(14e) Keynote: Cybersecurity for Critical Infrastructure Systems

Industrial control systems (ICS) are used throughout the chemical sector for activities such as auditing, quality control, chemical mixing and process control systems, and safety systems. Cyber-attacks on ICS at chemical manufacturing plants could cause not only a disruption to chemical supply, but equipment damage, environmental effects, and health and safety impacts. Cyber-attack consequences can include improper mixing, over-pressurization, overheating, or lack of monitoring on the system. Manual overrides can ensure system safety, but an override of control could lead to a plant operating in unsafe conditions. The solution for many cyber-attack vectors is system shutdown, which can cause missed production quotas and economic loss to operators.

Our cyber defense strategy heavily depends on the level of sophistication of the adversaries we are defending against. As part of a national laboratory, the Cyber and Infrastructure Resilience program at LLNL is focused on defending our nation’s critical infrastructure against highly sophisticated nation state adversaries. This particular threat requires a layered defense approach, where each layer increases the difficulty for the attacker by impeding their ability to execute the attack successfully. Our research focus can be mapped to the NIST Cybersecurity framework. As part of this talk, we will present representative capabilities and research efforts focused on each step of the framework specifically designed for industrial control system cybersecurity including: mapping and modeling our Operational Technology (OT) networks, understanding communication pathways and potential attack vectors and entry points for an attacker, analyzing system level impacts of cyber attacks on ICS, advanced detection of vulnerabilities in the supply chain, real-time anomaly detection of cyber attacks, and enhancing the resilience of our systems allowing for operation through compromise. These capabilities are broadly applicable across infrastructure sectors and their deployment can significantly enhance the cybersecurity of the chemical sector against sophisticated cyber attacks.