Last month, hackers gained remote access to a water treatment plant in Oldsmar, Florida. Once in the system, they increased the level of sodium hydroxide, also known as lye, in the city’s water supply from around 100 parts per million to a dangerously high level of 11,100 parts per million.

Thankfully, a worker foiled the plot before the chemicals could cause harm, but this security breach draws attention to major cybersecurity vulnerabilities within the United States’ aging critical infrastructure and the potentially catastrophic consequences if attacks like these are successful.

Dr. Fan Zhang, Research Assistant Professor, along with Associate Professor Jamie Coble, in the Department of Nuclear Engineering at the University of Tennessee, Knoxville, invented a technology designed to detect insider attacks towards critical industrial control systems (ICSs), like those in the nuclear power industry. Last year, Zhang co-founded Sentinel Devices LLC with Chief Executive Officer Forrest Shriver to advance the technology.

Many cybersecurity efforts today focus outward — using firewalls and other measures to prevent outsider attacks on a network — but this new technology looks inward. The device offers localized detection by interfacing directly with a programmable logic controller (PLC) that controls essential industrial processes, such as water treatment process. It can be attached to a PLC where it will gather normal operating data and continually monitor for any deviations that might indicate an attack.

“The technology protects what matters most,” said Zhang. “Other technologies mostly focus on monitoring network data. This technology is focused on monitoring process data at the lowest level of the hardware.”

Dr. Zhang works on a PLC in UTNE’s lab in SERF.

This technology is crucial because a successful insider attack on an industrial facility can have serious consequences for economics, human health, and the environment. Such consequences aren’t just fantasy since there have been multiple attacks in the past decades, such as a cyberattack on a power grid in 2015.  As industry continues to progress towards “Industry 4.0” and the industrial internet of things (IIoT), this technology is aimed at improving the cybersecurity of these facilities at the lowest and most critical level to protect these assets for the long term. With the next generation of nuclear reactors on the horizon, this technology and continued research may also improve cybersecurity to support autonomous control and remote operation of advanced reactors.

“Cybersecurity in the nuclear industry is kind of in its early stage; I am happy that I am contributing to enhance ICS cybersecurity and prepare for our advanced reactor future,” Zhang comments. “I feel a sense of satisfaction about the technology and how it can benefit the industry.”

Zhang is extremely appreciative of the “tremendous support” from UTRF and her department at UTK. In November 2020, UTRF secured a patent application for Zhang’s technology. Afterwards, Sentinel Devices secured a research license from UTRF to advance Zhang’s work. UTRF also awarded Zhang a 2021 Technology Maturation Grant to support further development of the patented technology.

“Dr. Fan Zhang and Sentinel Devices are passionate about protecting our country’s critical infrastructure,” notes Andreana Leskovjan, a technology manager at UTRF. “Fan’s technology has the potential to revolutionize industrial cybersecurity as we know it.”

Sentinel Devices is currently developing the technology for the energy generation sector, but both Zhang and Shriver envision the product finding applications in other industrial infrastructure in the future, infrastructure just like the water treatment plant in Florida.

 “As a researcher, I want my work to help to improve safety and efficiency in industry and have a positive impact on society,” emphasizes Zhang. “This technology represents one step towards bridging the gap between academia and industry, and providing for a safe and secure future.”