This project aims to demonstrate an adaptive zero trust (ZT) architecture for operational technologies germane to critical energy infrastructure of the Department of War (DoW). This project will integrate legacy systems to reduce cyber risks, enhance resilience, and meet DoW security goals. The cost-effective ZT solution will ensure continuous authentication, dynamic access control, segmentation, incident response, and threat identification, while remaining scalable, fault-tolerant, and easy to maintain and operate. The solution will be demonstrated through simulations, laboratory experiments, and on-site tests, to showcase its robustness for deployment across various DoW microgrids and other environments. Its cost-benefit ratio, payoff, and commercialization will also be evaluated.

Eaton's advanced grid automation software platform—the Edge Application Processor (Edge-AP)—will be deployed on cost-effective, utility-grade edge gateways to establish a secure and automated network for managing connected devices. This network will enable the segmentation of devices into smaller, protected units. Legacy assets will be seamlessly integrated using local gateways. The solution incorporates ZT features like ephemeral mutual authentication, least-privilege access, and real-time network monitoring and visualization. These features will be implemented using software-defined networking over the existing physical network, leveraging Edge-AP. A robust security system will be established to manage digital identities and credentials automatically, eliminating the need for manual management, which is prone to errors and high costs. To ensure system reliability, key components will be designed with redundancy. An artificial intelligence-based security monitoring system will analyze network activity and device behavior, providing automated responses to security threats based on continuous monitoring. Incident reports will be centrally generated using collected logs. This project aims to demonstrate the effectiveness of the ZT solution in several areas: accurate real-time continuous monitoring, network visualization, automated response and policy revision, cost minimization of credential management, prompt cyber incident reporting, overall cyber risk reduction, and enhanced energy resilience under coordinated cyberattacks.

The ZT solution will significantly enhance the security, resilience, and adaptability of the operational technologies in DoW critical energy infrastructure, meeting requirements in the DoW ZT capability maturity model. Leveraging Eaton's decades of utility operational technologies expertise and mature cyber security technologies, the solution offers robust benefits, including continuous verification of user and device credentials for enhanced security, seamless integration of legacy assets, operational resilience through localized breach isolation, and reduced attack surfaces via least-privilege access. The solution also strengthens threat detection with unified analytics, secures sensitive data through encryption and access controls, and prevents lateral movement through network segmentation. Additionally, the solution is cost-effective and scalable, aligning with the DoW's strategic cyber security goals to safeguard critical infrastructure and counter advanced threats effectively. (Anticipated Project Completion - 2028)