Scientists Put Forth a Smarter Way to Protect a Smarter Grid

An alternate path is to map out the most critical wellness behaviors early on and to give those high priority throughout life. That might include staving off osteoporosis by eating a healthy diet and being active, receiving vaccines to prevent as much illness as possible, and avoiding smoking and eating less fat to keep the heart healthy.

Mapping Cyberattack Paths
The team’s formula is based on a model known as hybrid attack graphs, a mathematical approach that is becoming more popular as the cyber and physical worlds become interconnected. The approach gives users flexibility to map out and follow multiple attack routes as they evolve and as defenders and attackers give and take ground. The team uses optimization and data from actual grid cyberattacks to train the model.

The project is one of hundreds of efforts at PNNL to improve artificial intelligence or apply it to address the nation’s greatest challenges. The research led by Purohit is an example of work on energy resilience, an important mission area of the Center for AI @ PNNL.

The research draws on research previously done by MITRE Corp. that links high-level objectives of adversaries with the techniques they have used as well as ways to prevent attacks. But the framework does not include information about the “cost” to an organization, in terms of effort or money, to implement those protections. The PNNL team is trying to change that by addressing the cost of implementing solutions.

“This approach would allow a utility to quickly assess its cyber risk as they are planning their future grid expansion,” said Purohit. “If you plan to connect more smart devices in the future, you need to be prepared to address the risks. There are thousands of ways to attack utility operations. By looking at historical events and using reinforcement learning, we have reduced that to fewer than 100 that need the most attention.”

Data scientist Rounak Meyur, who worked on the project, added that “Our work aims not only to maximize available resources but also to consider what might need to be done to augment or improve existing capabilities.”

A key part of the team’s work is making sure the work is “explainable”—that grid operators and cyber analysts understand the reasons why the model prioritizes and makes the recommendations it does.

“If your favorite movies aren’t recommended by a streaming service, and you don’t understand why, that’s inconvenient but not a real problem,” said Purohit. “But grid operators must keep the power on, and they need to understand the reasoning behind every action they might take.”

The team is working to improve the model and plans to work with power grid and cybersecurity experts to better measure the impacts of adversarial actions on cyber-physical systems.

PNNL researcher Braden Webb also contributed to the project. The research, funded by PNNL, is part of a Laboratory project called Resilience through Data-driven, Intelligently Designed Control, where cybersecurity scientist Thomas Edgar and others are part of the effort.

“Right now, in some ways, keeping power flowing and keeping the grid safe is more art than science,” said Edgar. “Our approach is grounded in science and would help the utility know in a more definitive way where to invest to get the most bang for its buck in terms of protecting itself from attack.”

Tom Rickey is senior science writer, News and Media Team, Pacific Northwest National Laboratory (PNNL). The article was originally posted to the website of PNNL.