Search results

(1 - 2 of 2)
Combining Simulation and Emulation for Planning and Evaluation of Smart Grid Security, Resilience, and Operations
Title
Combining Simulation and Emulation for Planning and Evaluation of Smart Grid Security, Resilience, and Operations
Creator
Hannon, Christopher
Date
2020
Description
The modern power grid is a complex, large scale cyber-physical system comprising of generation, transmission and distribution elements....
Show moreThe modern power grid is a complex, large scale cyber-physical system comprising of generation, transmission and distribution elements. However, advancements in information technology have not yet caught up to the legacy operational technology used in the electric power system. Coupled with the proliferation of renewable energy sources, the electric power grid is in a transition to a smarter grid; operators are now being equipped with the tools to make real-time operational changes and the ability to monitor and provide situational awareness of the system. This shift in electric power grid priorities requires an expansive and reliable communication network to enhance efficiency and resilience of the Smart Grid. This trend calls for a simulation-based platform that provides sufficient flexibility and controllability for evaluating network application designs, and facilitating the transition from in-house research ideas into production systems. In this Thesis, I present techniques to efficiently combine simulation systems, emulation systems, and real hardware into testbed systems to evaluate security, resilience, and operations of the electric power grid. While simulating the dynamics of the physical components of the electric power grid, the cyber components including devices, applications, and networking functions are able to be emulated or even implemented using real hardware. In addition to novel synchronization algorithms between simulation and emulation systems, multiple test cases in applying software-defined networking, an emerging networking paradigm, to the power grid for security and resilience and phasor measurement unit analytics for grid operations are presented which motivate the need for a simulation-based testbed. The contributions of this work lay in the design of a virtual time system with tight controllability on the execution of the emulation systems, i.e., pausing and resuming any specified container processes in the perception of their own virtual clocks, and also lay in the distributed virtual time based synchronization across embedded Linux devices.
Show less
A SCALABLE SIMULATION AND MODELING FRAMEWORK FOR EVALUATION OF SOFTWARE-DEFINED NETWORKING DESIGN AND SECURITY APPLICATIONS
Title
A SCALABLE SIMULATION AND MODELING FRAMEWORK FOR EVALUATION OF SOFTWARE-DEFINED NETWORKING DESIGN AND SECURITY APPLICATIONS
Creator
Yan, Jiaqi
Date
2019
Description
The world today is densely connected by many large-scale computer networks, supporting military applications, social communications, power...
Show moreThe world today is densely connected by many large-scale computer networks, supporting military applications, social communications, power grid facilities, cloud services, and other critical infrastructures. However, a gap has grown between the complexity of the system and the increasing need for security and resilience. We believe this gap is now reaching a tipping point, resulting in a dramatic change in the way that networks and applications are architected, developed, monitored, and protected. This trend calls for a scalable and high-fidelity network testing and evaluation platform to facilitate the transformation from in-house research ideas to real-world working solutions. With this objective, we investigate means to build a scalable and high-fidelity network testbed using container-based emulation and parallel simulation; our study focuses on the emerging software-defined networking (SDN) technology. Existing evaluation platforms facilitate the adoption of the SDN architecture and applications to production systems. However, the performance of those platforms is highly dependent on the underlying physical hardware resources. Insufficient resources would lead to undesired results, such as low experimental fidelity or slow execution speed, especially with large-scale network settings. To improve the testbed fidelity, we first develop a lightweight virtual time system for Linux container and integrate the system into a widely-used SDN emulator. A key issue with an ordinary container-based emulator is that it uses the system clock across all the containers even if a container is not being scheduled to run, which leads to the issue of both performance and temporal fidelity, especially with high workloads. We investigate virtual time approaches by precisely scaling the time of interactions between containers and physical devices. Our evaluation results indicate a definite improvement in fidelity and scalability. To improve the testbed scalability, we investigate how the centralized paradigm of SDN can be utilized to reduce the simulation workload. We explore a model abstraction technique that effectively transforms the SDN network devices to one virtualized switch model. While significantly reducing the model execution time and enabling the real-time simulation capability, our abstracted model also preserves the end-to-end forwarding behavior of the original network.With enhanced fidelity and scalability, it is realistic to utilize our network testbed to perform a security evaluation of various SDN applications. We notice that the communication network generates and processes a huge amount of data. The logically-centralized SDN control plane, on the one hand, has to process both critical control traffic and potentially big data traffic, and on the other hand, enables many efficient security solutions, such as intrusion detection, mitigation, and prevention. Recently, deep neural networks achieve state-of-the-art results across a range of hard problem spaces. We study how to utilize the big data and deep learning to secure communication networks and host entities. For classifying malicious network traffic, we have performed the feasibility study of off-line deep-learning based intrusion detection by constructing the detection engine with multiple advanced deep learning models. For malware classification on individual hosts, another necessity to secure computer systems, existing machine learning-based malware classification methods rely on handcrafted features extracted from raw binary files or disassembled code. The diversity of such features created has made it hard to build generic malware classification systems that work effectively across different operational environments. To strike a balance between generality and performance, we explore new graph convolutional neural network techniques to effectively yet efficiently classify malware programs represented as their control flow graphs.
Show less