WS2: Next steps toward securing the Smart Grid

Part 1: Privacy and Cyber-Security of Smart Grid at Various Levels

Chairs:

Prof. Dr. Edmond Jonckheere, University of Southern California, Los Angeles, CA received his Electrical Engineer degree from the University of Louvain, Belgium, in 1973, the Dr.-Eng degree from Paul Sabatier University, Toulouse, France, in 1975, and the Ph. D. degree in Electrical Engineering from the University of Southern California, in 1978.  In 1979, he was with the Philips Research Laboratory, Brussels, Belgium. In 1980, he returned to the University of Southern California, where he is currently a professor of Electrical Engineering and Mathematics, a member of the Center for Applied Mathematical Sciences, and a member of the Center for Quantum Information Science and Technology. He has had short terms appointments with the Max-Planck-Institute, Gottingen, Germany, the Australian National University, Canberra, Australia, and the University of Namur, Belgium. His consulting experience includes Lockheed-Martin and the Aerospace Corporation. His current research interests include quantum spintronics networks, Adiabatic Quantum Computations, Heat Diffusion protocols for wireless networking, network topology, and smart grid, where his interests focus on synchrophasor signal analysis and their dynamical interpretation. Dr. Jonckheere is a former Associate Editor of the IEEE Transactions on Automatic Control and was elected Life Fellow of IEEE.

Ravi Pradhan is Vice President, Technology Strategy, for Siemens Digital Grid Division Software and Solutions in Minneapolis. With 20 years experience building and integrating control center systems, electricity market systems and other operational IT systems, Ravi is part of the global Siemens Digital Grid Software product house and is responsible for selecting and implementing the appropriate technologies for Siemens Digital Grid software solutions. Ravi is currently focused on architecting systems to accommodate the growing penetration of DERs in the grid, using technological and market mechanisms. Ravi was a principal system architect for the California ISO Market Redesign and Technology Update project, which included a large IT integration component, along with market optimization software. He was also the executive technical lead for the PJM AC2 project that implemented a ground-breaking dual primary control center for managing the bulk of the northeast USA’s transmission grid. Prior to that, he has also been the lead on EMS projects in Mexico City; Johannesburg, South Africa, NSP in Minneapolis, and Hydro-Quebec in Montreal.
Ravi earned his B.S. in computer science from Purdue University in West Lafayette, Indiana.

Contributors:

Paul Bogdan, Dept. of Electrical Engineering, University of Southern California, Los Angeles
is an Assistant Professor in the Ming Hsieh Department of Electrical Engineering at University of Southern California. He received his Ph.D. degree in Electrical and Computer Engineering from Carnegie Mellon University. His early career work has been recognized with a number of honors and distinctions, including the 2017 Defense Advanced Research Projects Agency (DARPA) Young Faculty Award, the 2017 Okawa Foundation research award, the 2015 National Science Foundation CAREER award, the 2012 D.O. Pederson Best Paper Award from IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, and the 2013 Best Paper Award from the 18th Asia and South Pacific Design Automation Conference. His research interests span both theory and applications. Specific topics include the theoretical foundations of cyber-physical systems, modeling and analysis of biological systems and swarms, understanding of neural and cognitive systems via new mathematical models, development of new control algorithms for dynamical systems exhibiting multi-fractal characteristics, modeling biological/molecular communication, development of fractal mean field games to model and analyze biological, social and technological system-of-systems, performance analysis and design methodologies for manycore systems.

Laith Shalafeh, German Jordanian University, Amman
received a B.S. degree in Electrical Engineering from the University of Jordan in 2009, M.S. and Ph.D. degrees in Electrical Engineering from the University of Southern California in 2012 and 2017, respectively. Then, he joined the German Jordanian University where he is currently an Assistant Professor in the Energy Engineering Department. His research interests include electric vehicles, load modeling, voltage stability, smart grid, and phasor measurement units.

