• Determining Security Threats Through Information Flow Analysis
  • Future Renewable Electric Energy Delivery and Management (FREEDM) Systems Center
  • Secure Algorithms for Cyber-Physical Systems

Determining Security Threats Through Information Flow Analysis


Determining Security Threats Through Information Flow Analysis

Dr. Bruce Mcmillin Project 1

 Security needs to move beyond the Fortress Mentality of
                                                                                           Firewalls
                                                                                      


INVESTIGATORS
Bruce McMillin (PI)

 

FUNDING SOURCE
National Institute of Standards and Technology

 
PROJECT DESCRIPTION
Providing Cyber-Physical System (CPS) security goes beyond traditional IT/enterprise cybersecurity and beyond purely physical security to combine both into Cyber-Physical Security. In CPSs, threats can arise through both the cyber and physical aspects, in combination. Moreover, in a CPS, ideas of high and low and inside and outside no longer represent modern systems; security domains can overlap.   This proposal extends work in information flow analysis to detect the possibility of confidentiality leakages and integrity attacks, develop tools for assessment, and provide design parameters for reducing risk among security partitions of a CPS. The proposed work will be measured against developed use cases from NIST and the Smart Grid Interoperability Panel.

 

PUBLICATIONS

  1. Modeling and reasoning about the security of drive-by-wire automobile systems,” Gerry Howser and Bruce McMillin, International Journal of Critical Infrastructure Protection, Elsevier 2012, DOI: 10.1016/j.ijcip.2012.09.001.
  2. Mitigating Event Confidentiality Violations in Smart Grids: An Information Flow Security-based Approach,” Thoshitha Gamage, Thomas Roth, Bruce McMillin and Mariesa Crow, IEEE Transactions on Smart Grid, Vol. 4, No. 3, September 2013, pp. 1227-1234, DOI:10.1109/TSG.2013.2243924
  3. Information Flow Quantification Framework for Cyber Physical System with Constrained Resources," Li Feng; McMillin, B., in Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual , vol.2, no., pp.50-59, 1-5 July 2015,
    10.1109/COMPSAC.2015.92
  4. Quantification of Information Flow in a Smart Grid,” Li Feng and Bruce McMillin, Computer Software and Applications Conference Workshops (COMPSACW), 2014 IEEE 38th International, 21-25 July 2014, pp.140-145,10.1109/COMPSACW.2014.27.
  5. A Modal Model of Stuxnet Attacks on Cyber-physical Systems: A Matter of Trust,” Gerald Howser and Bruce McMillin, Software Security and Reliability, 2014 Eighth International Conference on, June 30 2014-July 2 2014, pp.225-234, 
    10.1109/SERE.2014.36.

Future Renewable Electric Energy Delivery and Management (FREEDM) Systems Center


Future Renewable Electric Energy Delivery and Management (FREEDM) Systems Center

Dr. Bruce Mcmillin Project 2                                                                                                   Peer-to-Peer Managed Microgrid

INVESTIGATORS
Bruce McMillin (PI), Mariesa Crow, Jonathan Kimball, Mehdi Ferdowsi (co-PIs)


PROJECT DESCRIPTION
The mission of the ERC for FREEDM Systems is to develop the fundamental and enabling technology to foster a revolution in innovation and technology in the electric power and renewable energy industries. For intellectual merit the work has yielded numerous publications, in advancing distributed energy management, system modeling, and security (a selected list is [20],[28],[62]–[68]) and has advanced the electric smart grid effort significantly past its current state. Extensive broader impacts include outreach to industry, consortia, and K-12 science and undergraduate and under-represented group mentoring. Specifically, FREEDM has contributed to the Smart Grid Interoperability Panel and the National Institute of Standards and Technology Cyber-Physical Systems Public Working Group (2014-) and NISTiR 7628, Security and Privacy for the Smart Grid.  In particular, the FREEDM project's outreach makes distributed energy management and the advanced smart grid understandable by the general population.


