DOE Unveils Assessment of Cyber Asset Surface Management Tool runZero Through New Report

The Department of Energy (DOE) has released a report on the evaluation of a cybersecurity tool designed to counter cyberattacks against the energy sector. The tool, called runZero, is a configurable platform that uses active scanning and passive sampling to help organizations scan and identify devices on industrial control systems (ICS) networks without hampering the performance of ICS assets.

The evaluation of runZero was conducted by researchers at the National Renewable Energy Laboratory (NREL) as part of the Clean Energy Cybersecurity Accelerator (CECA) program’s second cohort. The CECA program is a collaborative effort between the DOE and the National Cyber Security Alliance (NCSA) that aims to promote cybersecurity in the energy sector by identifying and developing innovative cybersecurity solutions for clean energy technologies.

According to the report, runZero was found to be effective in identifying devices on ICS networks, including those that were previously unknown or unaccounted for. The tool was also found to be configurable, allowing users to customize its scanning and sampling parameters to meet their specific needs.

runZero’s active scanning capability allows it to detect devices that are not readily apparent on the network, such as devices that are not broadcasting their presence or devices that are hidden behind firewalls or other network barriers. The tool’s passive sampling capability, on the other hand, allows it to collect data on network traffic and identify potential security threats without disrupting the normal operation of the network.

The report noted that runZero’s ability to scan and identify devices on ICS networks without impacting their performance is a significant advantage, as it allows organizations to gain visibility into their cyber assets without putting their operations at risk. This is particularly important in the energy sector, where downtime can have serious consequences, including power outages and revenue losses.

The report also highlighted some areas for improvement in runZero, such as enhancing its user interface to make it more intuitive and user-friendly, and expanding its capabilities to include other types of network protocols and devices. However, the report concluded that runZero has the potential to be a valuable tool in the energy sector’s cybersecurity arsenal.

The release of the DOE’s report on runZero comes at a time when the energy sector is increasingly vulnerable to cyberattacks. Cybercriminals are targeting energy companies and their critical infrastructure, including power plants, transmission lines, and distribution systems. The attack surface is expanding as the energy sector becomes more connected, with the integration of renewable energy sources, smart grids, and other advanced technologies.

The DOE’s evaluation of runZero is a significant step in addressing the cybersecurity challenges facing the energy sector. By identifying and assessing innovative cybersecurity solutions like runZero, the DOE is helping to protect the nation’s critical energy infrastructure from cyber threats. The report highlights the importance of collaboration between government agencies, national laboratories, and private sector organizations in developing and deploying effective cybersecurity solutions.

In conclusion, the DOE’s report on runZero demonstrates the importance of evaluating and developing innovative cybersecurity solutions for the energy sector. The report highlights the potential of runZero as a valuable tool in protecting the nation’s critical energy infrastructure from cyber threats. The collaboration between the DOE, NREL, and NCSA is a significant step towards ensuring the security and resilience of the energy sector’s critical assets.