Tools & Technologies

Image of Newton's Cradle with lightbulbsCREDC research activities may contribute to tools, technologies, or applications that can have a significant and measurable impact on cybersecurity and cyber resiliency of energy delivery systems. Below is a list of current technology developments at various readiness levels. Click on the technology name to view more information. 

ADNA is an online, context-aware, intelligent tool for anomaly detection, anomalous data analysis, causal reasoning, consequence indication and response suggestion for SCADA networks. It is written mainly in Bro scripts and Python and the structure is shown in Figure 1. We use Smart Grid as our...
In CyPhyR, we analyze the impact of vulnerabilities on the planning and operation phases of a microgrid. Typically, vulnerabilities are defined in the national vulnerability database as a CVE, Common Vulnerabilities and Exposures. Each CVE is assigned a CVSS score, which is a Common Vulnerability...
ExSol is a risk-assessment ecosystem that uses collaborative feedback and fine-grained metrics from diverse parts of an Energy Delivery System (EDS) for the purposes of cyber-security risk quantification and assessment. ExSol, as the name implies, works by comparing Exploitation scores (potential...
Energy Delivery Systems (EDS) are highly time-sensitive, and therefore they require command, control and measurement data to be authenticated in a timely and secure manner. On the other hand, standard authentication tools such as traditional digital signatures have been shown to be slow, and...
The MQTT protocol is being used widely in the smart grid to manage and control devices ranging from generators to sensors. Currently PKI is being used to secure the gateway to cloud communications. The heavyweight nature of PKI and the difficulty of revocation and key management lead to poor...
Legacy code is a major problem for critical infrastructure, as the protocols and encryption techniques used to protect data become more vulnerable as computers become more powerful and attack techniques become more sophisticated. In cases where changing the code directly is no longer feasible (the...
Parsers represent a large potential attack surface in ICS, as incorrect or ill-defined parsers can allow malformed or malicious packets to negatively impact a piece of equipment. To limit this problem, we are constructing an easy-to-use tool for constructing hardened SCADA/ICS protocol parsers....
The security monitoring evaluation tool performs analysis of the security monitoring strategy deployed by a utility and produces an overall evaluation regarding the completeness of the strategy. It requires the user to provide a model of their system – including the devices, software platforms, and...
Much of the Energy Delivery System is exposed. Without protection, the systems that gather information might be given false data, or mislead. The CREDC project Resilient Framework with Authentication, Key Management, and Data Collection for Energy Sensors in Energy Distribution Networks has been...
Attackers can leverage security vulnerabilities in control systems to make physical processes behave unsafely. Currently, the safe behavior of a control system relies on a Trusted Computing Base (TCB) of commodity machines, firewalls, networks, and embedded systems. These large TCBs, often...