A real-time testbed environment for cyber-physical security on the power grid

Georgia Koutsandria, Reinhard Gentz, Mahdi Jamei, Anna Scaglione, Sean Peisert, Chuck McParland

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)

Abstract

The trustworthiness and security of cyber-physical systems (CPSs), such as the power grid, are of paramount importance to ensure their safe operation, performance, and economic efficiency. The aim of many cyber-physical security techniques, such as network intrusion detection systems (NIDSs) for CPSs, is to ensure continuous reliable operation even in exposed network environments. But the validation of such methods goes well beyond standard network analysis, since meaningful tests must also integrate realistic understanding of the physical systems behavior and response to the network activity. Our goal in this paper is to showcase an example of a testbed environment that can support such validation. In it, real network traffic, emulating and industrial control network, interacts with simulated physical models in real-time, extending and leveraging "hardware-inthe-loop" and "cyber-in-the-loop" capabilities. The testbed is a bridge between theory and practice and offers a number of features, including network communications, data management, as well as the virtualization of cyber-physical state analytics performed by the NIDS. The traffic is captured by real network taps and is forwarded to a real data management environment, receiving also the data reports from the simulated industrial control environment. To illustrate the capabilities of our testbed we show how the data are cross-checked by a "physics aware" NIDS, identifying network traffic that does not comply with its cyber-physical security rules.

Original languageEnglish (US)
Title of host publicationCPS-SPC 2015 - Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, co-located with CCS 2015
PublisherAssociation for Computing Machinery, Inc
Pages67-78
Number of pages12
ISBN (Print)9781450338271
DOIs
StatePublished - Oct 16 2015
Event1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, CPS-SPC 2015 - Denver, United States
Duration: Oct 16 2015 → …

Other

Other1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, CPS-SPC 2015
CountryUnited States
CityDenver
Period10/16/15 → …

Fingerprint

Intrusion detection
Testbeds
Information management
Electric network analysis
Telecommunication networks
Physics
Hardware
Economics
Cyber Physical System

Keywords

  • Cyber-physical security
  • Cyber-physical systems
  • Intrusion detection systems
  • Power grid
  • Testbed

ASJC Scopus subject areas

  • Computer Science Applications
  • Software

Cite this

Koutsandria, G., Gentz, R., Jamei, M., Scaglione, A., Peisert, S., & McParland, C. (2015). A real-time testbed environment for cyber-physical security on the power grid. In CPS-SPC 2015 - Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, co-located with CCS 2015 (pp. 67-78). Association for Computing Machinery, Inc. https://doi.org/10.1145/2808705.2808707

A real-time testbed environment for cyber-physical security on the power grid. / Koutsandria, Georgia; Gentz, Reinhard; Jamei, Mahdi; Scaglione, Anna; Peisert, Sean; McParland, Chuck.

CPS-SPC 2015 - Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, co-located with CCS 2015. Association for Computing Machinery, Inc, 2015. p. 67-78.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Koutsandria, G, Gentz, R, Jamei, M, Scaglione, A, Peisert, S & McParland, C 2015, A real-time testbed environment for cyber-physical security on the power grid. in CPS-SPC 2015 - Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, co-located with CCS 2015. Association for Computing Machinery, Inc, pp. 67-78, 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, CPS-SPC 2015, Denver, United States, 10/16/15. https://doi.org/10.1145/2808705.2808707
Koutsandria G, Gentz R, Jamei M, Scaglione A, Peisert S, McParland C. A real-time testbed environment for cyber-physical security on the power grid. In CPS-SPC 2015 - Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, co-located with CCS 2015. Association for Computing Machinery, Inc. 2015. p. 67-78 https://doi.org/10.1145/2808705.2808707
Koutsandria, Georgia ; Gentz, Reinhard ; Jamei, Mahdi ; Scaglione, Anna ; Peisert, Sean ; McParland, Chuck. / A real-time testbed environment for cyber-physical security on the power grid. CPS-SPC 2015 - Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, co-located with CCS 2015. Association for Computing Machinery, Inc, 2015. pp. 67-78
@inproceedings{9f5a180a2085469bad16c5835b0e1dea,
title = "A real-time testbed environment for cyber-physical security on the power grid",
abstract = "The trustworthiness and security of cyber-physical systems (CPSs), such as the power grid, are of paramount importance to ensure their safe operation, performance, and economic efficiency. The aim of many cyber-physical security techniques, such as network intrusion detection systems (NIDSs) for CPSs, is to ensure continuous reliable operation even in exposed network environments. But the validation of such methods goes well beyond standard network analysis, since meaningful tests must also integrate realistic understanding of the physical systems behavior and response to the network activity. Our goal in this paper is to showcase an example of a testbed environment that can support such validation. In it, real network traffic, emulating and industrial control network, interacts with simulated physical models in real-time, extending and leveraging {"}hardware-inthe-loop{"} and {"}cyber-in-the-loop{"} capabilities. The testbed is a bridge between theory and practice and offers a number of features, including network communications, data management, as well as the virtualization of cyber-physical state analytics performed by the NIDS. The traffic is captured by real network taps and is forwarded to a real data management environment, receiving also the data reports from the simulated industrial control environment. To illustrate the capabilities of our testbed we show how the data are cross-checked by a {"}physics aware{"} NIDS, identifying network traffic that does not comply with its cyber-physical security rules.",
keywords = "Cyber-physical security, Cyber-physical systems, Intrusion detection systems, Power grid, Testbed",
author = "Georgia Koutsandria and Reinhard Gentz and Mahdi Jamei and Anna Scaglione and Sean Peisert and Chuck McParland",
year = "2015",
month = "10",
day = "16",
doi = "10.1145/2808705.2808707",
language = "English (US)",
isbn = "9781450338271",
pages = "67--78",
booktitle = "CPS-SPC 2015 - Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, co-located with CCS 2015",
publisher = "Association for Computing Machinery, Inc",

