Cybersecurity R&D for Science and Energy at the Berkeley Lab

Berkeley Lab Computing Sciences Research is an active participant numerous projects areas of computer security. Its mission-driven emphasis has historically focused on security for science, including high-performance computing and high-throughput networking environments, and security of cyber-physical systems, notably in the power grid.  These projects include collaborations with numerous other academic, National Lab, and industry partners. R&D sponsors have included the Department of Energy (DOE) ASCR and CEDS R&D programs, the National Nuclear Security Administration (NNSA), the National Science Foundation (NSF) SaTC program and OAC office, the U.S. Department of Homeland Security’s Science and Technology Directorate, and the National Security Agency, among others. 

LBNL has had a leadership role in security in scientific computing environments for many years, including the development of the Zeek (Bro) Network Security Monitor, as well as leading several DOE-sponsored activities related to defining a cybersecurity research program within the DOE.  More recently, LBNL led the coordination of the “Cyber R&D” Enterprise Cyber Capability (ECC) of the DOE-wide Integrated Joint Cybersecurity Coordination Center (iJC3) — a sponsored R&D program involving ten DOE National Laboratories as performers. LBNL is a co-lead of Trusted CI, the NSF Cybersecurity Center of Excellence.

Recent highlights of LBNL Computing Sciences’ cybersecurity R&D activities include:

Recent News

Better Scientific Software (BSSw) Helps Promote Trusted CI Guide to Securing Scientific Software - May 13, 2022.

Announcing the 2022 Trusted CI Annual Challenge on Scientific OT/CPS Security - Jan. 5, 2022

Publication of the Trusted CI Guide to Securing Scientific Software — Dec. 14, 2021

Findings Report of the 2021 Trusted CI Annual Challenge on Software Assurance Published — Sept. 29, 2021

Trusted CI new co-PIs: Peisert and Shute — Aug. 3, 2021

CIGAR ‘Smokes Out’ Attacks on Solar Electrical Power Equipment — Jun. 7, 2021

More News

Featured Projects

Data Enclaves for Scientific Computing
This project will develop secure computation architectures to ensure trustworthiness of scientific data while addressing the gaps left by existing solutions for scientific workflows to address the specific power, performance, and usability, and needs from the edge to the HPC center. It is led by Sean Peisert, Venkatesh Akella, and Jason Lowe-Power.
Provable Anonymization of Grid Data for Cyberattack Detection
This project aims to develop techniques for enabling data analysis for the purposes of detecting and/or investigating cyberattacks against energy delivery systems while also preserving aspects of key confidentiality elements within the underlying raw data being analyzed. The result will be a complete solution for anonymization of data collected from OT and IT networks pertaining to energy grid cyberattack detection that has been tested for its ability to retain privacy properties and still enable attack detection. It is funded by DOE CESER’s CEDS program and is led by Sean Peisert.
Supervisory Parameter Adjustment for Distribution Energy Storage (SPADES)
This project is developing the methodology and tools allowing Electric Storage Systems (ESS) to automatically reconfigure themselves to counteract cyberattacks, both directly against the ESS control systems and indirectly through the electric grid. It is funded by DOE CESER’s CEDS program and is led by Daniel Arnold.
Trusted CI — the National Science Foundation Cybersecurity of Excellence
The mission of Trusted CI is to improve the cybersecurity of NSF computational science and engineering projects, while allowing those projects to focus on their science endeavors. The PI of this center at Indiana University is Von Welch. LBNL’s role in this center is led by Sean Peisert.
Cybersecurity via Inverter-Grid Automatic Reconfiguration (CIGAR)
This project performed R&D to enable distribution grids to adapt to resist a cyber-attack by (1) developing adaptive control algorithms for DER, voltage regulation, and protection systems; (2) analyze new attack scenarios and develop associated defensive strategies. It was funded by DOE’s CEDS program and was co-led by Sean Peisert and Daniel Arnold.
Medical Science DMZ
We have defined a Medical Science DMZ as a method that allows data flows at scale while simultaneously addressing the HIPAA Security Rule and related regulations governing biomedical data and appropriately managing risk.
Cyber Security of Power Distribution Systems by Detecting Differences Between Real-time Micro-Synchrophasor Measurements and Cyber-Reported SCADA
This project used micro-PMU measurements and SCADA commands to develop a system to detect cyberattacks against the power distribution grid. It was funded by DOE OE’s CEDS program and was led by Sean Peisert.

Popular Topics

confidential computing cyber-physical systems data privacy differential privacy edge fault tolerance forensics formal methods HPC insider threat machine learning medical network power grid scientific computing secure systems software assurance synthetic biology transportation

Contact

Sean Peisert