Grid protectionUsing device “fingerprints” to protect power grid, industrial systems
Human voices are individually recognizable because they are generated by the unique components of each person’s voice box, pharynx, esophagus and other physical structures. Researchers are using the same principle to identify devices on electrical grid control networks, using their unique electronic “voices” — fingerprints produced by the devices’ individual physical characteristics — to determine which signals are legitimate and which signals might be from attackers. A similar approach could also be used to protect networked industrial control systems in oil and gas refineries, manufacturing facilities, wastewater treatment plants and other critical industrial systems.
Technique uses unique signal characteristics to determine foreign devices // Source: gatech.edu
Human voices are individually recognizable because they are generated by the unique components of each person’s voice box, pharynx, esophagus and other physical structures.
Researchers are using the same principle to identify devices on electrical grid control networks, using their unique electronic “voices” — fingerprints produced by the devices’ individual physical characteristics — to determine which signals are legitimate and which signals might be from attackers. A similar approach could also be used to protect networked industrial control systems in oil and gas refineries, manufacturing facilities, wastewater treatment plants and other critical industrial systems.
Georgia Tech reports that the research, reported 23 February at the Network and Distributed System Security Symposium in San Diego, was supported in part by the National Science Foundation (NSF). While device fingerprinting is not a complete solution in itself, the technique could help address the unique security challenges of the electrical grid and other cyber-physical systems. The approach has been successfully tested in two electrical substations.
“We have developed fingerprinting techniques that work together to protect various operations of the power grid to prevent or minimize spoofing of packets that could be injected to produce false data or false control commands into the system,” said Raheem Beyah, an associate professor in the School of Electrical and Computer Engineering at the Georgia Institute of Technology. “This is the first technique that can passively fingerprint different devices that are part of critical infrastructure networks. We believe it can be used to significantly improve the security of the grid and other networks.”
The networked systems controlling the U.S. electrical grid and other industrial systems often lack the ability to run modern encryption and authentication systems, and the legacy systems connected to them were never designed for networked security. Because they are distributed around the country, often in remote areas, the systems are also difficult to update using the “patching” techniques common in computer networks. And on the electric grid, keeping the power on is a priority, so security can’t cause delays or shutdowns.
“The stakes are extremely high, but the systems are very different from home or office computer networks,” said Beyah. “It is critical that we secure these systems against attackers who may introduce false data or issue malicious commands.”
