Biblio

Filters: Author is Amir, Yair  [Clear All Filters]
2020-03-16
Babay, Amy, Schultz, John, Tantillo, Thomas, Beckley, Samuel, Jordan, Eamon, Ruddell, Kevin, Jordan, Kevin, Amir, Yair.  2019.  Deploying Intrusion-Tolerant SCADA for the Power Grid. 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :328–335.

While there has been considerable research on making power grid Supervisory Control and Data Acquisition (SCADA) systems resilient to attacks, the problem of transitioning these technologies into deployed SCADA systems remains largely unaddressed. We describe our experience and lessons learned in deploying an intrusion-tolerant SCADA system in two realistic environments: a red team experiment in 2017 and a power plant test deployment in 2018. These experiences resulted in technical lessons related to developing an intrusion-tolerant system with a real deployable application, preparing a system for deployment in a hostile environment, and supporting protocol assumptions in that hostile environment. We also discuss some meta-lessons regarding the cultural aspects of transitioning academic research into practice in the power industry.

2020-07-27
Babay, Amy, Tantillo, Thomas, Aron, Trevor, Platania, Marco, Amir, Yair.  2018.  Network-Attack-Resilient Intrusion-Tolerant SCADA for the Power Grid. 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :255–266.
As key components of the power grid infrastructure, Supervisory Control and Data Acquisition (SCADA) systems are likely to be targeted by nation-state-level attackers willing to invest considerable resources to disrupt the power grid. We present Spire, the first intrusion-tolerant SCADA system that is resilient to both system-level compromises and sophisticated network-level attacks and compromises. We develop a novel architecture that distributes the SCADA system management across three or more active sites to ensure continuous availability in the presence of simultaneous intrusions and network attacks. A wide-area deployment of Spire, using two control centers and two data centers spanning 250 miles, delivered nearly 99.999% of all SCADA updates initiated over a 30-hour period within 100ms. This demonstrates that Spire can meet the latency requirements of SCADA for the power grid.
Babay, Amy, Schultz, John, Tantillo, Thomas, Amir, Yair.  2018.  Toward an Intrusion-Tolerant Power Grid: Challenges and Opportunities. 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS). :1321–1326.
While cyberattacks pose a relatively new challenge for power grid control systems, commercial cloud systems have needed to address similar threats for many years. However, technology and approaches developed for cloud systems do not necessarily transfer directly to the power grid, due to important differences between the two domains. We discuss our experience adapting intrusion-tolerant cloud technologies to the power domain and describe the challenges we have encountered and potential directions for overcoming those obstacles.