Giulio Giaconi,  Imperial College, London, UK
Giulio Giaconi (S’15) received the B.Sc. and M.Sc. degrees (Hons.) in communication engineering from the Sapienza University of Rome, Italy, in 2011 and 2013, respectively. He is currently pursuing the Ph.D. degree with the Department of Electrical and Electronic Engineering, Imperial College London, U.K. In 2013, he was a Visiting Student with Imperial College London, working on indoor localization via visible light communications. His current research interests include data privacy, information and communication theory, optimization, signal processing, and machine learning. In 2014, he received the Excellent Graduate Student Award of the Sapienza University of Rome.

Deniz Gündüz,  Imperial College, London, UK
received his M.S. and Ph.D. degrees in electrical engineering from NYU in 2004 and 2007, respectively. After his PhD, he served as a postdoctoral research associate at Princeton University, as a consulting assistant professor at Stanford University and as a research associate at CTTC in Barcelona, Spain until 2012, when he joined the Electrical and Electronic Engineering Department of Imperial College London, UK, where he is currently a Reader and the head of the Information Processing and Communications Lab. His research interests lie in the areas of communications and information theory, machine learning, and security and privacy in cyber-physical systems. Dr. Gündüz is an Editor of the IEEE Transactions on Communications, and the IEEE Transactions on Green Communications and Networking. He is the recipient of a Starting Grant of the European Research Council (ERC) in 2016, IEEE Communications Society Best Young Researcher Award for the Europe, Middle East, and Africa Region in 2014, and Best Paper Award at the 2016 IEEE Wireless Communications and Networking Conference (WCNC). He is the General Co-chair of the 2018 Workshop on Smart Antennas, and previously served as the General Co-chair of the 2016 IEEE Information Theory Workshop, and a Co-chair of the PHY and Fundamentals Track of the 2017 IEEE Wireless Communications and Networking Conference.    

Prof. H. Vincent Poor,  Princeton University, USA
received a BSEE degree from Auburn University in 1972, and a MSEE from there in 1974. In 1977, he received his PhD from Princeton University. From 1977 to 1990, he was a faculty member of the University of Illinois at Urbana–Champaign. From 1990, he joined Princeton University as a professor. His current research activities are focused on advances in several fields of rapid technology development, notably wireless networks, energy systems and social networks.

Prof. Dr. Bruno Sinopoli, Department of ECE, Carnegie Mellon University, USA
Bruno Sinopoli received the Dr. Eng. degree from the University of Padova in 1998 and his M.S. and Ph.D. in Electrical Engineering from the University of California at Berkeley, in 2003 and 2005 respectively. After a postdoctoral position at Stanford University, Dr. Sinopoli joined the faculty at Carnegie Mellon University where he is full professor in the Department of Electrical and Computer Engineering with courtesy appointments in Mechanical Engineering and in the Robotics Institute and co-director of the Smart Infrastructure Institute, a research center aimed at advancing innovation in the modeling analysis and design of smart infrastructure. Dr. Sinopoli was awarded the 2006 Eli Jury Award for outstanding research achievement in the areas of systems, communications, control and signal processing at U.C. Berkeley, the 2010 George Tallman Ladd Research Award from Carnegie Mellon University and the NSF Career award in 2010. His research interests include the modeling, analysis and design of Secure by Design Cyber-Physical Systems with applications to Energy Systems, Interdependent Infrastructures and Internet of Things.

Jeremy Bryant leads the global product and sales development for the Siemens Industrial Communications RUGGEDCOM business portfolio. In this capacity, he identifies emerging market trends; works with customers and Siemens businesses worldwide to provide best in class industrial communications offers, specifically for the power utility, energy, defense and transportation markets. Jeremy also contributes to the company’s thought leadership on networking and cybersecurity for these verticals. Jeremy has over 21 years of Sales and Marketing experience in the Industrial Automation and Communications Market. During this time, he has held leadership roles in sales and marketing for Industrial Communications and Automation business. He holds a BSc in Electrical Engineering with a Minor in General Business from Louisiana Tech University, USA


Abstract

Morning Sessions:

In this workshop, we will attempt to have “both ends meet.” Specifically, we will proceed from what is probably the most fundamental issue—the large-scale grid dynamic that generates the various PMU signals—and then follow a path to lower-scale, all the way to single energy consumer smart meter, with privacy & security concern at the various levels. At the highest level, we will show how fractal analysis of PMU signals give an overall state of health of grid, allowing both intentional (e.g., attacks) detection and nonintentional (e.g., blackout) anticipation. Next, we will focus on security related to sensor measurement being sent to a concentrator via an imperfect packet dropping line that might have been compromised. Finally, at the consumer level, we will address privacy concerns over smart meters by removing information carrying high frequency component and placing battery buffer between consumer appliances and smart meter.

