Securing DoD Control Systems and Infrastructure from Cyber Threats

July 20, 2020

Securing DoD Control Systems and Infrastructure from Cyber Threats

This webinar will present results from two ESTCP-funded projects on securing DoD control systems and infrastructure from cyber threats. This includes the development of a new baseline automated security enumeration and configuration tool to rapidly identify vulnerable and misconfigured building automation systems associated with DoD building and energy infrastructure, and the use of low-cost data diodes for facility equipment monitoring to meet the needs of critical infrastructure managers across DoD by quickly enabling secure access to equipment data.


“Securing Military Installation Critical Infrastructure Against Cyber Attacks: The Baseline Automated Security Enumeration and Configuration Tool” by Dr. Jonathan Butts and Mr. Billy Rios, QED Secure Solutions

Groundwater co-contaminated with 1,4-dioxane and TCA and/or TCE is common. A pressing need for DoD is a means to simultaneously remove 1,4-dioxane, TCA, and TCE. As part of this SERDP effort, we proposed and tested a synergistic platform featuring anaerobic TCE/TCA reduction in a H2-based Membrane Palladium-film Reactor (MPfR) followed by 1,4-dioxane biodegradation in an O2-based Membrane Biofilm Reactor (MBfR). As discussed in the presentation, our experimental evaluations of TCE/TCA reduction in the H2-based MPfR documented rapid and selective reductive dechlorinating TCE/TCA to ethane. Likewise, 1,4-dioxane was mineralized in an O2-based MBfR to which we delivered ethane. We then configured the synergistic platform by linking the TCE/TCA-reducing H2-MPfR with a 1,4-dioxane-oxidizing O2-MBfR in sequence. During 130 days of continuous operation, 1,4-dioxane and minor by-products from the H2-MPfR were fully biodegraded through oxidation in the O2-MBfR. Results of the continuous operation period showed that all contaminants could be removed to below their Maximum Contaminant Levels or detection limits. In summary, we demonstrated proof-of-concept for removing TCE, TCA, and 1,4-dioxane without significant accumulation of toxic intermediates in a synergistic platform featuring a H2-based MPfR for Pd-catalyzed TCE/TCA reduction followed by an O2-based MBfR for biological degradation of 1,4-dioxane.

“Physical Cybersecurity: Low-Cost Data Diodes for DoD Facility Equipment Monitoring” by Mr. Colin Dunn

Managers of critical infrastructure benefit from the situational awareness provided by remote monitoring. This information leads to improved equipment performance and reduced unplanned downtime. However, recent attacks on U.S. and international power grids and building systems highlight the need for improved security on the industrial internet of things. Relatively few manufacturers provide the majority of control systems, exacerbating the impact of distributed cyberattacks. Legacy systems often run outdated, unsupported operating systems and will never receive security patches. Firewalls and software-based security are vulnerable to compromise by hackers.

Data diodes are security appliances that enable a physically-enforced, one-way information stream about the state of this equipment. These devices physically isolating the equipment from lower-security networks. Data diodes are used today to protect the most critical of assets but at an expense often exceeding $100,000 per connection.

Fend’s hardware is a low-cost device that provides the one-way data transfers of data diodes while removing the need for extensive on-site configuration. On-board processors enable Fend’s hardware to communicate with protected equipment and transmit this information to an on-site network or cloud service. Fend’s diode would serve the unmet needs of critical infrastructure managers across DoD by quickly enabling secure access to equipment data. This presentation will present the results of an ESTCP-funded project designed to demonstrate the hardware’s interoperability with various equipment types, ease of installation and cost performance.