The Department of Energy has awarded the Georgia Tech Research Institute (GTRI) $1.7 million to help detect cyber attacks on our nation’s utility companies.
By partnering with the Georgia Tech School of Electrical and Computer Engineering’s National Electric Energy Testing, Research and Applications Center (NEETRAC) and the Strategic Energy Institute (SEI), GTRI will work together with experts in smart grid technology to develop protocols and tools to detect such attacks.
“Utilities and energy delivery systems are unique in several ways,” said GTRI researcher Seth Walters, one of the principal investigators on the project. “They provide distribution over a large geographic area and are composed of disparate components which must work together as the system’s operating state evolves. Relevant security technologies need to work within the bandwidth limitations of these systems in order to see broad adoption and they need to account for the varying security profiles of the components within these power systems.”
To detect adversarial manipulation of the power grid, the cyber security tool suite will consist of advanced modeling and simulation technologies and a network of advanced security sensors capable of acting to protect the power system in real-time on the basis of this modeling and simulation.
Rather than attempting to identify the source of an attack, the system will evaluate the content of information sent to the power system.
“It is impossible to predict what a clever cyber attacker can devise in the future,” said A.P. “Sakis” Meliopoulos, a Georgia Power Distinguished Professor in the School of Electrical and Computer Engineering (ECE), who is part of the team. “A command to the control and operation infrastructure of the system can be evaluated on the basis of its content and the effect on the power system.”
The system will build on past Georgia Tech research into the monitoring, protection, control and operation of electric power utilities and their automation infrastructure, as well as work on information security. Georgia Tech’s power system control and automation laboratory will be used to develop methods to detect intrusion and malicious commands before the system is field demonstrated in an actual utility environment.
“This project is particularly exciting as it integrates GTRI’s cyber security expertise, with the expertise in grid and electrical power of NEETRAC and ECE,” said SEI Executive Director Tim Lieuwen. “A key piece of our energy strategy is promoting certain signature energy areas where Georgia Tech combines unique breadth and depth into best of class capabilities – the area of electrical power is one of those, and this project further demonstrates Georgia Tech’s commitment to this space.”
The project will consist of three phases, which include research and development, test and validation at Georgia Tech, and technology demonstration at operational utility sites with the assistance of multiple utility company partners.
“GTRI’s expertise in systems engineering and cyber security will be a great advantage for execution on this award,” Walters said. “We also have the singular advantage in being able to collaborate with professors from Georgia Tech. The School of Electrical and Computer Engineering was instrumental in bringing emerging research ideas to the proposal narrative.”
GTRI worked with Meliopoulos, ECE Associate Professor Santiago Grijalva and NEETRAC engineer Carson Day, who are experts in power grid and smart grid technology, and Raheem Beyah, an ECE associate professor and an expert in cyber security.
“My group, the Communications Assurance and Performance [CAP] Group, will work with GTRI researchers to develop, test and deploy a context-aware network-based intrusion detection system [NIDS] ,” Beyah said. “Working with a power grid simulator, the NIDS will have the ability to prevent network packets containing application-layer commands that render the power grid unstable from entering the network.”
A Georgia Power Distinguished Professor and SEI Associate Director, Grijalva will integrate a cyber-power co-simulator where numerous cyber-attack mechanisms can be simulated, including their effects in the physical power infrastructure. He will also develop real-time decision-making algorithms that evaluate the impact of potential cyber-induced power infrastructure malfunction.
“The proposed cybersecurity system is complex, so a disciplined approach to delivering a system of systems which embodies this complexity will be required,” Walters said. “Furthermore, as part of research and development, we will be working to ensure that the tool suite, as conceptualized by the team, remains relevant to current and emerging industry needs.”
Andrew Howard, who heads GTRI’s research on emerging threats and countermeasures, noted that this is a unique part of this proposal. “This proposal isn’t just about the research,” Howard said. “In addition to the extensive modeling and simulation, it’s also about developing a commercialization plan for other utilities to benefit.”