LOGIIC helps keep oil, gas control systems safe

Sandia serves as lead national lab in security system integration

Publication Date:

Sandia news media contact

Michael Padilla
mjpadil@sandia.gov
505-844-4902

LOGIIC team members Bryan Richardson and Weston Henry demonstrate the project’s monitoring solution hosted at Sandia’s Center for Control Systems Security. (Photo by Randy Montoya)
Download 300dpi JPEG image, “LOGICII.jpg,” 528KB (Media are welcome to download/publish this image with related news stories.)

ALBUQUERQUE, N.M. — For the past 12 months, Sandia National Laboratories has served as the lead national lab in Project LOGIIC (Linking the Oil and Gas Industry to Improve Cyber Security). The project was created to keep U.S. oil and gas control systems safe and secure, and to help minimize the chance that a cyber attack could severely damage or cripple America’s oil and gas infrastructure.

Such an attack by viruses, worms or other forms of cyber-terrorism on oil and gas industry process control networks and related systems could destabilize energy industry supply capabilities and negatively impact the national economy.

LOGIIC, funded by the Department of Homeland Security’s Science and Technology Directorate, brought together 14 organizations to identify ways to reduce cyber vulnerabilities in process control and SCADA (Supervisory Control And Data Acquisition) systems. The goal of the project was to identify new types of security sensors for process control networks.

Sandia worked with project partners to create a simulation test bed and apply this environment to counter potential threats to the oil and gas industry using hypothetical attack scenarios. Sandia researchers created two real-time models of control systems used for refinery and pipeline operations.

Sandia is a National Nuclear Security Administration laboratory.

Ben Cook project lead for Sandia, says the objective of LOGIIC was to bring together government, asset owners, vendors, and the research community to protect the critical infrastructure. He says a key element of LOGIIC’s public-private partnership model was the leadership role it gave to industry partners — in this case the oil and gas asset owners — to define the technical problem to be tackled and manage the project towards a successful outcome.

“Current control system operators have limited situational awareness,” he said. “In LOGIIC, industry leaders chose to focus the partnership team’s initial work on addressing their concern that control networks aren’t monitored for cyber intrusions as is routinely done on business networks. As a result, it’s difficult to detect cyber adversaries who might be attempting to compromise critical system components.”

The monitoring system developed in LOGIIC is based on the very latest commercial enterprise detection and correlation technologies adapted to monitor control networks, providing asset owners with dramatically improved situational awareness,” Cook said.

To test LOGIIC’s monitoring capabilities, Sandia researchers came up with five vulnerability scenarios based on cyber compromises commonly used in the hacker community. Two scenarios were extensively tested to illustrate the effectiveness of the LOGIIC monitoring solution. Ray Parks, who led the development of the scenarios, used his background as a member of Sandia’s cyber red team, which has performed numerous vulnerability assessments of oil and gas and other critical infrastructure facilities.

LOGIIC brought together experts in homeland security, oil and gas, security research, security technology, and process control technology.

  • Government: DHS, Science and Technology Directorate
  • Oil and gas industry: Chevron, CITGO, BP and Ergon Refining
  • Research: Sandia, SRI International, and Adventium Labs
  • Security vendors: ArcSight, 3Com, and Symantec
  • Process control technology vendors: Honeywell, OMNI Flow Computers, and Telvent

Project results were shared at the LOGIIC Summit, Sept. 11, in Houston, Texas. The meeting showcased results and promoted the partnership model as a template for future public-private partnerships to improve infrastructure security. A field test of the LOGIIC solution may begin later this year. The LOGIIC website is at www.logiic.org.

 

Sandia National Laboratories is a multimission laboratory operated by National Technology and Engineering Solutions of Sandia LLC, a wholly owned subsidiary of Honeywell International Inc., for the U.S. Department of Energy’s National Nuclear Security Administration. Sandia Labs has major research and development responsibilities in nuclear deterrence, global security, defense, energy technologies and economic competitiveness, with main facilities in Albuquerque, New Mexico, and Livermore, California.

Sandia news media contact

Michael Padilla
mjpadil@sandia.gov
505-844-4902