Research
Current Research Activities
Enabling a Secure and Resilient Energy System with AI-Assisted Programmable NetworksPrincipal Investigators: Matthew Caesar (University of Illinois); Kevin Jin (University of Arkansas) This is a follow-on project to the year one effort "Towards a Secure and Resilient Energy System Cyberinfrastructure Using Software-Defined Networking". The project recognizes that while software-defined-networking reduces network complexity and enables control plane innovation at the speed of software development, it is restricted to the fixed-function data plane. Consequently, attack detection and mitigation are mainly offloaded to the control plane, which operates at significantly lower speeds than the data plane. The new project aims to improve the existing work by enabling real-time and in-network attack detection and mitigation at the data plane, as well as automating the decision-making process using AI techniques to minimize the slow and vulnerable human decisions. The new capabilities will be provided by developing multiple AI-assisted applications using P4, the de- facto data plane programming language one can use to run customized packet processing functions. The unique advantages brought by P4-based solutions include (i) packet-level analysis with extremely high speed to achieve real-time performance, (ii) information extraction from both network protocols and power system applications to expand the type of anomalies that one can detect and auto-correct, and (iii) the solution will require very minimal change to the existing utility network and its operations, and thus enables smooth tech transfer. Our three proposed research tasks include (1) a real-time in-network intrusion detection system (detection), (2) a formal-method-assisted network auto correction (mitigation), and (3) AI-based planning for operation automation (prevention). |
A Cyber Resilient and Secure Energy System Control with Software-Defined Networking (SDN) -based Communication
Principal Investigator: Osama Mohammed (Florida International University) With the increasing integration of distributed energy resources (DERs) into Cyber-physical energy power systems and the heavy reliance on advanced communications, there are critical challenges of less resilience against renewable uncertainties and vulnerability to numerous cyber-attacks such as coordinated attacks. These Challenges could be overcome as this project proposes an advanced control technique hardened by a Software-Defined Networking (SDN) communication architecture. This hybrid scheme provides robust operations in the face of diverse cyber-attacks and physical disturbances. Furthermore, the project will develop an intelligent testbed to implement, test, and validate the proposed solution using reduced-scale power systems, SEL IEDs, and SEL SDN switches. |
Cyber Threat Modeling, Risk Analysis, and Mitigation for Power Grids
|
Protected Semantic Telemetry by Default
Investigators: Alexander Nelson (PI), Chris Farnell (University of Arkansas) The pervasive collection of data across disparate domains has the potential to dramatically improve the trustworthiness and efficacy of critical systems, but the current state of data capture and storage significantly limits the likelihood that data of sufficient quality and quantity are available to decision engines. This project aims to re-imagine the collection of telemetric data through a semantic distributed computing paradigm that grants agents secure access to these data when and where it is needed. We anticipate that this data exchange can improve the security of energy systems infrastructure by enforcing continuous establishment of trust. |
Zero-Knowledge Zero Trust
Investigators: Nikita Borisov (University of Illinois) This project proposes a novel approach to implementing Zero Trust architecture in Operational Technology (OT) environments, addressing the unique challenges posed by devices with limited connectivity and computational capabilities. We introduce two key innovations: (1) using verifiable computing to support flexible authorization policies in low-power devices, and (2) a programmatic approach to authorization checks using universal circuits. We will also address the challenges of authentication and auditing by making use of low-trust authentication adapters and log transparency. |