Cyber Defense for Industrial Control Systems

The vulnerability of industrial control systems (ICSs) to cyberattacks has become alarmingly clear, with a series of headline-grabbing hacks affecting SolarWinds and Colonial Pipeline, as well as the CyberAv3ngers hacks on water and wastewater systems facilities, having laid bare the limitations of the ad hoc, piecemeal solutions that have characterized ICS cybersecurity to date. APL, in partnership with Sandia National Laboratories, Pacific Northwest National Laboratory, and Idaho National Laboratory, is leading the development of the first-ever comprehensive, integrated, and automated solution for ICS cybersecurity.

Known as MOSAICS—from “More Situational Awareness for Industrial Control Systems”—the working prototype has already demonstrated its value to the U.S. Navy, which is expanding its deployment of the system after initial testing demonstrated a 100% success rate with fewer than 1% false positives.

MOSAICS was initially envisioned simply as an ICS cyberattack detection system. APL leveraged its expertise in systems engineering and ongoing work in Integrated Adaptive Cyber Defense (IACD) to develop MOSAICS into a true ICS operational defense capability. The resulting capability allows ICS operators to detect and characterize cyberattacks on their systems in real time, and will eventually support automated—and even autonomous—response and recovery protocols.