The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before
sharing sensitive information, make sure you’re on a federal government site.
The site is secure.
The https:// ensures that you are connecting to the official
website and that any information you provide is encrypted and transmitted securely.
Center Overview
The mission of the Center for Infrastructure Trustworthiness in Energy Systems (CITES) is to reduce threats to the nation’s power delivery systems by developing capabilities that can rapidly detect cyberattacks, enable infrastructure to continue to operate in the presence of such attacks, and quickly restore infrastructure after an attack.
Power and energy delivery systems — including electric power, oil and gas, energy markets, and the infrastructure supporting electric vehicles, smart buildings, and smart cities — depend increasingly on cybertechnology. Even legacy systems that use closed serial communications can be exposed to adversaries through networking, and are increasingly targeted by nation-states and independent actors. The threat to critical infrastructure is worldwide, with energy systems being of highest priority when it comes to the need for security.
CITES focuses on the trustworthiness of power and energy systems in developing security solutions specific to their protection, and increases the resilience, reliability, safety, and cybersecurity of these power delivery systems at the operational level in novel ways that expand on traditional IT system protection strategies.
CITES brings together uniquely qualified academic researchers in partnership with a diverse group of private sector stakeholders, trade associations, and national laboratories who share this vision. CITES is also creating a larger pool of students with training and skills in this area of national importance, and increasing the number of university faculty members who are able to make foundational contributions to trustworthy energy systems. To broaden diversity in the field, CITES recruits faculty members as well as graduate and undergraduate students from populations historically underrepresented in such work.
CITES aims to affect how decision-makers in energy view and make investments to improve the trustworthiness of their own infrastructures. Through its industrial interactions and outreach, CITES is helping create a larger cyber-savvy operational technology workforce. Together, CITES’s technical, educational, and outreach activities and innovations have an impact on society and provide collaborative opportunities to develop new technologies that support national security.
Universities
- University of Arkansas
- Florida International University
- University of Illinois, Urbana-Champaign
Center Personnel
Dominic Saebeler
Industry Liaison
+1 217 300 6109
dsaeb2@illinois.edu
Osama Mohammed
Site Director
+1 305 348 3040
mohammed@fiu.edu
David Nicol
Center Director
+1 217 244 1925
dmnicol@illinois.edu
Qinghua Li
Site Director
+1 479 575 6416
qinghual@uark.edu
Research Focus
CITES pursues security-focused research across a range of areas that include:
- Energy system protection: Advances software and hardware technologies for protecting energy systems from cyber malfeasance. This broad area includes intrusion detection tailored to energy systems, technologies for describing and analyzing cyberattacks and defenses in energy systems, hardware support for device identification, decision aids for the application of security controls in energy systems, security for micro-electronics, and evaluation of access control devices against formalized security policies typical in energy systems.
- Interacting systems: New devices, applications, and systems designed to improve security are often envisioned without considering the dependence that the security they provide has on the security of the new entity itself. For example, the introduction of public key infrastructure (PKI) within an operational technology (OT) network necessitates the introduction of a certificate server, which, if compromised or inaccessible, inhibits the security apparatus that depends on the PKI. The challenge is to identify techniques, methodologies, and/or analyses that help one to identify, consider, or forestall the risks attendant with the introduction of that technology.
- Data trust and integrity: Grid modernization increases reliance on data for human and machine-assisted management of grid operations. Emerging technologies such as machine learning and other advanced analytics increase that data dependency by several orders of magnitude. New concepts like zero trust challenge traditional data architecture assumptions. The use of digital twins for near real-time and real-time simulations requires data from multiple sources to describe operating conditions.
- Intra-level security management: The classic Purdue model for OT systems defines system layers Enterprise, Demilitarized Zone (DMZ), Operational and Control, Process, and, Physical, conceptualized as a “North-South.” A layer is often treated as a single security zone, with security policies (like Biba) imposed between them. The problem is that better trust management is required within a layer. The challenge is to understand how to introduce so-called "East-West" management of security.
- Secure digital infrastructure for energy: Society is on the cusp of a new energy ecosystem, driven by requirements for efficiency and decarbonization as well as advances in energy sources, electric transportation, and market models. Realizing this vision will require a secure digital infrastructure for secure interoperability, trust relations among multiple stakeholder communities, secure and verifiable transactions, integration of nonconventional forms of generating energy at multiple grid scales, and secure cloud operations.
