Protecting vital infrastructure
The ability to remotely access Industrial Control Systems and Supervisory Control and Data Acquisition (ICS/SCADA) exposes these vital systems to an increasingly dangerous environment where thousands of cyber attacks per hour are the norm. Bechtel’s Industrial Control Systems Cyber Security Laboratory focuses on protecting large-scale industrial and infrastructure systems that support critical infrastructure such as equipment that controls government facilities, power plants, water treatment plants, or mass transit systems. The lab will help fill critical security gaps between software and hardware manufacturers, and plant operations – and provide expertise in the U.S. government’s National Institute of Standards and Technology Risk Management Framework (NIST-RMF).
The lab will be able to test vulnerabilities of these systems on simulated and real-world equipment they control in a safe environment and will serve as a proving ground for producing robust systems for use at customer facilities. As a multinational company, Bechtel’s ability to move and procure equipment from key markets will support this testing.
A successful cyber attack on a U.S. power grid could be more severe than a hurricane or large earthquake, affecting all elements of infrastructure from drinking water to food supply, shelter to transportation.
Bechtel is one of the first global EPC firms to offer an ICS cybersecurity capability for its customers. With many years of ICS expertise and access to subject matter experts, Bechtel brings a unique perspective through experience in design, startup and construction of complex and high-risk projects across the entire facility life cycle.
Bechtel’s dedicated research and development ICS/SCADA cybersecurity laboratory will be capable of:
- Penetration testing
- Vulnerability analysis
- NIST-RMF standardization & best practices
- Blue and Red team assessments
- Disaster recovery
- Incident detection and response
- ICS system monitoring
- SIEM testing and implementations
- ICS vendor equipment analysis
- Insider threat mitigation program
- Design, develop and deploy a suite of tools for support situational awareness (Event Monitoring, Intrusion Detection Systems, System Logs, etc.)
A research agreement with George Mason University’s Volgenau School of Engineering enables Mason students and faculty in cybersecurity to access the laboratory for research and internships.