Analysis
Attacks and Vulnerabilities
Critical infrastructure
ISA/IEC 62443
News
Utilities: Energy & Power, Water, Waste

DOE highlights work carried out by SEI ETF in advancing state of practice for ICS cybersecurity

June 27, 2022
DOE highlights work carried out by SEI ETF in advancing state of practice for ICS cybersecurity

​​The U.S. Department of Energy’s (DOE) Securing Energy Infrastructure Executive Task Force (SEI ETF) has, over the last two years, developed a body of work that is advancing the state of the practice for industrial control systems (ICS) cybersecurity. Now, portions of this jointly-developed technical work are being adopted and expanded by the Industrial Society of Automation (ISA) and the MITRE’s Common Weakness Enumeration (CWE) framework.

The DOE said that several dozen stakeholders from 35 organizations participated in developing SEI ETF’s body of work under the leadership of the government and industry executives. Operating as a technically focused public-private partnership, they jointly developed and delivered new resources to narrow critical gaps in ICS cybersecurity. This covers 20 new enumerations of control system security vulnerabilities, a set of energy sector reference architectures and profiles, an interactive matrix of standards, and a forthcoming National Cyber-Informed Engineering Strategy, among many others.

The SEI ETF developed and described 20 new categories of security vulnerabilities for ICS, extending existing categorization efforts beyond the IT space. In addition, the CESER has partnered with MITRE and its CWE program to integrate and expand the Task Force’s work. CWE Version 4.7, released in April, includes three new entries drawn from the SEI ETF’s descriptions of vulnerability categories. 

CESER and the CWE program have also formed an ICS/operational technology (OT) Special Interest Group, launched in May, that will further explore the inclusion of these categories in the CWE. The group is open to the public.

The DOE report also highlighted the work carried out by the Reference Architecture for Electric Energy OT, which addresses gaps in existing reference architecture models and can provide a critical starting point for users to develop security applications in the OT environment. The SEI ETF developed a profile set that leverages the Reference Architecture for four specific OT domains. 

CESER and Task Force participants partnered with ISA to form a working group to validate and expand the Reference Architecture profiles and incorporate them into the ISA/International Electrotechnical Commission 62443 series of standards, which provides cybersecurity technical requirements for industrial automation and control systems. Additionally, ISA invites participation from other international standards groups to ensure broad alignment with cybersecurity standards development activities.

As a foundational element in evaluating the array of standards used to secure ICS, the SEI ETF developed a searchable and sortable interactive matrix of standards that contains more than 75 standards related to ICS, the DOE report said. The matrix can help energy providers apprehend the large body of security standards that can apply to ICS, how they interrelate, and which may be the best fit, supporting more effective implementation of cybersecurity standards and guidelines.

The DOE is also preparing to release the congressionally directed National Cyber-Informed Engineering Strategy, developed by the SEI ETF. The National CIE Strategy offers a holistic approach to integrating cybersecurity considerations into the conception, design, build, and operation of any physical system with digital connectivity, monitoring, or control. CIE calls for using design decisions and engineering controls to mitigate avenues for cyberattacks or reduce the consequences when an attack occurs. 

The National CIE Strategy offers an integrated set of recommendations to incorporate CIE principles into engineering education and training, build a body of knowledge and resources for engineers, and apply CIE principles to the nation’s critical energy infrastructure and emerging technologies in the modern decarbonized grid.

Earlier this month, the CESER announced a highly-selective education program called the Operational Technology (OT) Defender Fellowship. The program gives middle- and senior-level OT security managers in the energy sector an opportunity to learn about the strategies used to target U.S. energy infrastructure and the cybersecurity tools and tactics the federal government uses to counter them.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Building a Culture of Cyber Resilience in Manufacturing (WEF)
WEF playbook addresses cyber resilience in manufacturing and supply chains, provides three guiding principles
DOE, EPA support NSM-22 focused on critical infrastructure security and resilience
DOE, EPA support NSM-22 focused on critical infrastructure security and resilience
White House releases National Security Memorandum on critical infrastructure security and resilience
White House releases National Security Memorandum on critical infrastructure security and resilience
US DHS delivers safety and security guidelines to secure critical infrastructure from AI-related threats
US DHS delivers safety and security guidelines to secure critical infrastructure from AI-related threats
Xage’s Zero Trust Session Collaboration tool delivers remote access, collaboration across industrial frameworks
Xage announces AI-powered analytics and insight capabilities to boost zero trust access and protection
US DHS establishes AI Safety and Security Board to advise on safe deployment in critical infrastructure
US DHS establishes AI Safety and Security Board to advise on safe deployment in critical infrastructure
AI for Energy - Opportunities for a Modern Grid and Clean Energy Economy (DoE)
US DOE rolls out initial assessment report on AI benefits and risks for critical energy infrastructure
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
Claroty’s Team82 details exploitation of classic deserialization vulnerability in Siemens EnMPro line
Claroty’s Team82 details exploitation of classic deserialization vulnerability in Siemens EnMPro line
Microsoft debuts ICSpector framework to enable examining information and configurations of industrial PLCs
Microsoft debuts ICSpector framework to enable examining information and configurations of industrial PLCs