- Secure software development and life cycle: Design and implementation flaws in software components are significant factors that lead to compromised computer systems. Security must be built in from the start, and part of that involves the methodologies and testing used in the development of that software, and throughout its entire life cycle (requirements, planning, design, development, testing, deployment, maintenance).
- Zero-trust networking: Provenance, authentication, integrity, and policy checking must be pusehd to edge devices in the network.
Awards
Research methodologies include system analysis, formal methods and other mathematics, and empirical evaluation of prototypes. CITES technical contributions include knowledge creation, knowledge transfer, and empirical proofs of concept that utilize University of Illinois Urbana-Champaign (UIUC)’s specialized OT system testbed. Energy providers benefit by observing the potential for increased resilience; Equipment manufacturers benefit from proven ideas, and other stakeholders benefit from increased knowledge. CITES research at UIUC is organized around three thrusts. The first of these thrusts is understanding security - developing ways of understanding the security properties of a system, including analysis of organization and configurations, and of the data derived from the system. Research about security properties formalizes representations of systems and develops security proofs. Research in data analysis makes the task of interpreting data manageable and provides insights and understanding of system behaviors. The second thrust - security at the edge - has a focus on vulnerabilities that exist where subsystems join. The team develops means of detecting both potential and actualized flaws. The technology is tailored to the special security needs (e.g., cross-system authentication) that occur at the edge. The third thrust - useable security technologies - ensures that new security technologies do not increase the risk of the system failing and do not violate any of the system’s operating constraints.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria. Read More >
Research methodologies include system analysis, formal methods and other mathematics, and empirical evaluation of prototypes. CITES technical contributions include knowledge creation, knowledge transfer, and practical proofs of concept that utilize Florida International University (FIU)'s specialized testbeds. Energy providers benefit by observing the potential for increased resilience; Equipment manufacturers benefit from proven ideas, and other stakeholders benefit from increased knowledge. CITES research at FIU is organized in three thrusts. The first thrust is increasing security which addresses issues related to increased energy industry use of power electronics with embedded sensors, converters, actuation, and control mechanisms through wired and wireless connections. Electric grids, electrified transportation, data centers, and Internet of Things (IoT) devices rely on trustworthy power electronics. The Center seeks to identify the best key management approaches, make the existing solutions deployable to the power grid, and adapt novel solutions that will be lightweight, have significant bandwidth, and be storage efficient. The second thrust - enhancing communications supporting energy cyber-physical systems - provides critical capabilities for securing commercial wireless networks and their interactions with energy systems equipment that operate on them. The Center utilizes a comprehensive frequency range across the 5G and satellite communications and navigation bands to enable security measures and characterization techniques that serve the growing industry and related energy systems innovations, internet of things (IoT), and navigation in support of current and future energy cyber-physical systems. The third thrust, security of electric vehicle infrastructure - solves diverse problems related to safety and security that are forced by the widespread use of electric vehicles. A broad space of research problems related to power electronics, placement, and management of charging stations supports aggregate battery power to support renewable energy.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria. Read More >
Research methodologies include system design, system analysis, formal methods and other mathematics, and empirical evaluation of prototypes. CITES technical contributions include knowledge creation, knowledge transfer, and empirical proofs of concept that utilize the power system facilities at the University of Arkansas. Energy providers benefit by observing the potential for increased cybersecurity and resilience; Equipment manufacturers benefit from proven ideas and other stakeholders benefit from increased knowledge. CITES research at the University of Arkansas is organized around five thrusts: 1) Vulnerability assessment and mitigation – methods for assessing the risks of security vulnerabilities and mitigating vulnerabilities in optimal ways; 2) Artificial intelligence-based attack detection – methods for detecting attacks, incidents, and anomalies timely and effectively, leveraging recent advances in artificial intelligence; 3) Secure and resilient communications – methods to make energy system networks and communications secure against attacks and resilient against failures; 4) Supply chain security – methods for provisioning integrity, provenance, and other security properties in supply chains; and 5) Power electronic device hardening and security-by-design – reference designs and technologies for securing power electronics, such as firmware security and in-device attack detection.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria. Read More >