Collaborative Research: SaTC: CORE: Small: Enabling Programmable In-Network Security for an Attack-Resilient Smart Grid

协作研究：SaTC：核心：小型：为抵御攻击的智能电网实现可编程网内安全

• 批准号: 2247722
• 负责人: Hui Lin
• 金额: $ 28万
• 依托单位: University of Rhode Island
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-06-01 至 2026-05-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2247722&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Small

Modern energy systems are increasingly adopting Internet technology to boost efficiency, which opens new security frontiers. On the one hand, the underlying network infrastructure used by existing power grids significantly limits the performance of current security measures. On the other hand, Internet companies are undergoing a foundational change in their network infrastructure, mainly driven by deploying advanced programmable network architectures. This project aims to create and quantify programmable in-network security measures for an attack-resilient power grid. Achieving this objective involves integrating the advancement of data-plane programmability into energy system cyber infrastructure, and based on this, further exploring numerous applications across attack detection, mitigation, and prevention to secure today’s energy systems. The outcomes of the project will have significant impacts on industrial practice through the suitable adoption of the proposed programmable cyber-infrastructure to realize a defense-in-depth approach for future energy systems. The work will also train students and workforce with cutting-edge and cross-disciplinary knowledge in power systems, networking, and cyber-security. The project aims to build the next-generation programmable cyber-infrastructure for energy system protection with three research thrusts: (i) an in-network cyber-attack detection system with high-speed and customizable packet inspection; (ii) a self-healing system that automatically restores network connectivity and recovers corrupted measurements by considering characteristics from both communication networks and physical devices; and (iii) an in-network traffic scheduler that disrupts attack reconnaissance while maintaining quality-of-service requirements. The impact of the proposed research will lay a scientific foundation for system design through the development of models, algorithms, and tools that incorporate both cyber and physical system properties.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

现代能源系统越来越多地采用互联网技术来提高效率，这开辟了新的安全前沿。 一方面，现有电网使用的底层网络基础设施极大地限制了当前安全措施的性能。其网络基础设施发生了根本性变化，主要是通过部署先进的可编程网络架构来推动的，该项目旨在为抵御攻击的电网创建和量化可编程的网络内安全措施，实现这一目标涉及整合数据平面可编程性的进步。深入能源系统网络基础设施，并在此基础上进一步探索攻击检测、缓解和预防方面的众多应用，以保护当今的能源系统。该项目的成果将通过适当采用拟议的可编程网络基础设施对工业实践产生重大影响。 -实现未来能源系统纵深防御方法的基础设施。该项目还将培训学生和劳动力，使其具备电力系统、网络和网络安全方面的前沿和跨学科知识。下一代可编程网络基础设施能源系统保护具有三个研究重点：（i）具有高速和可定制数据包检查的网络内网络攻击检测系统；（ii）自我修复系统，可通过考虑以下特征来自动恢复网络连接并恢复损坏的测量结果通信网络和物理设备；以及（iii）网络内流量调度程序，该调度程序可以在保持服务质量要求的同时中断攻击侦察。所提出的研究的影响将为通过模型开发的系统设计奠定科学基础。算法和工具该奖项反映了网络和物理系统的属性。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。