· Deep Cyber-Physical Situational Awareness for Energy Systems
[Deep Cyber-Physical Situational Awareness for Energy Systems: A Secure Foundation for Next-Generation Energy Management, US DOE, (K. Davis (PI, TAMU); Co-PIs: T. Overbye (TAMU), D. Ragsdale (TAMU), A. Goulart (TAMU), S. Zonouz (Rutgers University), S. Hossain-McKenzie (Sandia National Labs), E. Vugrin (Sandia National Labs), J. O’Brien (Pacific Northwest National Labs), M. Rice (Pacific Northwest National Labs), E. Rogers (UIUC)) ($2.7 M, 3 years, awarded Oct. 2018)]
Power systems and other physical energy and cyber infrastructure are traditionally analyzed separately from their cyber infrastructure. The problem is that unexpected access paths and unknown threats often exist in an energy system’s network. For example, vulnerabilities in devices or misconfigurations may enable an adversary to create stepping stone attacks that lead to severe operational consequences. To be secure against the wide array of threats, it is thus necessary to consider the interactions of these systems together.
The proposed multi-disciplinary multi-investigator work led by Dr. Katherine Davis at Texas A&M Engineering Experiment Station (TEES) for US Department of Energy (DOE) Cybersecurity for Energy Delivery Systems (CEDS) aims to design the next generation secure energy management system from the devices-up, with the power architecture and cyber communications network architecture co-managed and analyzed. A key focus is on visibility into cyber-physical threats, and human understandability and explainability of cyber security analytics to power impact as well as energy impact prioritization toward designing and establishing cyber security measures. We propose deep cyber-physical situational awareness via monitoring and characterization of components and events across the system in both physical and cyber infrastructures. The goal is to use deep visibility to design a next-generation secure energy management system that would enable stakeholders across energy industrial control domains to better prepare, mitigate, repair, and recover from cyber-related threats.
Please visit our CYPRES webpage for more information: https://cypres.engr.tamu.edu/
[Deep Learning-based Detection of Stealth False Data Injection Attacks in Large-Scale Power Grids, NSF, K. Davis (PI, TAMU), E. Serpedin (TAMU, Co-PI), T. Overbye (TAMU, Co-PI)) ($360k, 3 years, awarded Sept. 2018) ]
A comprehensive methodology referred to as DEFENDA – DEtection of FalsE and uNexpected Data Attacks – is proposed to quantify the integrity of data and to characterize the impact of false data on power systems. These attacks are referred to as unobservable or stealth false data injection (FDI) attacks, and they are crafted to bypass traditional bad data detection. DEFENDA’s vision is to quickly detect sensor manipulation attacks and correct false data. The project aims to contribute enhanced state-of-the-art cyber-physical security strategies for transmission system operation, where results will inform solution of similar problems including cyber-physical attack detection at generation, transmission, and distribution levels as well as in communication networks, banking systems, cloud computing and storage, and other critical infrastructures.
DEFENDA will contribute attack detection strategies for real-world power grids via deep neural network (DNN) architectures known to offer superior representational power and improved detection performance. Specifically, DEFENDA aims to develop an efficient and robust FDI attack detection mechanism based on a deep long-short-term-memory (LSTM) recurrent neural network (RNN) that captures the time-series nature of the status and measurement data and learns their respective normal and malicious patterns. To ensure detection efficiency, DEFENDA investigates an optimal selection of the deep architecture and underlying hyper-parameters. Furthermore, DEFENDA ensures detection robustness through three measures. First, DEFENDA enables replacement of any missing status and measurement data via a deep LSTM auto-encoder (LSTM-AE) to enhance detection performance even in presence of jamming attacks. Second, using a deep variational LSTM auto-encoder (V-LSTM-AE) DEFENDA is capable to detect attacks that have not been characterized via an anomaly detector. Finally, DEFENDA carries out detection decision fusion based on centralized, semi-centralized, and decentralized detection architectures. DEFENDA will also create and make available synthetic cases with scenarios designed to promote research in cyber-physical analysis and attack detection. By demonstrating the importance of cyber security and data integrity though the scenarios developed, the project will prepare a generation to solve the problems facing society.
Learn more about DEFENDA and obtain datasets at: https://katedavis.engr.tamu.edu/projects/defenda/
· Online Resilience Support System for Cyber-Physical Situational Awareness
[Online Resilience Support System for Cyber-Physical Situational Awareness, Grainger Foundation Frontiers of Engineering Grant, (K. Davis (PI, TAMU), M. Holzinger (Co-PI, U. Colorado)) ($30k, 3 years, awarded July 2018)]
· Bio-Inspired Design of Complex Energy Systems
[Bio-Inspired Design of Complex Energy Systems to Achieve Robust, Efficient, and Sustainable Networks, Texas A&M Energy Institute, (A Layton (PI, TAMU), K. Davis (Co-PI, TAMU)) ($50k, 1 year, awarded June 2018]
· Distributed Just-Ahead-Of-Time Verification of Cyber-Physical Critical Infrastructure
[Distributed Just-Ahead-Of-Time Verification of Cyber-Physical Critical Infrastructure, NSF, (S. Zonouz (PI, Rutgers), K. Davis (Co-PI, TAMU))]
· ⋅GIC Hazard Prediction: From the Solar Wind to Power System Impacts
[GIC Hazard Prediction: From the Solar Wind to Power System Impacts, NSF, (T. Overbye (PI, TAMU), Katherine Davis (co-PI, TAMU), J. Makela (co-PI, UIUC), Jana Sebestik (co-PI, UIUC))]