System Helps Keep Oil, Gas Control Systems Safe
January 1, 2007
A project created to help secure U.S. oil and gas control systems, and help minimize the chance that a cyber attack could severely cripple America’s oil and gas infrastructure, has proven successful during early testing.
For the past 12 months, Sandia National Laboratories, Albuquerque, N.M., has served as the lead national laboratory in Project LOGIIC (Linking the Oil and Gas Industry to Improve Cyber Security). The project was undertaken because cyber attacks -- such as by viruses, worms or other forms of cyber-terrorism -- on process control networks and related systems could destabilize energy industry supply capabilities and negatively impact the national economy.
Funded by the Department of Homeland Security’s Science and Technology Directorate, LOGIIC brought together 14 public and private organizations, including suppliers of industrial process control systems, to identify ways to reduce cyber vulnerabilities in process control and SCADA systems. The goal of the project was to identify new types of security sensors for process control networks.
Sandia worked with project partners to create a simulation test bed and apply this environment to counter potential threats to the oil and gas industry using hypothetical attack scenarios. Sandia researchers created two real-time models of control systems used for refinery and pipeline operations.
To test the system’s monitoring capabilities, Sandia researchers developed five vulnerability scenarios based on cyber compromises commonly used in the hacker community. Two scenarios were extensively tested to illustrate the effectiveness of the monitoring solution. Ray Parks, who led the development of the scenarios, used his background as a member of Sandia’s cyber red team, which has performed numerous vulnerability assessments of oil and gas and other critical infrastructure facilities. A field test is expected.