Improving Software and Data Security in SCADA Systems

Award Information
Agency:
Department of Defense
Branch
Office of the Secretary of Defense
Amount:
$99,982.00
Award Year:
2010
Program:
STTR
Phase:
Phase I
Contract:
FA8650-10-M-1881
Award Id:
94822
Agency Tracking Number:
O09B-003-1012
Solicitation Year:
n/a
Solicitation Topic Code:
OSD 09T003
Solicitation Number:
n/a
Small Business Information
5309 Wurzbach Rd, Suite 100-1, San Antonio, TX, 78238
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
007983983
Principal Investigator:
Matt Rasmussen
Vice President of Operations
(210) 520-5167
matt@zenpanion.com
Business Contact:
Jung Rasmussen
President and CEO
(210) 520-5167
jrasmussen@zenpanion.com
Research Institution:
Southwest Reseach Institute
Galen Rasche
P.O. Drawer 28510
San Antonio, TX, 78228
(210) 522-6416
Domestic nonprofit research organization
Abstract
Zenpanion LLC proposes a hardware-based protection mechanism to substantially improve the security of a key component of a SCADA system. The protected component is the on-site intelligent electronic controller installed to perform energy management in a home or business. The controller's responsibilities include monitoring and controlling local devices such as lighting, appliances, and HVAC systems to reduce energy use and lower costs. In the SCADA architecture of the new Smart Grid, such controllers are a key component of demand response and other resource controls. For example, a controller receives a demand response directive from the utility provider via an advanced metering infrastructure (AMI) channel. The controller then responds by reducing local resource use. The controller is typically also connected to the Internet, e.g. to obtain weather data or allow the home or business owner remote access. Controller vulnerabilities allow an intruder to perform actions such as shutting down all controlled electrical devices. A hardware-based protection system is proposed to secure the controller, ensuring it is not compromised. The protection system is transparent to the controller, has full monitoring and control access, and is interfaced in a way that makes it much more difficult to compromise than the controller itself.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government