Improving Software and Data Security in SCADA Systems

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-10-M-1881
Agency Tracking Number: O09B-003-1012
Amount: $99,982.00
Phase: Phase I
Program: STTR
Awards Year: 2010
Solicitation Year: 2009
Solicitation Topic Code: OSD09-T003
Solicitation Number: 2009.B
Small Business Information
5309 Wurzbach Rd, Suite 100-1, San Antonio, TX, 78238
DUNS: 007983983
HUBZone Owned: N
Woman Owned: Y
Socially and Economically Disadvantaged: N
Principal Investigator
 Matt Rasmussen
 Vice President of Operations
 (210) 520-5167
 matt@zenpanion.com
Business Contact
 Jung Rasmussen
Title: President and CEO
Phone: (210) 520-5167
Email: jrasmussen@zenpanion.com
Research Institution
 Southwest Reseach Institute
 Galen Rasche
 P.O. Drawer 28510
San Antonio, TX, 78228
 (210) 522-6416
 Domestic nonprofit research organization
Abstract
Zenpanion LLC proposes a hardware-based protection mechanism to substantially improve the security of a key component of a SCADA system. The protected component is the on-site intelligent electronic controller installed to perform energy management in a home or business. The controller’s responsibilities include monitoring and controlling local devices such as lighting, appliances, and HVAC systems to reduce energy use and lower costs. In the SCADA architecture of the new Smart Grid, such controllers are a key component of demand response and other resource controls. For example, a controller receives a demand response directive from the utility provider via an advanced metering infrastructure (AMI) channel. The controller then responds by reducing local resource use. The controller is typically also connected to the Internet, e.g. to obtain weather data or allow the home or business owner remote access. Controller vulnerabilities allow an intruder to perform actions such as shutting down all controlled electrical devices. A hardware-based protection system is proposed to secure the controller, ensuring it is not compromised. The protection system is transparent to the controller, has full monitoring and control access, and is interfaced in a way that makes it much more difficult to compromise than the controller itself.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government