PUBLICATIONS

  1. "Towards formal verification of smart grid distributed intelligence: FREEDM case," Patil, Sandeep; Zhabelova, Gulnara; Vyatkin, Valeriy; McMillin, Bruce, in Industrial Electronics Society, IECON 2015 - 41st Annual Conference of the IEEE , vol., no., pp.003974-003979, 9-12 Nov. 2015, 10.1109/IECON.2015.7392719
  2. Implementation of FREEDM Smart Grid distributed load balancing using IEC 61499 Function Blocks,” Sandeep Patil, Valeriy Vyatkin, Bruce McMillin, Proceedings of the 39th Annual Conference of the IEEE Industrial Electronics Society, Vienna, Austria, Industrial Electronics Society, pp.8154-8159, 10-13 Nov. 2013,10.1109/IECON.2013.6700497.
  3. The Effects of Network Link Unreliability For Leader Election Algorithm in a Smart Grid System,” Stephen Jackson and Bruce McMillin, Seventh CRITIS Conference on Critical Information Infrastructures Security, Springer, LNCS 7722, Hämmerli, Bernhard; Kalstad Svendsen, Nils; Lopez, Javier (Eds.), Lillehammer, Norway, September 17-18, 2012, pp. 59-70, 10.1007/978-3-642-41485-5_6
  4. "Distributed Grid Intelligence for future microgrid with renewable sources and storage," Fanjun Meng; Akella, R.; Crow, M.L.; McMillin, B.; North American Power Symposium (NAPS), 2010 , 26-28 Sept. 2010, 10.1109/NAPS.2010.5618963.
  5. Distributed Power Balancing for the FREEDM System,” Ravi C Akella, Derek Ditch, Fanjun Meng, Bruce McMillin, and Mariesa Crow, The 1st Smart Grid Computing Conference, Gaithersburg, MD, Oct 3-6, 2010, pp. 7 1210.1109/SMARTGRID.2010.5622003.

Secure Algorithms for Cyber-Physical Systems


Secure Algorithms for Cyber-Physical Systems

Dr. Bruce McMillin Project 3

INVESTIGATORS
Jonathan Kimball (PI), Bruce McMillin (co-PI)


FUNDING SOURCE
NSF


PROJECT DESCRIPTION
The objective of this proposal is to formulate a novel methodology for creating secure algorithms in cyber-physical systems and to develop metrics for evaluating the security of composed systems. Cyber-physical systems are composed of interconnected, semi-autonomous devices. The inherently open nature of a CPS implies a susceptibility to attacks that differ fundamentally from conventional cyber-attacks. CPS-specific attack vectors exist as purely cyber, cyber-enabled physical attacks, and physically enabled cyber-attacks. As such, the endpoints may be fundamentally unsecurable (such as the sensed information from physical resources) or may be compromised (as in computational resources). Creating a secure communications channel between two nodes is inadequate if one of the endpoints of the communication is insecure. Therefore, new methodologies are needed to ensure that the system is protected in the presence of open information flows from physical resources and possibly malicious entities inside the system.

The proposed approach relies on the interconnected nature of the cyber and physical aspects to ensure that information exchanges are trustworthy. Any action taken by any entity in the system should project onto the various subsystems in a consistent way. For example, in a power system, if an entity claims to be generating a certain amount of power (within the cyber realm), then the flows and voltages on the grid (within the physical realm) should reflect that generation level. The projections may be used to evaluate the trustworthiness of each entity.

The first objective is to formulate a methodology that incorporates knowledge from both the cyber and physical domains into a distributed algorithm to ensure the trustworthiness, thus security, of the composed system. The second objective is to derive metrics for security. Both objectives rest on logical invariants that express correctness. The invariants either check the validity of a local action or the accuracy of remote data. They may be used as guards against an action, or may be incorporated into a dynamic reputation-based algorithm. As a testbed, a multilateral energy system on an electrical network will be studied. Preliminary studies of this system have resulted in algorithms that isolate malicious nodes within the context of a single algorithm, using a reputation metric that compares cyber information flows to physically measurable signals. The work will be extended to other algorithms and other related power systems, a generalizable framework will be developed, and more complete metrics will be derived.

PUBLICATIONS

  1. Physical Attestation in the Smart Grid for Distributed State Verification,” Tom Roth and Bruce McMillin, IEEE Transactions on Dependable and Secure Computing, 2016, DOI/10.1109/TDSC.2016.2577021.
  2. Breaking Nondeducible Attacks on the Smart Grid,” Thomas Roth and Bruce McMillin, Seventh CRITIS Conference on Critical Information Infrastructures Security, Springer, LNCS 7722, Hämmerli, Bernhard; Kalstad Svendsen, Nils; Lopez, Javier (Eds.), Lillehammer, Norway, September 17-18, 2012,  Published 2013, pp. 80-91, 10.1007/978-3-642-41485-5_8.
  3. Physical Attestation of Cyber Processes in the Smart Grid,” Tom Roth and Bruce McMillin, Eighth CRITIS Conference on Critical Information Infrastructures Security, , Amsterdam, Netherlands, September 16-18, 2013, Lecture Notes in Computer Science 8328, Springer, pp. 96-107, 10.1007/978-3-319-03964-0_9.
  4. “Using Information Flow Methods to Analyze the Security of Cyber-Physical Systems," Gerry Howser and Bruce McMillin, Computer, 2016 (to appear).