large Repositories for Industrial Control Systems Device Information

Mon, 01 Feb 2021 00:00:00 +0000

A Novel Vetting Approach to Cybersecurity Verification in Energy Grid Systems

Mon, 13 Jul 2020 00:00:00 +0000

https://www.osti.gov/servlets/purl/1661247

https://ieeexplore.ieee.org/abstract/document/9167562

CYVET | Kalyan Perumalla

CYVET

Overview

Organization

Gallery

Additional Background

A Flexible OT Testbed for Evaluating On-Device Implementations of IEC-61850 GOOSE

A Testbed for Evaluating Performance and Cybersecurity Implications of IEC-61850 GOOSE Hardware Implementations

Survey of Cybersecurity Governance, Threats, and Countermeasures for the Power Grid

Design of a Novel Information System for Semi-Automated Management of Cybersecurity in Industrial Control Systems

An Accuracy-Maximization Approach for Claims Classifiers in Document Content Analytics for Cybersecurity

CyBERT: Cybersecurity Claim Classification by Fine-Tuning the BERT Language Model

Trust-but-Verify in Cyber-Physical Systems

Smart Semi-Supervised Accumulation of Large Repositories for Industrial Control Systems Device Information

A Novel Vetting Approach to Cybersecurity Verification in Energy Grid Systems

CYVET | Kalyan Perumalla

CYVET

Overview

Organization

Gallery

Related Publications

Additional Background

A Flexible OT Testbed for Evaluating On-Device Implementations of IEC-61850 GOOSE

A Testbed for Evaluating Performance and Cybersecurity Implications of IEC-61850 GOOSE Hardware Implementations

Survey of Cybersecurity Governance, Threats, and Countermeasures for the Power Grid

Design of a Novel Information System for Semi-Automated Management of Cybersecurity in Industrial Control Systems

An Accuracy-Maximization Approach for Claims Classifiers in Document Content Analytics for Cybersecurity

CyBERT: Cybersecurity Claim Classification by Fine-Tuning the BERT Language Model

Trust-but-Verify in Cyber-Physical Systems

Smart Semi-Supervised Accumulation of Large Repositories for Industrial Control Systems Device Information

A Novel Vetting Approach to Cybersecurity Verification in Energy Grid Systems