Manufacturing Bits: Dec. 7

Cybersecurity for manufacturing; protecting utilities; GPS.


Cybersecurity for manufacturing
The University of Texas at San Antonio (UTSA) has launched a center to address cybersecurity issues in the U.S. manufacturing sector.

The center, called the Cybersecurity Manufacturing Innovation Institute (CyManII), is a $111 million public-private partnership. As part of the effort, UTSA will enter into a five-year corporative agreement with the U.S. Department of Energy (DOE).

The center will also include a consortium of 59 proposed member institutions, which will develop secure, energy-efficient approaches for U.S.-based manufacturers and supply chains.

U.S. manufacturers are one of the top targets for cybercriminals and nation-state adversaries. The semiconductor industry is one such target. Needless to say, chip vendors require secure networks. Cybersecurity is also important for other industries, such as electric vehicles, grids, solar panels and wind turbines.

In response, CyManII will help manufacturers become more resilient to potential cyberattacks. CyManII will focus on three areas–securing automation; securing the supply chain network; and building a national program for education and workforce development.

One partner, Oak Ridge National Laboratory (ORNL), will provide capabilities to advance CyManII’s goals, including digital manufacturing expertise and infrastructure at the Manufacturing Demonstration Facility at ORNL.

These efforts will result in a suite of methods, standards and tools. “As U.S. manufacturers increasingly deploy automation tools in their daily work, those technologies must be embedded with powerful cybersecurity protections,” said Howard Grimes, CyManII’s chief executive and UTSA’s associate vice president and associate vice provost for institutional initiatives. “UTSA has assembled a team of best-in-class national laboratories, industry, nonprofit and academic organizations to cybersecure the U.S. manufacturing enterprise. Together, we will share the mission to protect the nation’s supply chain, preserve its critical infrastructure and boost its economy.”

“By collaborating with the University of Texas at San Antonio and other CyManII partners, we will develop comprehensive measures that can be adopted across the manufacturing sector and used to train a new national cybersecurity workforce to support a secure, resilient and robust manufacturing ecosystem,” said Thomas Zacharia, director of ORNL.

Protecting utilities
Pacific Northwest National Laboratory (PNNL) has developed new approaches to solve cybersecurity vulnerabilities for utilities and other industries.

Working with utilities and various companies, PNNL has developed two web-based tools to assess and mitigate threats inside and outside the firewall. Both software tools are low cost and designed for control room operators and utility staff who are not cybersecurity experts.

Both technologies were developed at PNNL for the U.S. Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response.

Utilities and others make use of various connected devices, which are used in operational technology settings. They tend to be more vulnerable to cyberattacks than information technology equipment.

To address cyberattacks, PNNL has devised two solutions here. The first solution, called MEEDS, helps utilities identify control system devices connected to the Internet and their known vulnerabilities. MEEDS, or Mitigation of Externally Exposed Energy Delivery Systems, monitors and identifies Internet-connected energy delivery system devices, usually located in the field, that are vulnerable to cyberattack. The MEEDS app from PNNL is available for licensing for use in the utility sector.

MEEDS protects the outward edge of a network. Another new tool from PNNL is designed to protect systems inside the firewall. The Safe, Secure Autonomous Scanning Solutions for Energy Delivery Systems (SSASS-E) address the internal network.

“Current approaches to vulnerability assessment don’t provide continuous scans, so a new approach is needed,” said Thomas Edgar, a PNNL cyber researcher.

“Threat actors can exploit these devices to gain control of critical networks and systems,” said PNNL principal investigator Sri Nikhil Gupta Gourisetti. “MEEDS offers a solution to mitigate externally exposed energy delivery systems without degradation or disruption of services.”

The National Institute of Standards and Technology (NIST) has taken another step towards strengthening the critical infrastructure in the United States.

NIST has drafted guidelines for applying its Cybersecurity Framework to critical technologies such as the Global Positioning System (GPS). GPS technologies makes use of positioning, navigation and timing (PNT) data.

Click here for more information.

Leave a Reply

(Note: This name will be displayed publicly)