Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

The opinions, findings, and conclusions or recommendations expressed are those of the Center author(s) and do not necessarily reflect the views of the National Science Foundation.

Center Overview

The mission of the Center for Infrastructure Trustworthiness in Energy Systems (CITES) is to reduce threats to the nation's power delivery systems by developing capabilities that can rapidly detect cyberattacks, enable infrastructure to continue to operate in the presence of such attacks, and quickly restore infrastructure after an attack.   

Power and energy delivery systems - including electric power, oil and gas, energy markets, and the infrastructure supporting electric vehicles, smart buildings, and smart cities - depend increasingly on cybertechnology. Even legacy systems that use closed serial communications can be exposed to adversaries through networking, and are increasingly targeted by nation-states and independent actors. The threat to critical infrastructure is worldwide, with energy systems being of highest priority when it comes to the need for security.  

CITES focuses on the trustworthiness of power and energy systems in developing security solutions specific to their protection, and increases the resilience, reliability, safety, and cybersecurity of these power delivery systems at the operational level in novel ways that expand on traditional IT system protection strategies. 

CITES brings together uniquely qualified academic researchers in partnership with a diverse group of private sector stakeholders, trade associations, and national laboratories who share this vision. CITES is also creating a larger pool of students with training and skills in this area of national importance, and increasing the number of university faculty members who are able to make foundational contributions to trustworthy energy systems. To broaden diversity in the field, CITES recruits faculty members as well as graduate and undergraduate students from populations historically underrepresented in such work.  

CITES aims to affect how decision-makers in energy view and make investments to improve the trustworthiness of their own infrastructures. Through its industrial interactions and outreach, CITES is helping create a larger cyber-savvy operational technology workforce. Together, CITES's technical, educational, and outreach activities and innovations will have a broad and major impact on society and will provide collaborative opportunities to develop new technologies that support national security. 

Universities

  • Florida International University
  • University of Arkansas
  • University of Illinois Urbana Champaign

Center Personnel

Dominic Saebeler
Industry Liaison
(217) 300-6109
dsaeb2@illinois.edu

Osama Mohammed Ph.D.
Site Lead
(305) 348-3040
mohammed@fiu.edu

Professor David Nicol
CITES Director and Principal Investigator
(217) 244-1925
dmnicol@illinois.edu

Qinghua Li Ph.D.
Site Lead
(479) 575-6416
qinghual@uark.edu

Research Focus

CITES pursues security-focused research across a range of areas that include:  

  • Energy system protection: Advances software and hardware technologies for protecting energy systems from cyber malfeasance. This broad area includes intrusion detection tailored to energy systems, technologies for describing and analyzing cyberattacks, and defenses in energy systems.  
  • Interacting systems: New systems meant to improve security are often designed without considering their interdependencies. The challenge is to identify techniques, methodologies, and analyses that help one to identify, consider, or forestall the risks attendant with introduction of new technology.  
  • Intra-level security management: The classic Purdue model for operational technology (OT) systems defines multiple system levels (enterprise; demilitarized zone, or DMZ; operational and control; process; and physical). A level is often treated as a single security zone, with security policies (like Biba) imposed between them.?However, better trust management is required within a level, for example, between remote terminal units (RTU) within the process layer. 
  • Secure digital infrastructure for energy: Society is on the cusp of a new energy ecosystem, driven by requirements for efficiency and decarbonization as well as advances in energy sources, electric transportation, and market models. Realizing this vision will require a secure digital infrastructure for secure interoperability, trust relations among multiple stakeholder communities, secure and verifiable transactions, integration of nonconventional forms of generating energy at multiple grid scales, and secure cloud operations. 
  • Secure software development and life cycle: Design and implementation flaws in software components are significant factors that lead to compromised computer systems. Security must be built in from the start, and part of that involves the methodologies and testing used in the development of that software, and throughout its entire life cycle.  
  • Zero-trust networking: The fundamental idea behind zero-trust networking is to extend provenance, authentication, integrity, and policy checking to edge devices, which provide entry to the network. 

Awards