This session will feature three CREDC research activities:
- Attack Resilient GPS timing for PMUs using Multi-Receiver Direct Time Estimation
- Building Hardened Implementations of SCADA/ICS Protocols Using Language-Theoretic Security
- Continuous Security Monitoring Techniques for Energy Delivery Systems
Attack Resilient GPS Timing for PMUs using Multi-Receiver Direct Time Estimation
by Sriramya Bhamidipati, University of Illinois at Urbana-Champaign
Modern power distribution systems are incorporating Phasor Measurement Units (PMUs) to measure the instantaneous voltage and current phasors at different nodes in the power grid. These PMUs depend on GPS for precise time and synchronization. However, GPS civil signals are vulnerable because of its low power and unencrypted signal structure. Therefore, there is a need for the development of attack resilient time transfer techniques to ensure power grid stability. In this talk, we first demonstrate the malicious impact of the jamming and meaconing on PMUs using RTDS testbed.
To counteract these adverse effects, we propose a novel Multi-Receiver Direct Time Estimation (MRDTE) algorithm by utilizing the measurements from multiple GPS receivers driven by a common clock. We ﬁrst implement a novel signal processing technique known as the Direct Time Estimation (DTE) that directly correlates the received GPS signal with the corresponding signal replica for each of the pre-generated set of clock states. The most optimal set of clock candidates is then estimated based on the principle of maximum likelihood estimation. By leveraging upon the known geographical diversity of multiple receiver positions, we employ a joint probabilistic approach to obtain a robust GPS timing at any instant.
We validate the improved robustness of our MRDTE algorithm against external timing attacks through GPS-based ﬁeld experiments. Currently, we are developing a V&V testbed using USRPs, RTDS and PMUs to demonstrate the increased resilience of the power grid by supplying our MRDTE based GPS timing.
Sriramya Bhamidipati is a graduate student under Prof. Grace Gao in the Department of Aerospace Engineering at the University of Illinois at Urbana-Champaign. She received her B.Tech. with honors in Aerospace Engineering and minor in Systems and Controls Engineering from Indian Institute of Technology Bombay, India in 2015. Her research interests include GPS, power and control systems, computer vision and UAVs.
Building Hardened Implementations of SCADA/ICS Protocols Using Language-Theoretic Security
by Prashant Anantharaman, Dartmouth College
Input validation bugs are a common source of zero day vulnerabilities in computing everywhere. Recent security investigation of commercial implementations of the DNP3 protocol have revealed that most of these implementations were vulnerable to malformed payloads due to input validation bugs. Input validation bugs form a significant portion of the CVE reports filed for DNP3 and other SCADA/ICS protocols. In this talk, Prashant will present an assurance methodology for producing significantly more secure implementations of SCADA/ICS protocols. These methodologies were applied to DNP3, in the form of a filtering proxy that deeply and exhaustively validates DNP3 messages. Our implementation demonstrates resilience to state-of-the-art fuzz-testing tools. We believe this methodology will apply to many other EDS, ICS, and computing protocols.
Prashant Anantharaman is a second year graduate student at Dartmouth College working with Dr. Sean Smith and Dr. Sergey Bratus. His current work includes scalable PKI for industrial control systems and consumer-side smart grid and using language-theoretic security to build secure parsers for various SCADA/ICS protocols. Prashant also spent a summer at SRI International working on language-theoretic security in Internet-of-Things. He completed his Bachelors in Engineering in Computer Science and Engineering from College of Engineering Guindy, India in 2015.
Continuous Security Monitoring Techniques for Energy Delivery Systems
by Adam Hahn, Washington State University
This presentation will discuss the CREDC project exploring various continuous security monitoring techniques being developed at Washington State University. It will demonstrate tools to enable the collection of security data from EDS devices and software platforms, along with software platforms to collect and analyze this data. It will demonstrate the proposed technologies against simulated attacks implemented against the Smart City Testbed at WSU.
Adam Hahn is currently an assistant professor in the Department of Electrical Engineering and Computer Science at Washington State University. His research interests include cybersecurity of the smart grid and cyber-physical systems (CPS), including intrusion detection, risk modeling, vulnerability assessment, and secure system architectures. He received M.S. and Ph.D. degrees from the Department of Electrical and Computer Engineering at Iowa State University in 2006 and 2013. Previously, he worked as a Senior Information Security Engineer at the MITRE Corporation, supporting numerous cybersecurity assessments within the federal government and leading research projects in CPS security.