Team members: Sumeet Jauhar, Xinshu Dong, Binbin Chen
Description: Intelligent electronic devices in a smart grid infrastructure such as relays, remote terminal units (RTU), smart meters, etc are critical to power grid security. By compromising these devices, an attacker can enter the closed loop of power systems and cause severe damages, such as de-stablising power grid operations. Typically these devices have legacy hardware and low computational capabilities. Hence advanced security mechanisms such as adding a trusted platform module (TPM) or complex intrusion monitoring is not feasible. In this work we develop a small security module (less than 2KB in size) which can detect the presence of malware on these remote devices in purely software means. The security module, based on our SWORT (Software-Only Root of Trust) scheme is a promising step towards verifying the integrity of software running on the devices, based on timed response to random challenges that compute the checksum over memory content. In the demo we demonstrate our SWORT approach on a widely deployed RTU sourced from our industrial collaborators. Our experiments show that our solution is 100x faster as compared to known techniques for malware detection with only a millisecond level disruption to the system availability.
Team members: Sreejaya Viswanathan, Yang Li, Rui Tan
Description: Time synchronization is an important aspect of cyber physical systems for reliable sensing, actuation and control. The state of the art techniques (Network Time Protocol , GPS, etc) deployed to achieve time synchronization are vulnerable and susceptible to malicious attacks. We have built a low cost solution that is secure and can ensure reliable time synchronization across multiple devices that belong to the same power grid. The power grid voltage (ENV) is a sinusoidal signal that fluctuates at a nominal 50 or 60 Hz. The universal availability of this grid frequency and its unforgeable nature makes it a reliable and secure clock source. We have prototyped two different versions of the hardware, based on the grid frequency sensing technique. One is a wired version and requires to be plugged onto a power socket and the other is wireless. Our preliminary results indicate that we could achieve very tight synchronization across devices within the same building, with synchronization accuracy in sub milliseconds.
Team members: Prageeth Gunathilaka, Daisuke Mashima, Binbin Chen
Description: SmartPower contains multiple distributed modules, compliant with standards of smart grid communications (IEC 60870 and 61850). Similar to the real world smart grids, remote control commands can be triggered in the Control Centre module of the testbed. Then, a substation gateway translates commands from IEC 60870 to 61850 and vice versa. Thereafter, translated commands will be forwarded to the Intelligent Electronic Devices (IEDs) end-points to handle the physical operations. IEDs are tightly coupled with continuously running power flow components in the PowerWorld simulator. After the execution of control commands, its impact will be quickly evaluated and the new states will be visible via corresponding IEDs. Real-time monitoring tools, alerts and reports would help to assess the impact of critical commands or attacks, and, in the future, evaluate the feasibility of mitigation strategies.
Team members: Yuan Li, Sumeet Jauhar, Binbin Chen, William Temple,Xinshu Dong
Description: CyberSAGE modelling tool processes various heterogeneous pieces of information about a cyber-physical system such as its business processes, network infrastructure, as well as adversary models, and uses such information to argue about the security level of the system. This enables a security analyst / practitioner to make intelligent decisions in order to protect the cyber-physical system which are under constant attacks by adversaries. In this demo, we show how CyberSAGE can be leveraged to model the failures scenarios and impact analyses compiled by the US National Electric Sector Cybersecurity Organization Resource (NESCOR) Technical Working Group. The NESCOR failure scenarios describe specific types of undesirable cyber incidents and their impacts, as well as the vulnerabilities and potential mitigations associated with the failures. We show that with the system topology, workflow, and attacker profiles, and expansion rules we create, CyberSAGE can quantitatively evaluate the system's security level against specific threats described in the NESCOR scenarios. For more details, please go to https://www.illinois.adsc.com.sg/cybersage/.
Team members: Sravana Sristi, Sang-Yoon Chang
Description: We jointly study wireless power transfer and information transfer. However, unlike previous studies that attempt to harvest energy from the ambient RF communication, we treat power transfer as the primary function and build communications on the inductive-coupling-based charging signal. Therefore, we design our work so that the communication is unobtrusive to the power transfer process and can operate simultaneously with the power transfer. In addition, because we modulate data information using the charging signals, our design requires minimal hardware on both transmitter and receiver (bypassing the RF frontend hardware which are typical in wireless networking) and no power consumption on the receiver (that is being charged). In this demo, we present our prototype and also show its communication compatibility to an off-the-shelf radio.