Testing, Testing

Under the auspices of the Department of Energy's Office of Energy Assurance, national laboratories study control system vulnerabilities

August 01, 2004 — CSO — Tucked away in southeastern Idaho lies the Idaho National Engineering and Environmental Laboratory (INEEL), an 890-square-mile site that has operated for more than five decades. The site's infrastructure (which includes nuclear reactors, chemical processing facilities, a 50-megawatt power grid and other key critical infrastructure elements) allows for the testing ofamong other thingsSCADA systems and security technologies in a real, integrated environment.

INEEL, in partnership with Sandia National Laboratories, is currently developing a national SCADA testbed. The plan, says Ken Watts, director of infrastructure and defense systems, is that vendors will agree to have their SCADA and process control systems tested for vulnerabilities. After that, it will be the vendor's responsibility to bring that knowledge back to the industry. (The eight-year, $114 million program has hit some bumps recently due to funding constraints.)

Sandia, which began its SCADA research program in 1998, has also developed two educational courses around the design of secure SCADA systems and assessing the vulnerabilities of systems, and has offered those courses to utility representatives. Juan Torres, program manager of the SCADA program, says Sandia is working with DHS and others to develop a national strategy for process control security.