GridStat Middleware Communication Framework: Management Security and Trust

It is generally recognized that a high-bandwidth and highly available networked communication system should overlie the transmission system topology to enable new types of control and protection applications that will make the grid more efficient and reliable. Those applications will make use of data originating at many locations in the grid, which may be under the control of operators with various levels of competency and motivation, or even under the control of attackers. The research in this activity addressed two aspects of cyber security in that emerging environment. The first is that of message origin authentication when the data delivery model is multicast. That is a challenging technical problem for which various solutions already existed, all of which involved trade-offs among multiple quality-of-service dimensions, leaving no universally best solution. The second aspect concerns how to make control decisions using information from sources whose trustworthiness is unknown a priori. We observe that in any system of the power grid’s size, involving thousands of participating entities, security will necessarily be imperfect and uncertain. The work pursued here attempted to use trustworthiness assessment in combination with decision theory to make good control decisions, even in the face of uncertainty about the trustworthiness of some inputs. Specifically, we made several multicast authentication protocols available in the GridStat framework, allowing application designers to choose a protocol that best meets the application’s needs. We improved the performance of the Time-Valid One-Time Signature (TV-OTS) multicast authentication protocol, which offers tunable security at relatively low computational and latency cost compared to competing methods for multicast message authentication. Based on our evaluation of trade-offs among choices in the TV-OTS implementation, such as signature size, number of chains, epoch length, and the resistance of the protocol to brute-force attacks, we implemented TV-OTS as a fully supported authentication mechanism in the GridStat framework. We also developed ProFokus, a secure key storage repository that makes the system more resilient against attacks on its management infrastructure by splitting secret key material across several servers and requiring k out of n servers to collaborate in revealing the secrets for use. Finally, we have assessed various protocols for their susceptibility to  false data injection and denial of service attacks when used on highly-regular data streams such as those from PMUs.

Presentation from 2014 Industry Workshop:

K-Time Signatures for Smartgrid Multicast. Presented by Kelsey Cairns, Washington State University, at the 2014 TCIPG Industry Workshop held November 12-13, 2014 at the iHotel and Conference Center in Illinois. Slides for this presentation may be downloaded from the workshop archives.
 

Research Demo:

Data Injection Attacks and Prevention: Presented by Kelsey Cairns, Washington State University, at the TCIPG Industry Workshop in November 2014.