Collaborative Research: SaTC: CORE: Small: Enabling Programmable In-Network Security for an Attack-Resilient Smart Grid

协作研究：SaTC：核心：小型：为抵御攻击的智能电网实现可编程网内安全

• 批准号: 2247722
• 负责人: Hui Lin
• 金额: $ 28万
• 依托单位: University of Rhode Island
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-06-01 至 2026-05-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2247722&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Small

Modern energy systems are increasingly adopting Internet technology to boost efficiency, which opens new security frontiers. On the one hand, the underlying network infrastructure used by existing power grids significantly limits the performance of current security measures. On the other hand, Internet companies are undergoing a foundational change in their network infrastructure, mainly driven by deploying advanced programmable network architectures. This project aims to create and quantify programmable in-network security measures for an attack-resilient power grid. Achieving this objective involves integrating the advancement of data-plane programmability into energy system cyber infrastructure, and based on this, further exploring numerous applications across attack detection, mitigation, and prevention to secure today’s energy systems. The outcomes of the project will have significant impacts on industrial practice through the suitable adoption of the proposed programmable cyber-infrastructure to realize a defense-in-depth approach for future energy systems. The work will also train students and workforce with cutting-edge and cross-disciplinary knowledge in power systems, networking, and cyber-security. The project aims to build the next-generation programmable cyber-infrastructure for energy system protection with three research thrusts: (i) an in-network cyber-attack detection system with high-speed and customizable packet inspection; (ii) a self-healing system that automatically restores network connectivity and recovers corrupted measurements by considering characteristics from both communication networks and physical devices; and (iii) an in-network traffic scheduler that disrupts attack reconnaissance while maintaining quality-of-service requirements. The impact of the proposed research will lay a scientific foundation for system design through the development of models, algorithms, and tools that incorporate both cyber and physical system properties.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

现代能源系统越来越多地采用互联网技术来提高效率，这开辟了新的安全领域。一方面，现有电网使用的底层网络基础设施大大限制了当前安全措施的性能。另一方面，互联网公司的网络基础设施正在发生根本性的变化，主要是由部署先进的可编程网络架构驱动的。该项目旨在为攻击弹性电网创建和量化可编程的网内安全措施。实现这一目标需要将数据平面可编程性的进步集成到能源系统网络基础设施中，并在此基础上进一步探索攻击检测、缓解和预防的众多应用，以保护当今的能源系统。该项目的成果将通过适当采用拟议的可编程网络基础设施对工业实践产生重大影响，以实现未来能源系统的深度防御方法。这项工作还将培养学生和劳动力，使他们掌握电力系统、网络和网络安全方面的尖端和跨学科知识。 该项目旨在为能源系统保护建立下一代可编程网络基础设施，有三个研究重点：（i）具有高速和可定制的数据包检查的网络内网络攻击检测系统;（ii）通过考虑通信网络和物理设备的特性，自动恢复网络连接和恢复损坏的测量值的自我修复系统;（iii）自动恢复网络连接的系统。以及（iii）在维持服务质量要求的同时中断攻击侦察的网络内流量调度器。该研究的影响将通过开发模型、算法和工具为系统设计奠定科学基础，这些模型、算法和工具将网络和物理系统属性结合起来。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。