}

TY - GEN

T1 - A real-time testbed environment for cyber-physical security on the power grid

AU - Koutsandria, Georgia

AU - Gentz, Reinhard

AU - Jamei, Mahdi

AU - Scaglione, Anna

AU - Peisert, Sean

AU - McParland, Chuck

PY - 2015/10/16

Y1 - 2015/10/16

N2 - The trustworthiness and security of cyber-physical systems (CPSs), such as the power grid, are of paramount importance to ensure their safe operation, performance, and economic efficiency. The aim of many cyber-physical security techniques, such as network intrusion detection systems (NIDSs) for CPSs, is to ensure continuous reliable operation even in exposed network environments. But the validation of such methods goes well beyond standard network analysis, since meaningful tests must also integrate realistic understanding of the physical systems behavior and response to the network activity. Our goal in this paper is to showcase an example of a testbed environment that can support such validation. In it, real network traffic, emulating and industrial control network, interacts with simulated physical models in real-time, extending and leveraging "hardware-inthe-loop" and "cyber-in-the-loop" capabilities. The testbed is a bridge between theory and practice and offers a number of features, including network communications, data management, as well as the virtualization of cyber-physical state analytics performed by the NIDS. The traffic is captured by real network taps and is forwarded to a real data management environment, receiving also the data reports from the simulated industrial control environment. To illustrate the capabilities of our testbed we show how the data are cross-checked by a "physics aware" NIDS, identifying network traffic that does not comply with its cyber-physical security rules.

AB - The trustworthiness and security of cyber-physical systems (CPSs), such as the power grid, are of paramount importance to ensure their safe operation, performance, and economic efficiency. The aim of many cyber-physical security techniques, such as network intrusion detection systems (NIDSs) for CPSs, is to ensure continuous reliable operation even in exposed network environments. But the validation of such methods goes well beyond standard network analysis, since meaningful tests must also integrate realistic understanding of the physical systems behavior and response to the network activity. Our goal in this paper is to showcase an example of a testbed environment that can support such validation. In it, real network traffic, emulating and industrial control network, interacts with simulated physical models in real-time, extending and leveraging "hardware-inthe-loop" and "cyber-in-the-loop" capabilities. The testbed is a bridge between theory and practice and offers a number of features, including network communications, data management, as well as the virtualization of cyber-physical state analytics performed by the NIDS. The traffic is captured by real network taps and is forwarded to a real data management environment, receiving also the data reports from the simulated industrial control environment. To illustrate the capabilities of our testbed we show how the data are cross-checked by a "physics aware" NIDS, identifying network traffic that does not comply with its cyber-physical security rules.

KW - Cyber-physical security

KW - Cyber-physical systems

KW - Intrusion detection systems

KW - Power grid

KW - Testbed

UR - http://www.scopus.com/inward/record.url?scp=84964893547&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84964893547&partnerID=8YFLogxK

U2 - 10.1145/2808705.2808707

DO - 10.1145/2808705.2808707

M3 - Conference contribution

AN - SCOPUS:84964893547

SN - 9781450338271

SP - 67

EP - 78

BT - CPS-SPC 2015 - Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or Privacy, co-located with CCS 2015

PB - Association for Computing Machinery, Inc

ER -