An Automated, Disruption Tolerant Key Management System for the Power Grid

Current key management architectures are not designed for machine-to-machine communication, are designed around an “always online” mentality, and are often burdensome to manage (key distribution, revocation lists, governance, etc.). This project is designing and developing a key management system to meet the unique requirements of electrical distribution systems (EDSs). Namely it is disruption tolerant, scales well, is centrally managed, has policy enforcement and auditing, automates key management services for devices, etc…

This project is supported by the U.S. Department of Energy’s Cybersecurity for Energy Delivery Systems (CEDS) program.

Principal Investigators:

Thomas Edgar (PI; PNNL)
Sean Peisert (Co-PI; Lead at LBNL)

Senior Personnel at LBNL

Joshua Boverhof (LBNL)
Reinhard Gentz (LBNL)

Project Alumni:

Chuck McParland (LBNL → RTISYS / LBNL Affiliate)

Partners:

Corelight (née Broala)

Publications resulting from this project:

Thomas W. Edgar, Aditya Ashok, Garret E. Seppala, K.M. Arthur-Durrett, M. Engels, Reinhard Gentz, and Sean Peisert, “An Automated Disruption-Tolerant Key Management Framework for Critical Systems,” Journal of Information Warfare, accepted 8 October, 2019.

Software resulting from this project:

LBNL Disruption Tolerant Key Management Monitoring for Stream-Processing Architecture for Real-time Cyber-physical Security (DTKM-SPARCS)

More information is available on other Berkeley Lab R&D projects focusing on cybersecurity in general, as well as specifically on cybersecurity for energy delivery systems.