The technical objective of this project is to develop and demonstrate the effectiveness of Onclave’s Trusted Communications Framework and the Secure IoT® Platform related to the protection of Facilities Related Controls System (FRCS)/Operational Technology (OT)/Internet of Things (IoT) data in the Ft. Belvoir 300 Area’s Compound Microgrid Closed Restricted Network Test and Development Environment. Onclave’s methodology will ensure that secure communication links for critical mission operational energy systems will be resilient, cybersecure, and efficient despite the persistent adversary threat to these networks. With a successful outcome, this solution can be quickly replicated among all FRCS/OT/IoT environments supporting tactical, operational, and strategic Department of Defense (DOD) missions.

The state-of-the-art protection of microgrids follows the National Institute of Standards and Technology (NIST) and other standard methods of security in-depth, namely, for DOD, the Risk Management Framework. Most energy providers have addressed security issues in their co-mingled information technology (IT) and FRCS/OT/IoT networks by employing standard IT-based security defense methods (NIST Cybersecurity Framework - Identify, Protect, Detect, Respond, Recover). The result of this traditional approach to security is to delay an attack, but rarely to prevent one. With the introduction of 5G into the communications used in IoT devices, this attack surface of FRCS/OT/IoT networks is greatly enlarged, reducing the effectiveness of the traditional security approach even further.

Onclave’s approach is compatible with existing security methods but provides superior results and may lead to the elimination of traditional methods. The approach to securing microgrid networks is to simply integrate Onclave’s Secure IoT® Zero-Trust platform into the current FRCS/OT/IoT network. Secure IoT leverages Onclave’s Dynamic Cypher Key Management patent, all FRCS/OT/IoT enterprise and devices are protected regardless of age, operating system, manufacturer, or protocol without the need to rebuild the communications infrastructure.

The project will deliver trusted and secure communications for the base microgrid through its components illustrated in the Figure 1.1-1. A combination of commercial off the shelf software hardware, Onclave’s custom Trusted Communications Framework, proprietary Layer 2 over Layer 3 secure network, and management stack - Onclave’s Discovery & Monitoring Services will detect and alert energy customers to anomalous communications behavior coming from endpoints inside the secured energy delivery systems enclaves.

This project’s result will establish documented processes and procedures that enhance the procurement and installation of the Onclave Networks Secure IoT Platform to establish secure communications using unique Layer 2 over Layer 3 encryption for both wireless and wired communication transports that enhances energy resilience for critical DOD missions. Once deployed, Secure IoT will easily incorporate other energy resiliency concepts that focus only on the energy generation and distribution areas.