Research

Current Research Activities

Enabling a Secure and Resilient Energy System with AI-Assisted Programmable Networks

Principal Investigators: Matthew Caesar (University of Illinois); Kevin Jin (University of Arkansas)
Executive summary: Link to .pdf

This is a follow-on project to the year one effort "Towards a Secure and Resilient Energy System Cyberinfrastructure Using Software-Defined Networking".  The project recognizes that while software-defined-networking reduces network complexity and enables control plane innovation at the speed of software development, it is restricted to the fixed-function data plane. Consequently, attack detection and mitigation are mainly offloaded to the control plane, which operates at significantly lower speeds than the data plane. The new project aims to improve the existing work by enabling real-time and in-network attack detection and mitigation at the data plane, as well as automating the decision-making process using AI techniques to minimize the slow and vulnerable human decisions.   The new capabilities will be provided by developing multiple AI-assisted applications using P4, the de- facto data plane programming language one can use to run customized packet processing functions. The unique advantages brought by P4-based solutions include (i) packet-level analysis with extremely high speed to achieve real-time performance, (ii) information extraction from both network protocols and power system applications to expand the type of anomalies that one can detect and auto-correct, and (iii) the solution will require very minimal change to the existing utility network and its operations, and thus enables smooth tech transfer. Our three proposed research tasks include (1) a real-time in-network intrusion detection system (detection), (2) a formal-method-assisted network auto correction (mitigation), and (3) AI-based planning for operation automation (prevention). 

Application of DPU Accelerators to Process Layer Security

Principal Investigators: David Nicol & Deming Chen (University of Illinois)
Executive summary: Link to .pdf

We address the observation that the kind of computation and trust protocols one might use to provide integrity and defense against malware attacks on an energy system can be computationally expensive, consume more network resources, and may tax the capability of the OT system to support them and fully provide its functional services.  Another challenge is that the mechanisms that provide the computational backbone for trust management may be itself attacked. These limitations may be offset by hardware-based acceleration, e.g., using NVidia’s Bluefield DPU. The key thing is that a DPU provides separation and performance. The code which provides the services offered by a DPU are inaccessible to the software on the same host which uses those services. A DPU can be used to provide a root of trust upon which logic can be built to enable certain security functions. This project will consider how RTUs, IEDs, and controllers equipped with hardware-based accelerators (such as DPUs from NVidia) might be utilized to increase the integrity and resilience of the process layer of energy systems. It also considers how separate “Trust Servers” based on such accelerators might be used without changing the hardware of OT-specific devices. The project will explore applications and recommend solutions with promise of deeper exploration through implementation and testing. 

In-Application Attack Surface Management in Distributed Energy Systems

Principal Investigators: Amin Kharraz & Selcuk Uluagac (Florida International University)
Executive summary: Link to .pdf

We explore the idea of embedding monitoring agents within applications and study their run-time behavior when interacting with software systems without introducing any human intervention in the loop, changing the underlying logic of web applications, or modifying the service functionality. The approach shifts the entire defense mechanism on the background without involving end-user in the process while incorporating more robust techniques against randomness and behavior perturbation; it quickly predicts when the behavior of remote agents diverges from the expected behaviors while interacting with web services. The research challenges include developing an efficient forensics layer that is agnostic to underlying technologies in software systems while collecting all the forensically relevant information for building the behavioral prediction models and perform intent inferencing in a real-time fashion. 

Framework for Trustworthy Lifecycle Modeling of Cyber Physical Systems using Formal Methods

Principal Investigators: Ruimin Sun & Xueping Liang (Florida International University)
Executive summary: Link to .pdf

We study security concerns for a Programmable Logic Controller (PLC). It recognizes that a significant factor that leads to compromised computer systems is design and implementation flaws in the software components, and the ways they are connected to create a system. Existing work in software fault detection face challenges in ad-hoc approaches and domain-specific requirements. This project aims to identify and detect security flaws in PLC software throughout the lifecycle of development. It designs a framework that enables security property generation, automatic property verification (flaw detection), run-time data injection attack detection, and trustworthy maintenance in a decentralized network. Each of a PLC's four life-cycle stages (specification generation, development, runtime testing, and maintenance) are considered separately, addressing stage-specific challenges with stage-specific solutions.

 

Towards a Secure and Resilient Energy System Cyberinfrastructure Using Software-Defined Networking

Principal Investigators: Matthew Caesar (University of Illinois); Kevin Jin (University of Arkansas)
Executive summary: Link to .pdf

Software Defined Networking (SDN) is a technology with its roots in managing large enterprise data centers but has started to be considered for applications in operational technology networks. SDN enables (1) situational awareness of the entire grid with global visibility, (2) timely response to cyber-attacks through network direct programmability and traffic management, and (3) fine-grained analysis with rich information from both the communication network and the power system applications. The project will address the Zero-Trust Networking Needs Assessment through design of network segmentation, continuous monitoring and verification, and self-healing network architecture to enable resilient traffic delivery. It addresses the Energy System Protection Needs Assessment by exploring multiple SDN-aware applications targeting cyber- attack detection, mitigation, and prevention.  The research will include analysis of defense effectiveness against attacks, and will demonstrate how to dynamically construct the network to isolate compromised devices and optimally reroute traffic to mitigate the attacks.