As the transformation of the electricity grid into a digitalized grid that incorporates information and communication technologies accelerates, the probability of a cyber security related breach grows higher and higher. We will focus on the industrial security strategy for addressing the fundamentals of cyber security and a sensible approach to connectivity and defense measures, and the response to incidents at all levels within the organization.  The workshop will include a group-work tabletop exercise that includes handling the responses to practical scenarios.

Compact Modeling of Complex Smart Grid Dynamics: Application to Change Point Detection of Voltage Collapse
Synchrophasor technology consisting of Phasor Measurement Units (PMUs) and high-speed communication infrastructure promises to provide a closed loop cyber-physical system diagnosis and management of smart grids. More precisely, the synchrophasors record in real-time and at high-frequency the voltage magnitude, phase angle, and frequency of the sinusoidal waveforms at specific location on the power grid and point in time. Despite numerous research efforts, the dynamics of the power grid is still poorly understood. In this talk, we will initiate a PMU data driven approach, which will reveal that smart grid dynamics is complex, possessing nontrivial nonstationary, and fractal characteristics, as measurement in the USA, Japan and across Europe have already demonstrated As the first application, we will develop a real-time change point detection of the fractal characteristics of PMU signals to alert of imminent system blackout. More generally, to a large extent, the data-driven mathematical findings invalidate the current employed models and call for a paradigm shift away from the popular bifurcation models in modeling the complex power grid dynamics. Motivated by observed mathematical characteristics, we present a series of mathematical tools that can be used for constructing compact models of power grid dynamics.

Can We Prevent Privacy Leakage from Smart Meters without Compromising Their Functionalities?
Smart meters and the associated communication infrastructure are an essential component of future smart grids. Smart meters allow consumers to track their energy usage and generation, allow utilities and network operators to monitor and control the grid more closely, and enable real-time pricing. However, smart meter readings can also reveal sensitive information about consumers’ habits and behaviours. The growing backlash against smart meters due to these privacy concerns is seen as a potential show stopper for this multi-billion-pound industry.

In this talk we will present our recent results that exploit physical resources, such as storage and renewable energy generation devices, to filter the energy consumption profile of the consumer, in order to provide privacy without compromising smart meter functionalities. We study the fundamental trade-off between the minimum possible privacy leakage and the energy cost that can be achieved with finite-capacity storage and under average and peak constraints on the available power from renewable energy sources. We will present various measures of privacy considered in the literature, comment on their advantages and limitations, and provide simulation results based on real smart meter data.

Physical Watermarking for Securing Cyber Physical Systems with Packet Drops
Physical watermarking is a well known solution for securing Cyber Physical Systems (CPSs) such as the smart grid. Here, a noisy control input is injected into the system in order to authenticate physical dynamics and sensors which may have been corrupted by adversaries. In this paper, we consider the utility of physical watermarking over lossy channels. Specifically sensor measurements are assumed to be sent to a centralized estimator via an imperfect packet dropping link. With the classical linear quadratic objective function and an independent and identically distributed Gaussian watermark sequence, we study the optimal Neyman-Pearson test and determine the effect of channel erasures on meeting security and control objectives. We consider the trade-off between attack detection and control in this setting and propose methods to ensure adequate performance.

