The New York Power Authority (NYPA), America's largest state power organization and SIGA OT Solutions, a leading OT cybersecurity company, formed a collaboration in 2019 as part of a New York State economic development partnership, and have published a white paper based on their findings, called Overcoming Cybersecurity Gaps in the Energy Sector: How to Address Stuxnet-Type Scenarios Using Level-0 Monitoring.
NYPA identified cyberattacks as a major threat to its operations in the coming years. NYPA’s cyber division—together with the AGILe team—aimed to reduce the risk of cyber-attacks on its facilities. The main objective of the collaboration is to reveal otherwise undetectable cyber threats—such as unique Stuxnet-type scenarios—using SigaGuard, an advanced electrical signal conditioning and analysis solution. SigaGuard is the leading process-oriented detection (POD) solution based on Level 0 information which cannot be tampered with or masked.
Cybersecurity gaps in OT environments need to be addressed taking a multi-level approach, with ongoing threat analysis to minimize the attack surface of potential hackers. When considering adversary tactics and threat models, there is an apparent gap in the field level of the process and sensors, Level 0. This gap was exploited in several cases in recent years and can cause dangerous situations—which can impact the OT process and endanger lives.
The recently published white paper describes how NYPA and SIGA collaborated in a simulated attack environment to test these scenarios. The sequence of attacks was carefully designed and executed by NYPA’s AGILe lab team and cyber experts, focusing on the main cyber scenarios which affect the real operation of a sub-station with either false or no reporting to the control level.
The test outcome validates the significance of Level 0 monitoring as a holistic approach towards OT cybersecurity, clearly demonstrating the unique advantages of combining POD and Level 0 data. Focusing on electric signals—before they are converted into data packets and filtered by the PLC—is probably the most effective technique for accurately identifying an operation anomaly, regardless of the cause. It can bring the highest possible level of visibility into process equipment and sensor functioning, closing an intractable gap against determined adversaries.
Alan Ettlinger, Sr. Director, Research, Technology Development and Innovation at New York Power Authority, noted: “NYPA places a priority on preventing any downtime, failure or malfunctions of its mission-critical infrastructure, and we invest a great deal of effort and resources to ensure resilience and security. SigaGuard’s monitoring system that detects anomalous behavior and provides real-time validation of process data was demonstrated in a substation environment, which is one of our critical assets, and conforms with NYPA’s innovative deployment plan in the areas of process resilience and security.”
Amir Samoiloff, co-founder and CEO of SIGA, added: “SIGA’s cooperation with NYPA has demonstrated a strong and strategic bond with a major utility in the U.S., with the highest professional conduct. This collaboration became possible due to the excellent expertise and motivation of the NYPA team. SIGA is looking forward to deepening its partnership with NYPA’s elite cyber protection team by further integrating SIGA’s cyber security solution, SigaGuard, into additional NYPA critical infrastructure centers.”
NYPA is the largest state public power organization in the US, operating 16 generating facilities and more than 1,400 circuit-miles of transmission lines. More than 80 percent of the electricity NYPA produces is clean renewable hydropower. NYPA uses no tax money or state credit. It finances its operations through the sale of bonds and revenues earned in large part through sales of electricity. For more information visit www.nypa.gov
SIGA OT Solutions Developer of SigaGuard, a technology platform that providesincipient failure detection for infrastructure operators to improve the reliability, safety, and cybersecurity of their assets. SIGA’s technology is US patented and ISO / IEC 27001 certified providing OT monitoring, anomaly detection and cybersecurity solutions for commercial, industrial, critical infrastructure, ICS and SCADA systems. SIGA Data Security and SIGA OT Solutions Inc., a Delaware corporation, boasts satisfied customers in the United States, Europe, Singapore, Japan, and Israel, and were named a Gartner "Cool Vendor" for Industrial IoT and OT Security, and is a recipient of the EU Research and Innovation program - Horizon 2020. For more information visit www.sigasec.com
SIGA OT Solutions