New Paradigm Enables More Secure, Reliable Control Networks for Power Grid
When an energy company sustains a cyber attack, control system operators must quickly identify, isolate and reroute around the affected network areas in order to maintain critical energy delivery functions. A global view of all communication flows would make that task much easier, but unfortunately, such an overview map isn’t available to the energy sector at this time.
However, Oregon State University Assistant Professor Rakesh Bobba, Electrical and Computer Engineering Professors William H. Sanders and David Nicol, and CS Professor Roy Campbell, along with their collaborators at Schweitzer Engineering Laboratories (SEL), Ameren Corporation, and Pacific Northwest National Laboratory (PNNL), are working to solve that problem through a $4.9 million software-defined networking (SDN) project funded by the Department of Energy and led by SEL. The team is developing a flow controller—including both a hardware device and supporting software—that will monitor, configure and maintain safe, reliable network traffic flows in energy system control networks.
The flow controller is being designed to bring the advantages of software-defined networking to power control networks. The project will build on the success of the current SEL Cybersecurity for Energy Delivery Systems (CEDS) Watchdog project, which produced a software-defined switch with deep packet inspection capabilities.
“Software-defined networking is a new paradigm that has emerged in the last few years and one which brings lots of advantages for reliability and security,” said Bobba, who was previously a research assistant professor at Illinois.
With software-defined networking, it is possible to load a program into a central flow controller and have it dynamically configure switches in the network. That allows network administrators to focus on higher-level business requirements rather than on the programming of individual network switches.
The Illinois effort will focus on validation of flow configurations and on the security and reliability of SDN architectures, while Project Director Rhett Smith of SEL and his team will simultaneously work on network visualization and configuration programming. The validation part will be designed on the Illinois side and then later integrated into the controller.
“Once someone puts flow rules into the controller and it programs the networks, how can one be sure that the network meets the security and business requirements?” Bobba asked. “We need to be able to validate flow rules against predefined policies.”
The Illinois team will leverage results of prior Illinois validation research, such as Nicol’s NP-View tool, which performs automated analysis of firewall configurations, and the Flow Verification Technology, created by Computer Science Professors Matthew Caesar and Brighten Godfrey, which can be used to develop a validation framework for software-defined networking that is very specific to power control networks.
The eventual goal of the project is to develop an overview map that would allow controllers to visualize the entire network of flows happening in real time and be able to detect anomalies and take preprogrammed actions. The project will produce the first solution available to system operators that allows them to view and configure a substation network in a single entity.
Donald R. Borries, Rod Hilburn and Joyce Sanders of Ameren Illinois will coordinate use of Ameren as a demonstration site and will also provide input regarding industry needs. Mark Hadley of PNNL will work with the team to conduct security and performance evaluation.
“The flexibility of software-defined networking enables us to develop network configurations which, in the power grid context, have provable security and availability properties,” Nicol said. “We’re excited to be part of a project with such promise for improving the grid.”