Patent ID: 9721 | Patent Number 11,621,973 | Status: Granted


PNNL has produced a blockchain cybersecurity audit platform (BCAP). The BCAP helps reduce the cost and increase the effectiveness of grid cybersecurity efforts through automating security audits and compliance to North American Electric Reliability Corporation critical infrastructure protection (NERC CIP), which is set of cybersecurity requirements designed to secure the assets required for operating North America's bulk electric system. The current compliance process is largely manual, costly and ineffective. PNNL solves these problems though the innovative application of distributed ledger technology or blockchain, which cryptographically signs the who, what, when and where for critical cyber assets throughout their entire chain of custody, from the factory to the field deployment, including monitoring the integrity of the devices when deployed. This significantly improves the state of the art for the current NERC CIP process is resource intensive, burdensome and often ineffective in securing the increasing number of networked field devices. Security controls - like whitelisting and laborious physical inventories and monitoring of critical cyber assets are challenging due in part to the increasing number of Internet-connected devices. Not only is the attack surface increasing, but utilities can be fined up to $1 million dollars per day for NERC CIP noncompliance. Instead of periodic laborious compliance and security CIP assessments, both regulators and utilities could use blockchain technology to facilitate monitoring and securing of complex energy IoT environments. In realization of this goal, BCAP has several benefits that could improve cyber risk management and NERC CIP compliance: 1) Increased transparency and auditability of the system throughout the manufacturing, shipping, deployment and maintenance, and retirement life cycle. BCAP's chain of custody and monitoring of field devices are provisioned and tracked in the blockchain through their entire life cycle; 2) BCAP provides an immutable archived record about the firmware, hardware, and software components of the system including the past and current patch management information can be widely witnessed through a cryptographic hash of their metadata captured in an immutable blockchain instead of a single server that can be manipulated or erased; 3) BCAP expedites and enhances inter-vendor cooperative system development through increased visibility and accessibility of supply chain data. Realization of this goal would require vendor participation via regulatory mandate or potentially the market incentive of having a product with improved supply chain security; 4) BCAP improves security of the supply chain process through increased trustworthiness and integrity of data through blockchain consensus mechanism which reduces reliance and can even replace the need for intermediary trust mechanisms and brokers. The need for some third-party vendors EDS and other field devices might be reduced as blockchain enables more trustworthy peer-to-peer transactions that are less susceptible to manipulation and compromise; 5) Principle component traceability throughout the system lifecycle to incorporate efficient systems engineering processes; 6) Improved audibility and monitoring of critical cyber assets facilitates compliance and improves the security of devices. The blockchain consensus algorithm could flag if a field device was not patched and may help deny a malicious change in the configuration of a field device - maintaining machine state integrity by default. BCAP's architecture helps ensure the data integrity throughout the chain of custody by verifying the identity of the signer and alerting if the data have been manipulated. A cryptographically signed hash of the data is captured as a block in the chain. The regulator returns a signature token to see the information about the asset at each route along the supply chain (e.g., vendor, supply, customer). In the context of NERC CIP compliance, the hash would be sent to the regulator along with chain-of-custody data and device logs, which could potentially help verify everything from machine state integrity to software version and patch information using the hash calendar on the blockchain. Sending the logs and machine state separately helps increase the availability and security of the data.

Application Number



Mylrea,Michael E
Gourisetti,Sri Nikhil Gupta

Market Sector

Energy Infrastructure