PI: Arif Sarwat, Florida International University
The nature of response to a successful cyberattack on any part of the smart grid is currently reactive. At any given time, the operators and security analysts at the utility command and control centers lack a complete picture of the grid’s security factors such as vulnerabilities, threats and attack vectors. Most of their valuable time goes towards releasing patches and adhering to the North American Electric Reliability Commission (NERC) Critical Infrastructure Protection (CIP) guidelines. While utilities still rely on technology to prevent attacks, they have minimal awareness and training to be prepared for detection and response once an attack occurs.
In such an environment, the attackers are not only successful at breaking the system but also slip away before any countermeasure can be evoked by the defenders. The speed of automated security technologies like intrusion detection, firewalls, anomaly detectors, switches and taps, among others, is higher than the speed of human cognition to comprehend and act upon the data. The proposed project aims to bridge this gap by designing and developing an intelligent visualization, backed by three modules: Data (to develop contextual, processed data describing the situation of the grid), Classification (to classify processed data as erroneous, malicious, anomalous and correct data based on different rationales), and Action (to use the classified data and individual beliefs and experience as inputs to determine the best course of action to fulfill the intended objectives).
Together, the three modules improve the situation awareness for the operators who can now make well-informed decisions in a timely manner, thereby making the whole process more proactive. The results from this research will be validated and then can be integrated with the corporate information systems of utilities.
This project is led by Dr. Arif Sarwat from FIU, and the three modules will be developed and tested at his research facilities, namely, the grid-tied 1.4 MW PV power plant equipped with data acquisition systems for event reporting and logging, and a laboratory-scale utility command and control center replica integrated with high-end data processing capabilities. Following validation, the framework will be tested on a larger environment at the local utility.