Secure and Resilient Renewable Energy Integration with Real-Time Machine Learning

Principal Investigator: Jingxian Wu (University of Arkansas)
Executive summary: Link to .pdf

This project considers challenges faced by power grids that have significant components of renewal energy generation.   The meshing of renewal generation with transmission and distribution components induces complex problems of control and communication, which increases the potential for failures caused by system complexity, and/or direct cyber-intrusion.  This project considers the use of Real Time Machine Learning (RTML) algorithms that both learn and make decisions while the system is operating.  RTML will be used to design situation-aware scheduling algorithms that adaptively coordinate power generation, storage, and distribution among a large number of distributed energy sources, based on grid conditions.   RTML will also be used to develop low latency intrusion detection algorithms, which are unique in their emphasis demanding low-enough latency to be used operationally in the power grid, optimizing detection subject to the latency constraint. This enables remedial actions and/or counter measures can be taken in a timely manner to significantly reduce the damages and economic losses caused by cyberattacks. 

Distributed Edge Computing for Secure and Interoperable Energy Cyber-Physical Systems

Principal Investigators: Osama Mohammed (Florida International University)
Executive summary: Link to .pdf

This project observes that edge computing using IOT and clouds will inevitably penetrate energy systems significantly, and that that penetration brings with it a number of cyber-related challenges. Energy systems must be managed in real-time, and the latency of communication between them and external cloud infrastructure is an impediment.  The information passed to affect the management has to be kept private, secure, and support the interoperability of a wide range of information sources and consumers.   The key idea of this project is to consider a different architecture for integrating edge computing.  In this architecture the cloud technology is brought geographically closer to the energy system and is made resilient by distribution among several smaller computing sites. Devices that make measurements are given FPGA-endowed computing capability to off-load computation and communication from the computing core, and all of this is supported by a communication infrastructure that is sparse and is specifically engineered to support real-time communication among the grid and distributed computing elements. This project uses sophisticated emulation and simulation capabilities to evaluate designs, as well as study of prototypes on a testbed.

GRIDSHIELD: Detecting Patient Zero Threats in Distributed Energy Ecosystem

Principal Investigator: Amin Kharraz (Florida International University)
Executive summary: Link to .pdf

This project proposes a machine-learning enabled layer, GRIDSHIELD, to learn the intricacies of grid operations automatically, and use this knowledge to detect anomalies that can be the evidence of intrusions or as-yet-undetected compromises of devices in the grid control system.  The project's key contributions are in (i) development of a run-time forensics engine for distributed energy systems, (ii) development of data structures and techniques for gathering, cataloging, learning from, and analyzing spatial-temporal observations from the grid, in real-time, (iii) assessment of behavioral intents of the connected devices, predicted divergence from expected behavior, and generation of  automated responses, and (iv) case studies which illuminate these ideas.

Cyber-Physical Multi-factor Authentication for Autonomous Edge Security in Energy Systems

Investigators: Jennifer Bernhard, Yih-Chun Hu, and Heather Filippini (University of Illinois)
Executive summary: Link to .pdf

As energy systems increase their reliance on edge devices, they increase their dependency on the data those devices provide and increase their vulnerability to malicious manipulation of the data these devices report, and indeed, in the authenticity of the devices themselves.   Many cryptographically based protection and authentication schemes are known, but are susceptible to the cryptographic keys being stolen, and/or the infrastructure for managing the cryptographic elements being compromised.   This project proposes to develop and demonstrate an autonomous multi-factor authentication system that would be implemented at the edges of the energy infrastructure. This system will leverage emerging next-generation wireless system speed, multiple frequency bands, low latency, and a range of in-location conditions to generate keys. Such a system may provide hardware, software, and algorithmic layers of security that can reduce risk, by keeping pathways for authentication of commands separate from the communication network that delivered them while also posing significant technology-related coordination barriers to entry for would-be bad actors.

Research Themes

The fundamental idea behind zero-trust networking is to push provenance, authentication, integrity, and policy checking to edge devices in the network. In a zero-trust network compromised network devices might impede legitimate traffic, but edge devices are not fooled by corrupted traffic. Design and installation of zero-trust technology introduces significant added complexity to security management on edge devices. A real challenge is understanding if and how zero-trust networking can be effectively deployed in energy system OT networks.

The classic Purdue model for OT systems defines system layers Enterprise, DMZ, Operational and Control, Process, and, Physical, conceptualized as a “North-South.” A layer is often treated as a single security zone, with security policies (like Biba) imposed between them. The problem is that better trust management is required within a layer, e.g., between RTUs within the Process layer. The challenge problem is to understand how to introduce so-called ‘East-West’ management of security.

A significant factor that leads to compromised computer systems is design and implementation flaws in the software components. Security must be “baked” in, and part of that involves the methodologies and testing that are used in the development of that software. The needs extend throughout the software’s entire lifecycle (requirements, planning, design,
development, testing, deployment, maintenance).

New devices, applications, and systems designed to improve security are often envisioned without considering the dependence that the security they provide has on the security of the new entity itself. For example, introduction of PKI within an OT network necessitates introduction of a certificate server, which, if compromised or inaccessible, inhibits the security apparatus that depends on the PKI. The challenge is to identify techniques, methodologies, and/or analyses that help one to identify, consider, or forestall the risks attendant with introduction of that technology.

Advancing software and hardware technologies for protecting energy systems from cyber malfeasance. Examples include:
• intrusion detection tailored to energy systems
• technologies for describing and analyzing cyber attacks and defenses in energy systems
• hardware support for device identification
• decision aids for application of security controls in energy systems
• security for energy system micro-electronics
• evaluation of access-control devices against formalized security policies typical in energy systems
• many others that are focused on protection in energy systems.

Society is on the cusp of a new energy ecosystem, driven by requirements for efficiency and decarbonization as well as advances in energy sources, electric transportation, and market models. Realizing this vision will require a secure digital infrastructure for secure interoperability, trust relations among multiple stakeholder communities, secure and verifiable transactions, integration of non-conventional generation at multiple grid scales, and secure cloud operations.