PrintPrint

Awards

Topic Information Award/Contract Number Proposal Information Company Performance
Period
Award/Contract
Value
Abstract

H-SB04.1-008
Advanced Secure Supervisory Control and Data Acquisition (SCADA) and Related Distributed Control Systems

NBCHC040109 04110674
(FY04.1 Phase I)
Affordable, Covert Power Grid Monitoring System

FieldMetrics
14813 Seminole Trail
Seminole, FL 33776-1081

04/01/2004
to
10/15/2004
$100,000.00

An advanced monitoring system is proposed to improve the security and reliability for the electric utility power grid. Next generation sensor platforms deployed across distribution and transmission systems will communicate in real-time with a central monitoring hub via a secure wireless network. The advanced monitoring system will provide a backup for existing SCADA systems and sensors in the event of equipment failure or terrorist attack on the power grid infrastructure and improve the ability of utility operators to respond to such events.

H-SB04.1-008
Advanced Secure Supervisory Control and Data Acquisition (SCADA) and Related Distributed Control Systems

NBCHC040078 04110880
(FY04.1 Phase I)
Intrusion Detection and Security Monitoring of SCADA Networks

Digital Bond, Inc.
1580 Sawgrass Corp. Pkwy, Suite 130
Sunrise, FL 33323-2859

04/01/2004
to
10/15/2004
$100,000.00

Legacy SCADA systems, and the systems being sold today, lack the security required to prevent attacks. Intrusion detection systems (IDS) and security monitoring tools can work as compensating controls by identifying and stopping attacks. Unfortunately, existing security systems do not identify SCADA specific attacks. Our proposal will add SCADA specific knowledge to IDS and security monitoring tools. Specifically, we will: (1) create an open source SCADA signature set for the SNORT IDS that will include specific signature examples, a context, and a tool for SCADA vendors and users to add system specific signatures. (2) identify and extract security specific log entries in SCADA application logs for use in a security monitoring tool. Examples include failed logins, display changes, and escalation of privileges. (3) Correlate the SCADA application log events and the SCADA IDS data to appropriately set the alert level. The technical approach will focus on identifying attacks to the field device, RTU/PLC, to SCADA server communication. With TCP/IP based field devices spread over a wide geographic area, and the lack of a security standard for this protocol, this communication is perhaps the largest cyber security risk. Our proposal is an immediate compensating control for this risk.

H-SB04.1-008
Advanced Secure Supervisory Control and Data Acquisition (SCADA) and Related Distributed Control Systems

NBCHC040098 04111098
(FY04.1 Phase I)
Protection of SCADA Systems Using Physics-Based Authentication and Location Awareness Technologies

Digital Authentication Technologies, Inc.
P.O. Box 811564
Boca Raton, FL 33481-1564

04/01/2004
to
10/15/2004
$99,180.91

The integrated system proposed here by the DAT team includes the addition of access control points governed by DAT's strong authentication system. Such access control points involve minimum cost of deployment and should allow direct integration into existing legacy SCADA systems. The DAT system fuses 7 different credentials into an incalculable and continually dynamic authentication system. Although the specific operation of the system in the SCADA environment will developed in the course of the proposed SBIR, a preview of the specific credentials that must all be co-resident before access is authenticated (described below in further detail) include: 1. User specific information, such as biometrics. 2. The processor ID number on the user's authorized computer. 3. The volume ID number on the user's authorized ID number. 4. The DAT electronics ID number. 5. The LSDFTM historical table of physics based secrets (captured in the past by the user each time he logged in.) 6. The user's location, based on the use of the location awareness component of the DAT system to determine whether or not the user resides at a pre-approved location. 7. The correct sliding port target for access.

H-SB04.1-008
Advanced Secure Supervisory Control and Data Acquisition (SCADA) and Related Distributed Control Systems

NBCHC050043 0412006
(FY04.1 Phase II)
Protection of SCADA Systems Using Physics Based Authencitation and Location Awareness

Digital Authentication Technologies, Inc.
P.O. Box 811564
Boca Raton, FL 33481-1564

02/21/2005
to
02/20/2007
$729,944.11

Digital Authentication Technologies, Inc. ("DAT") proposes to begin design, build, debug and testing of its innovative physics-based authentication system that has been developed in its HSARPA SBIR Phase I contract. As the Phase I work describes, the DAT system introduces physics-based strong authentication and location awareness to defeat hacker tools and add additional layers of protection to currently exposed critical infrastructure SCADA systems such as those employed in the electric power grid, oil and gas pipelines, railroad switching systems, and water and sewage control. The result of this Phase II effort will be the availability of a commercial product consisting of software and associated hardware modules that provide physics-based authentication and protection of SCADA systems.