Trustworthy Cyber Infrastructure for the Power Grid Presentations Focus Area: Communication and Control Protocols Presented by Klara Nahrstedt University of Illinois • Dartmouth College • Cornell University • Washington State University Personnel • Senior PIs/Personnel • Current Students/Other Personnel – David Bakken (WSU) – Dave Anderson (WSU) – Anjan Bose (WSU) – Rasika Chakravarthy (WSU) – Carl Hauser (WSU) – Tamal Das (UIUC) – Himanshu Khurana (UIUC) – Terry Fleury (UIUC) – Klara Nahrstedt (UIUC) Kl N h t dt (UIUC) – L Loren Hoffman (WSU) H ff (WSU) – William Sanders (UIUC) – Shrut Kirti (Cornell) – Anna Scaglionne (Cornell) – Jim Kusznir (WSU) – Robert Thomas (Cornell) – Adam Lee (UIUC) – Zhifang Wang (Cornell) – Chris Masone (Dartmouth) – Von Welch (UIUC) – Kazuhiro Minami (UIUC) – Marianne Winslett (UIUC) – Sunil Muthuswamy (WSU) • Student Alumni – Hoang Nguyen (UIUC) – Harald Gjermundrod (PhD '06) j ( ) – Raol Rivas (UIUC) ( ) – Ioanna Dionysiou (PhD '06) – Ravi Sathyam (UIUC) – Venkata Irava (PhD '06) – Nathan Schubkegel (WSU) – Joel Helkey (MS '07) – Erik Solum (WSU) Yang Tao (WSU) – Stian Abelsen (MS '07) – Saman Aliari Zonouz (UIUC) – Erlend Viddal (MS '07) University of Illinois • Dartmouth College • Cornell University • Washington State University University of Illinois Dartmouth College Cornell University Washington State University 1
Trustworthy Cyber Infrastructure for the Power Grid Presentations Problem Space Refined Protocol/Service Trend/Premise: Challenges: Next Generation Power Grid • End-to-end key management Infrastructures will deploy COTS • End-to-end authentication, access , Computing and Communication Computing and Communication control and trust negotiation components for their process control • End-to-end real-time/QoS SCADA cyber-infrastructure guarantees • Provision of real-time and reliable Needs: monitoring, detection, alert, containment and recovery solutions in Cyber-infrastructure for PowerGrid case of perturbations, vulnerabilities needs holistic end-to-end protocol and attacks and service solutions with respect to performance and trust issues University of Illinois • Dartmouth College • Cornell University • Washington State University Vision: End-to-End Trust Provisioning for Power Grid Monitoring and Control Coordinator ISO Level Control Center Ethernet / IP-Network Backup (Secure, Real-time, Level Monitored) Ethernet / IP-Network (Secure, Real-time, Monitored) “Smart” Data Gateway/Hub Network Private IP-Based Level Network (Secure, Real-time, Private IP-Based Private IP-Based Monitored) Network Network (Secure, Real-time, (Secure, Real-time, Monitored) Monitored) “Smart” Gateway/Hub IED IED IED DFR Local HMI Substation Level Ethernet / IP-Network (Secure, Real-time, Monitored) IED IED IED IED Sensor/Actuator Level University of Illinois • Dartmouth College • Cornell University • Washington State University University of Illinois Dartmouth College Cornell University Washington State University 2
Trustworthy Cyber Infrastructure for the Power Grid Presentations Threat Modeling • Problem: Assess cyber threats • Example Cyber Attacks to Power Grid to – Aid in defining the scope of security problems – Allow for assessment of efficacy of security solutions of security solutions Attack Vulnerability Damage – Enable development of a taxonomy Name/ Action Target Vulnerability State Perf. Severity Origin Effect Effect Data Flood Network Specification Avail. Precision Medium • Approach: Develop modeling Storm/ Local framework Slamm- Copy Process Implementation Integrity Accuracy Low – Emphasize vulnerabilities and er / Remote potential damage XA21/ Terminate Process Implementation Integrity Timeliness Medium Local – Survey known attacks to build and populate framework and populate framework NMAP Probe, Network Specification Conf. None Low S Scan/ / S Scan Remote TCP Terminate Network Specification Avail. Timeliness High • Results Reset/ Remote – Attack-Vulnerability-Damage framework – Surveyed >50 known attacks University of Illinois • Dartmouth College • Cornell University • Washington State University End-to-End Trust Provisioning for Power Grid Monitoring and Control Coordinator ISO Level Control Center Ethernet / IP-Network (Secure, Real-time, Level Monitored) Ethernet / IP-Network (1) End-to-End Key (Secure, Real-time, Monitored) Management Management “Smart” Data Network Gateway/Hub (2) Authorization, Level Private IP-Based Authentication Network (Secure, Real-time, And Access Control Private IP-Based Monitored) Network (AAA) (Secure, Real-time, Monitored) (3) Secure and Real-Time Transmission “Smart” Gateway/Hub (4) Vulnerabilities/Attacks IED IED IED Monitoring, Detection, DFR Containment, Recovery Local HMI Substation Level Ethernet / IP-Network (Secure, Real-time, Monitored) IED IED IED IED Sensor/Actuator Level University of Illinois • Dartmouth College • Cornell University • Washington State University University of Illinois Dartmouth College Cornell University Washington State University 3
Trustworthy Cyber Infrastructure for the Power Grid Presentations Protocol/Service Functions Control & Data Plane Setup Plane Management Plane Power Grid SCADA Application Application Application Data Generation, Processing Setup Control & Man. And Communication Key Man. . Real-Time Public Key and Re-keying Encryption/ Symmetric Key Protocols Decryption Setup AAA Trust Negotiation & Authorization Per-Packet Authentication & Authentication & Access Control Access Control RT Man. QoS Setup QoS Management/ Real-time Delivery/Scheduling Admission Topology Man./ Control Monitoring/ Adaptation Attack Man. Vulnerabilities/Attack Analysis, Monitoring, Detection, Containment and Recovery University of Illinois • Dartmouth College • Cornell University • Washington State University (1) End-to-End Key Management DomainCert: Control Center • Trust Establishment Engineering SCADA • Certificate Entry/Deletion Division Other • Certificate Usage Divisions DNSSEC SMOCK: • Combinatorial Key Management For Resource Constraint/Legacy Devices DomainCert: DomainCert • Resilient to Compromised Nodes/ • Certificate access Sybil Attack • Certificate usage Gateway Gateway DNSSEC Cache C h A. SMOCK Wireless B. DomainCert Substation Substation New IED Legacy Devices IED Devices University of Illinois • Dartmouth College • Cornell University • Washington State University University of Illinois Dartmouth College Cornell University Washington State University 4
Recommend
More recommend