Cybersecurity Tool Aims to Protect Critical Infrastructure Systems

Spring 2021 MICS Capstone award-winner ‘hunnypOT’ is a decoy device for operational technology networks.

Each hunnypOT device is designed to emulate a PLC (programmable logic controller) which are common targets for adversaries. Once an attacker tries to access or manipulate a hunnypOT decoy, an alert is triggered and dispatched to the staff responsible for the OT (operational technology) network. Unlike traditional detection systems that have to pick anomalous activity out of legitimate activity, any activity captured on the hunnypOT is by definition anomalous as there is no legitimate need to interact with the decoy device.

Bryan: Our learnings during the MICS program made it clear that OT networks are very vulnerable given the legacy hardware and less mature cybersecurity protections that they have when compared to IT (information technology) networks. The rising number of publicized attacks on Critical Infrastructure within the United States and other places was alarming to us. We started hunnypOT in order to start addressing what we saw as an important problem that was likely to grow worse without some innovation applied.

Jenn: We were under significant schedule pressure given the 14-week semester as part of the Berkeley MICS Capstone Project. We had come up with the idea of hunnypOT as well as a few other initial project ideas prior to the beginning of the semester. However, we did not finalize on hunnypOT until a couple of weeks into the Capstone course. That gave us about twelve total weeks for design, implementation, testing, and our final presentation. Given more time, we have several enhancements that we would have liked to have made to increase the realism of the decoy device and hold the attention of attackers away from real CI equipment for longer.

Greg: We were very lucky to have team members with such a diversity of broad and deep experience. This gave us the ability to divide the workload across the team and really make great use of our limited time. It would have been nice to meet face-to-face for at least part of the project but with the COVID situation, that was not really an option for us. Every one of the team was already very used to collaborating online from their MICS work as well as their day jobs. We pulled from those experiences to make our distance-collaboration successful.

Chukwunenye: hunnypOT was difficult to put together in a compressed timeframe while still having day jobs. However, the team has discussed several technical and operational enhancements that we would like to add. We are enjoying a little post-semester break at the moment, but we have received very positive and encouraging feedback on the need for a product like hunnypOT, and will discuss opportunities for continuing in the future.

Greg: hunnypOT is intended to serve as an early warning system for the cybersecurity staff of any critical infrastructure system like a powerplant or factory. The hope is that hunnypOT could help to avoid situations like the recent oil pipeline outage that has devastated the East Coast of the United States. Critical infrastructure outages typically have a more severe impact on vulnerable populations.

We are so grateful for the advice and guidance we received from professors and industry experts who encouraged us and provided validation that this was a problem worthy of attention, and a project with the potential to build up the defense in depth of our critical infrastructure. Thanks to Tiffany Rad from UC Berkeley; Matthew Travis, former deputy director of CISA; and Dom Maddalone, Christopher Jimenez, and Shane Clancy from Santee Cooper.

Related posts:

Distractions have become so pervasive, so captivating and accessible, that we’ve developed an aversion to boredom and our ability to pay attention has receded. So has our ability to imagine, to…

When I was looking to start my podcast, I found myself in paralysis analysis. I was overthinking EVERYTHING. Do I use this service or that one to host? What kind of microphone do I need? How will I…

Paperman is a short film created by Disney Studios. Paperman was the first short film since the Mickey Mouse short movie premiered in 1990 (Macquarrie). Paperman is a romantic fantasy of a young man…