Increasing Security in a Resilient Energy Delivery Infrastructure through the Analysis of Vulnerability and Exploit Markets

s
Activity Leads: 
Industry Collaborators: 
  • ExxonMobil
  • Engie
  • Schneider Electric
  • Facebook
  • HackerOne
  • Minerva Initiative (ONR)
Summary Statement: 

NOTE: this is no longer an active CREDC research activity. 

The goal of this research is to develop modeling and data analytics solutions for reducing the number of offensive vulnerabilities and limiting the exploits that affect Energy Delivery Systems (EDS). This research is examining the offensive and defensive markets and the players in these markets. Mapping key players and the structure of their interactions will aid in the development of policies for firms, states, and standards organizations.

Understanding the benefits and limitations of both individual and collaborative vulnerability discovery programs will be essential to the successful reduction of vulnerabilities and exploit capabilities in EDS. We have included in our research the examination of information-sharing efforts with respect to vulnerabilities. We have also developed a gaming environment from which executives can learn more about resource allocation and a systems view of cybersecurity. Working with energy partners, we will analyze data and systems to reduce risks to EDS. The early models and analytics will be further validated and verified through back testing and additional expert input. We plan to transition the tools and techniques to energy partners.

Status of Activity: 
Inactive