The Cybersecurity for Energy Delivery Systems Program (CEDS) assists the energy sector asset owners (electric, oil, and gas) by developing cybersecurity solutions for energy delivery systems through integrated planning and a focused research and development effort. CEDS co-funds projects with industry partners to make advances in cybersecurity capabilities for energy delivery systems.
The CEDS program emphasizes collaboration among the government, industry, universities, national laboratories, and end users to advance research and development in cybersecurity that is tailored to the unique performance requirements, design and operational environment of energy delivery systems. The aim of the program is to reduce the risk of energy disruptions due to cyber incidents as well as survive an intentional cyber assault with no loss of critical function. This program has resulted in increased security of energy delivery systems around the country.
CEDS program activities fall under five project areas, guided by the "Roadmap to Achieve Energy Delivery Systems Cybersecurity." They are:
- Build a Culture of Security. Through extensive training, education, and communication, cybersecurity "best practices" are encouraged to be reflexive and expected among all stakeholders.
- Assess and Monitor Risk. Develop tools to assist stakeholders in assessing their security posture to enable them to accelerate their ability to mitigate potential risks.
- Develop and Implement New Protective Measures to Reduce Risk. Through rigorous research, development, and testing, system vulnerabilities are revealed and mitigation options are identified which has led to hardened control systems.
- Manage Incidents. Facilitate tools for stakeholders to improve cyber intrusion detection, remediation, recovery, and restoration capabilities.
- Sustain Security Improvements. Through active partnerships, stakeholders are engaged and collaborative efforts and critical security information sharing is occurring.