Collaborative Research: SaTC: CORE: Small: Enabling Programmable In-Network Security for an Attack-Resilient Smart Grid

协作研究：SaTC：核心：小型：为抵御攻击的智能电网实现可编程网内安全

• 批准号: 2247722
• 负责人: Hui Lin
• 金额: $ 28万
• 依托单位: University of Rhode Island
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-06-01 至 2026-05-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2247722&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Small

Modern energy systems are increasingly adopting Internet technology to boost efficiency, which opens new security frontiers. On the one hand, the underlying network infrastructure used by existing power grids significantly limits the performance of current security measures. On the other hand, Internet companies are undergoing a foundational change in their network infrastructure, mainly driven by deploying advanced programmable network architectures. This project aims to create and quantify programmable in-network security measures for an attack-resilient power grid. Achieving this objective involves integrating the advancement of data-plane programmability into energy system cyber infrastructure, and based on this, further exploring numerous applications across attack detection, mitigation, and prevention to secure today’s energy systems. The outcomes of the project will have significant impacts on industrial practice through the suitable adoption of the proposed programmable cyber-infrastructure to realize a defense-in-depth approach for future energy systems. The work will also train students and workforce with cutting-edge and cross-disciplinary knowledge in power systems, networking, and cyber-security. The project aims to build the next-generation programmable cyber-infrastructure for energy system protection with three research thrusts: (i) an in-network cyber-attack detection system with high-speed and customizable packet inspection; (ii) a self-healing system that automatically restores network connectivity and recovers corrupted measurements by considering characteristics from both communication networks and physical devices; and (iii) an in-network traffic scheduler that disrupts attack reconnaissance while maintaining quality-of-service requirements. The impact of the proposed research will lay a scientific foundation for system design through the development of models, algorithms, and tools that incorporate both cyber and physical system properties.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

现代能源系统越来越多地采用互联网技术来提高效率，从而打开了新的安全边界。一方面，现有电网使用的基础网络基础架构显着限制了当前安全措施的性能。另一方面，互联网公司正处于其网络基础架构的基础上，这主要是由部署高级可编程网络架构驱动的。该项目旨在为攻击弹性电网创建和量化可编程的网络内部安全措施。实现这一目标涉及将数据平面可编程性的进步整合到能源系统网络基础架构中，并基于此，进一步探讨了在攻击检测，缓解和预防中以确保当今能源系统的众多应用。该项目的结果将通过适当采用拟议的可编程网络基础设施来对工业实践产生重大影响，以实现对未来能源系统的深入辩护方法。这项工作还将在电力系统，网络和网络安全方面培训学生和劳动力。该项目旨在通过三个研究推力建立下一代可编程的网络基础，以保护能源系统保护：（i）具有高速和可定制数据包检查的网络内网络攻击系统； （ii）自动恢复网络连接并通过考虑来自通信网络和物理设备的特征来恢复损坏的测量的自我修复系统； （iii）一个网络内交通调度程序，可在维持服务质量要求的同时破坏攻击侦察。拟议的研究的影响将通过开发模型，算法和纳入网络和物理系统属性的工具来为系统设计奠定科学基础。该奖项反映了NSF的法定任务，并被认为是通过基金会的智力优点和更广泛的影响标准来评估通过评估来获得的支持。