You are here

SBIR Phase II: Securing Industrial Control Networks with Network Forecasting

Award Information
Agency: National Science Foundation
Branch: N/A
Contract: 1353582
Agency Tracking Number: 1353582
Amount: $709,914.00
Phase: Phase II
Program: SBIR
Solicitation Topic Code: EI
Solicitation Number: N/A
Timeline
Solicitation Year: 2013
Award Year: 2014
Award Start Date (Proposal Award Date): 2014-04-15
Award End Date (Contract End Date): 2016-03-31
Small Business Information
200 S HANLEY RD STE 910
Saint Louis, MO 63105-1918
United States
DUNS: 035038655
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Michael Schultz
 (314) 696-2279
 mjschultz@obsrvbl.com
Business Contact
 Michael Schultz
Phone: (314) 696-2279
Email: mjschultz@obsrvbl.com
Research Institution
 Stub
Abstract

This Small Business Innovation Research Phase II project is focused on network forecasting, a new approach to securing industrial control networks. In essence, network forecasting involves monitoring all devices on a network, and for each device using past behavior to predict near-term future behavior. Deviation from predicted behavior then signals a potential issue. The intellectual merit of the innovation lies in its departure from traditional network security paradigms. Traditional approaches, such as signature-based anti-virus and intrusion prevention systems, detect misbehaviors by recognizing repeats of past behaviors. These approaches necessarily overlook one-of-a-kind or zero-day misbehaviors. In contrast, network forecasting incorporates an understanding of correct and expected network behavior so that aberrant behavior can be identified even if it has not been seen before. The approach builds on the company's previous work in understanding the active roles that devices assume on a network. When predicted network device behavior fails to match reality on the network, network operators can respond without needing to fully understand the details of the threat that caused the disturbance. The broader impact/commercial potential of this project is substantial because critical infrastructure - such as a power generation and distribution grid - represents both a significant investment and a substantive vulnerability in modern society. While recent cyber-attacks may have heightened public awareness of the threats to critical infrastructure, such infrastructure has been the object of sustained concern from government and private-sector groups for many years. However, while the need for increased security in critical infrastructure has grown over time, the effectiveness of network security methods has not kept pace with the sophistication and impact of cyber-attacks. If successful, network forecasting has the potential to transform the security and monitoring practices in nearly all domains of critical infrastructure. Continued technological advances and economic growth presume the existence of secure, networked critical infrastructure. Substantial advances in the security of such infrastructure, such as that promised by the technology being developed in this project, can help protect the future of our society.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government