Technologies

newton's cradle concept with one green and three black lightbulbsTechnologies, tools, and applications developed by TCIPG researchers and TCIPG alumni. Click on the technology name to view more information.

Amilyzer is a specification-based intrusion detection sensor that can be deployed in the field of an advanced metering infrastructure (AMI) to identify security threats in real time. The Amilyzer sensor monitors traffic among meters and access points at the network, transport, and application...
Api-do is a collection of tools inspired by and extending Joshua Wright's original KillerBee - a Python-based framework and tool set for exploring and exploiting the security of ZigBee and IEEE 802.15.4 networks. KillerBee, which has undergone major updates by TCIPG alums Ricky Melgares and...
Autoscopy Jr. is a host-based intrusion detection system created specifically for remotely-deployed embedded smart grid devices, which are not powerful enough to support virtual machines and are potentially too remote to constantly update malware signatures. Autoscopy Jr. circumvents these issues...
CONES is a real-time middleware toolkit aimed at supporting converged SCADA networks. CONES provides 1) host-based process management, 2) network resource management, and 3) host-based network resource management. These capabilities collectively provide a basis for convergence of SCADA networks...
GridStat is a flexible, robust, and secure real-time publish-subscribe middleware framework developed by TCIPG researchers at Washington State University. It is designed to provide extremely low delivery latencies and extremely high availability for power system data delivery. It forwards updates...
This work is a novel use of NIDS tailored to detect attacks against networks that support hybrid controllers of power grid protection schemes. Physical device safety is typically implemented locally using embedded controllers, while operations safety is primarily performed in control centers. Safe...
Access policy implementation misconfiguration of firewalls or other local security mechanisms is a major source of security vulnerability. The complex interactions between distributed and layered policy implementation can lead to subtle errors and mask problems. The NetAPT Network Access Policy...
Simpler Scalable Simulation Framework (S3F) was developed as a result of revisiting the Scalable Simulation Framework (SSF) that supported large-scale parallel discrete-event simulation - to make it better reflect use and support maintainability. S3F, the second generation API developed by TCIPG...
In order to conduct realistic experiments on hardware intrusion detection, a real embedded system device must be used. The Smart Meter Research Platform was developed by TCIPG alumnus Nathan Edwards to emulate an AMI smart meter environment, collect empirical data, and enable the study of embedded...
IDS for DNP3 extends Bro, a specification-based network traffic analyzer, to analyze the DNP3 protocol and build security policies to protect against a malicious intruder penetrating a SCADA system. The DNP3 analyzer is included in Bro, and may be downloaded from https://www.bro.org/download/index....
TEDDI (Tamper Event Detection on Distributed Infrastructure) is a distributed, sensor-based approach to tamper detection for devices connected to a utility’s SCADA network. TEDDI consists of three components: Tamper Information Points (TIPs), which live inside a utility’s cabinets, use...
XUTools was designed so that practitioners could process files in terms of the language constructs appropriate to the problem at hand - as many of these languages lie beyond regular expressions. We thus extended traditional UNIX tools because many modern, structured-text formats break assumptions...