Sandia National Laboratories
Exceptional service in the national interest
Sandia delivers grid security and grid modernization through research, development, and evaluation of solutions to maintain operations in an adversarial, compromised environment.
Electric power systems and power-system operators are more reliant on telemetry, automated controls, and communications than ever before in an effort to improve energy reliability, safety, and cost effectiveness. More specifically, emerging advancements in phasor measurement units (PMUs), smart-grid technologies, cloud computing services, grid cyber vulnerability & assessments, and distributed energy resources (DER) represent significant cybersecurity threats to the continuity of delivered power. To mitigate the additional risk, deploying cybersecurity controls must be commensurate with the deployment of these enabling technologies.
Cybersecurity across the national electric grid is made difficult by a highly constrained solution space. Constraints on addressing grid cybersecurity include:
Control system cybersecurity, including grid control, has operated as a niche for some time. That status is ending, however, as the nation’s grid now operates in a world where grid vulnerabilities can be easily discovered through open Internet research.
Cybersecurity work at Sandia leverages extensive federal investment over many decades and the laboratory’s 60-year history ensuring a safe, reliable nuclear stockpile. Since the dawn of electronic information processing, Sandia has been required to ensure secure operations from the level of individual computing devices to national-scale networks. This mission has evolved into several unique capability areas that now range far beyond weapon assets.
The laboratory’s grid modernization cybersecurity work includes:
Weaselboard is an analytics capability fielded on a federal sponsor’s operational systems. Weaselboard provides independent introspection into control system backplane signals such that system compromise is detectable even if the system’s computing resources are being deceptive.
More than 300 Information Design Assurance Red Team projects have been and are being executed across a wide range of targets, from individual embedded systems to global enterprise systems. Sandia has conducted initial assessments of Advanced Concept Technology Demonstrations for military prototypes and assessments for the Defense Advanced Research Projects Agency. This work has been conducted through many years and across diverse sponsors including the energy, finance, manufacturing, and information technology sectors. Federal sponsors have included the Departments of Energy, Defense, Interior, Homeland Security, and State.
For more than a decade, Sandia’s Emulytics™ program has continued to develop a suite of emulation, modeling, and analysis tools for exercises and training that include forensics, predictive simulation, and real-time dynamic defense. Emulytics provides a safe environment in which a broad array of parameters and technologies can be evaluated with an appropriate level of fidelity, without impacts to critical operations. Sandia researchers combine emulated, simulated, and physical test bed environments as appropriate to achieve the required level of fidelity.
In order to ensure the effectiveness and success of cybersecurity research in an environment where utilities rely on commercial integration of security, Sandia partners with commercial entities and most other Department of Energy national laboratories to both inform and execute research and development. Learn more about partnering with Sandia.