Current Challenges to the Grid and the Industry’s Readiness with Practical Solutions to Close the Gap
In this panel we will look at the range of cyber security challenges that the electricity grid faces, and the state of the Industry’s readiness to tackle them. Recent events have demonstrated a variety of tactics and approaches to breaching industrial security at utilities. We will look at understanding the risks and approaches to indentifying gaps in the defenses and learning how to maintain network security posture by gaining visibility into the cyber network. This will set the stage for a group work session that will examine the incident response approaches that looks at managing exposure and the flow of information through the business, media and regulatory bodies. We will conclude with a discussion of work groups’ findings.


Afternoon Sessions:

As companies recover from yet another round of global cyber-attacks, business leaders are correctly asking the question: Is this the new normal? No industry is safe a world where connectivity drives business, but the energy sector presents an especially attractive target for cyber attackers for its perceived high vulnerability, high impact outcome.  

Three fundamental shifts in the market have led to this vulnerability. First, attackers have begun to move their attacks from traditional IT networks – those made up of the servers, computers, and mobile devices that enable business operations – to Operational Technology (OT) targets, which are the machines, systems, and networks that are directly used at plants and in operations. Essentially, these are physical infrastructures and digital inputs that make manufacturing and business happen.  OT systems are often much older and thus, far less protected. Second, many energy companies are embracing digitalization of their operations. Digitalization promises significant increases in efficiency and profitability through the modernization of technology, advanced analytics, and automation. However, with this leap forward, there comes increased cyber security risk. Third, cyber attackers are realizing that OT presents the ability to have critical impacts. They can expand from not only stealing, disrupting, and destroying data, to directly impacting critical operations and safety. These not only raise the profile of their attacks, but increase the profitability and value of their exploitations.

As a result, cyber-attacks on energy OT systems have become more frequent and more severe. Attacks against OT have ballooned from 5 percent just a few years ago to the current rate of 30 percent with no sign of scaling back. Unfortunately, energy companies make up the lion’s share of these attacks. Attacks vary from disrupting SCADA and Industrial Control Systems, which in turn causes outages and operational delays, to ransomware attacks, where cyber attackers hold systems and operations for ransom with threats to disrupt and destroy operating systems. Leaders at energy companies are now facing direct pressure from their boards-of-directors, market analysts, and government regulators to significantly enhance their OT cyber security programs. A recent Ponemon study showed that 59% of senior energy leaders believe that there is now a greater level of cyber risk in the OT than in the IT environment.

The second part of the workshop  addresses the specific risks, pain points, and challenges of maturing the cyber security capabilities in the Energy OT environment. We will also discuss best practices and approaches to maturing your OT cyber security program, giving you a basic roadmap for how to move forward.  Finally, we will discuss how the cyber security threat, and both operating and regulatory environments will likely evolve over the next several years, and how you can stay ahead of it.


Time Duration Content by  
         
08:30   Start of Workshop    
         
8:30 01:15 Compact Modeling of Complex Smart Grid Dynamics: Application to Change Point Detection of Voltage Collapse Edmond Jonckheere, Paul Bogdan, Laith Shalalfeh, Univ. of Southern California Presentation
         
09:45 00:15 Coffee Break    
         
10:00 01:15 Optimal Demand-Side Management for Joint Privacy-Cost
Optimization with Energy Storage
Giulio Giacconi, Deniz Gündüz, Imperial College; UK
H. Vincent Poor, Princeton University, USA
Presentation
         
11:15 01:15 Physical Watermarking for Securing Cyber Physical Systems with
Packet Drops
Bruno Sinopoli, Carnegie Mellon University Presentation
         
12:30 01:30 Lunch Break & Panel Discussion   Panel
         
14:00 00:30 Current challenges to the Grid Ravi Pradhan, Siemens Digital Grid, USA Presentation
         
14:30 00:30 State of the industry readiness & Pratical solutions to close the gap Jeremy Bryant, Siemens Industrial Comms, USA Presentation
         
15:00 00:30 Moving towards a Secure substation concept Ravi Pradhan, Siemens Digital Grid, USA Presentation
         
15:30 00:15 Coffee Break    
         
15:45 01:00 Table top exercise – team breakout to solve practical scenarios all Group Work
         
16:45 00:15 Group Findings Presentations all Open Discussion
         
17:00   End of Workshop