CMU announces partnership with the Cybersecurity Manufacturing Innovation Institute

Carnegie Mellon University has announced its partnership with the Cybersecurity Manufacturing Innovation Institute (CyManII), a $111 million public-private partnership funded by the U.S. Department of Energy and led by the University of Texas at San Antonio. CyManII’s vision is to introduce a cybersecure energy-ROI for energy efficient manufacturing and supply chains that secures and sustains American leadership in global manufacturing competitiveness for decades.

“This is a tremendous opportunity for CMU to have a meaningful and long-lasting impact on the security and the energy-efficiency of U.S. manufacturing,” says Greg Shannon, chief scientist at the CERT Division in CMU’s Software Engineering Institute (SEI).

Manufacturing consumes roughly one-quarter of the energy in the United States, and one critical path towards making manufacturing more energy-efficient is implementing more advanced automation and control systems. With new and advanced systems come new cybersecurity vulnerabilities, and CyManII seeks to tackle those issues. 

The Institute’s three-pronged approach includes improving the security of automation, securing the supply chain network, and building a national program for education and workforce development.

CMU’s CyLab Security and Privacy Institute will help bolster CyManII’s goals of improving the security of the manufacturing industry’s increasingly Internet-connected automation systems—commonly referred to as Industrial Internet of Things (IoT)—as well as helping secure the supply chain network.

CyLab’s vision of creating trust in our technology-laden world aligns well with the mission of improving security in manufacturing.

Lorrie Cranor, Director, CyLab

“CyLab’s vision of creating trust in our technology-laden world aligns well with the mission of improving security in manufacturing,” says Lorrie Cranor, the director of CyLab and a professor in the Institute for Software Research and the department of Engineering and Public Policy. “For over a decade, we have been working to make cybersecurity pervasive, usable, resilient, and economical across all industries.”

Working towards securing manufacturing automation, CyManII will have the ability to leverage the ongoing activities at the state-of-the-art manufacturing research facility at Mill 19, a collaborative innovation space shared by Carnegie Mellon’s Manufacturing Futures Initiative (MFI) and the nonprofit Advanced Robotics for Manufacturing Institute, originally founded at CMU and part of the Manufacturing USA network of institutes along with CyManII.

“The industry-relevant research ecosystem at Mill 19 epitomizes our nation’s ongoing commitment towards global manufacturing leadership,” says Gary Fedder, the faculty director of MFI and a professor in the department of Electrical and Computer Engineering. “Our partnership with CyManII will foster new and important collaborations with their membership that will lead to real impact in securing the manufacturing industry at-large.”

The partnership will also provide an opportunity to leverage CMU’s expertise in education at scale in complex technologies like cybersecurity. For example, CyLab’s picoCTF—an online cybersecurity learning platform and competition—has been used to train people at the professional level. Additionally, the SEI’s Federal Virtual Training Environment (FedVTE) is an online on-demand cybersecurity training system that supports the need to cultivate a skilled cybersecurity workforce.

Finally, CyManII will have the opportunity to leverage CMU’s work in coordinated vulnerability disclosures (CVDs), as newly discovered vulnerabilities in the manufacturing industry will need to be shared with relevant parties in an efficient manner in a way that minimizes harm. For example, the SEI’s CERT Coordination Center recently released an online platform called the Vulnerability Information and Coordination Environment to help scale communications and improve the collaboration between vulnerability reporters, coordinators, and software vendors.

Carnegie Mellon University will serve as one of 59 proposed member institutions of CyManII. The national network of proposed members will work together to drive impact on the biggest challenges in cybersecurity facing the U.S. manufacturing industry.