Consortium launches SCADA research project

April 14, 2005


 consortium of cybersecurity institutions has launched an $8.5 million research initiative to help secure supervisory control and data acquisition (SCADA) systems used in critical infrastructure sectors. The Institute for Information Infrastructure Protection (I3P), a national consortium of 24 universities, federally-funded labs and non-profit organizations, said the project funding will support basic research and product-driven technology to better understand and mitigate SCADA vulnerabilties.

SCADA systems are used to manage and control electric power generation plants, water systems, oil and gas pipelines, and other critical infrastructure systems. The I3P research team will help identify SCADA vulnerabilities, develop metrics and models for assessment and management of SCADA security, and create new SCADA systems with built-in security.

Managed by Dartmouth College, I3P was founded in 2001 to help protect the U.S. information infrastructure. It is funded by the Department of Homeland Security and the National Institute of Standards and Technology.

"SCADA vulnerabilities remain in deployed systems because of insecure network design and weaknesses in the host systems," Ron Trellue, research team leader and deputy director of the Information Systems Engineering Center at Sandia National Laboratory, said in a statement.

"Research will focus on addressing this problem by developing tools to make current SCADA system configurations more secure, while in tandem performing basic research to develop inherently secure designs for the SCADA systems of the future," he said.

The SCADA research team includes security specialists from the University of Illinois Urbana-Champaign, MIT Lincoln Laboratory, the MITRE Corporation, New York University, Pacific Northwest National Laboratory, SRI International, the University of Tulsa, the University of Virginia, and Dartmouth.