Securing Substations with Trust, Risk Posture, and Multi-Agent Systems by Dr. K. Boakye-Boateng

Описание: Recorded as part of the May 10th Cybersecurity Revolution (SECREV) event for #cybersecurity research with introduction and Q&A by Sumit Kundu, Strategic Collaborations & Partnership Development Officer.

The Smart Grid is an IT-integrated power grid that generates, transmits, and distributes electricity to households and businesses. The #substation is a crucial element of the Smart Grid’s operation, which adjusts voltages during the entire process. The integration of IT has increased in the substation’s attack surfaces. Sophisticated attacks such as the Pipeline APT contain multi-protocol modules for various devices. Performance constraints make substations a unique case; hence it is challenging to implement encryption and intrusion detection systems. We believe trust can tackle this problem. We present an improved trust model that detects protocol-based attacks toward an IED/SCADA HMI. This model is included within a multi-agent-based trust management system that computes the substation’s risk posture. Our proposed design was implemented in a Docker-based testbed environment with a SOC-influenced dashboard to provide real-time updates. The implementation was subjected to three attack scenarios: external attack, internal attack from compromised SCADA HMI, and internal attack from a compromised non-trusted IED. We observed that our model was robust against all attacks except for the baseline replay and delay response attacks. Detecting these attacks will be considered for future work as well as trust transferability. Our institute’s website provides a publicly available dataset containing captures of our MAS testbed.

Dr. Kwasi Boakye-Boateng Aside a decade of experience within the telecommunication sector, Kwasi has over six years of experience in #cybersecurity research and development, working with various industrial partners on topics such as threat intelligence, data collection, and attacks within the smart grid. Kwasi received his BSc. and MPhil degrees in Computer Engineering, in 2007 and 2012 respectively, from the Kwame Nkrumah University of Science and Technology, Kumasi, Ghana. In February 2024, Kwasi received his Ph.D. degree in Computer Science from the University of New Brunswick, specializing in smart grid security. He is involved in industrial-related cybersecurity projects with renowned industry giants Siemens and General Dynamics Missions Systems-Canada and IBM as a Research Team Lead. His research interests include smart grid security threat intelligence sharing, security of military-based mission-critical systems, and risk management.

-------------------------------
To learn more about the Canadian Institute for Cybersecurity watch,    • Canadian Institute for Cybersecurity  .
To learn more about the Cybersecurity Revolution (SECREV) visit, https://www.serene-risc.ca/secrev.org...
Check out Kwasi Boakye-Boateng’s webinar about consumer internet of things (IoT) devices here    • To Each Its Own? IoT Devices Being the Las...  
Another webinar by Kwasi Boakye-Boateng, "Switching to a Career in Cybersecurity,"    • Switching to a Career in Cybersecurity by ...  
Also read Kwasi Boakye-Boateng’s blog post, “Beware the Ides of Third-Party” here: https://cyberdailyreport.com/blog/29.
Other SECREV recordings,    / @hc2p  
CIC Modbus dataset 2023, https://www.unb.ca/cic/datasets/modbu...

#cybersecurityawareness #smartgrid #dataset #operationaltechnology #SubstationSecurity #Modbus #Trust #ModbusDataset2023

Stay connected with us!
Twitter:   / cic_unb  
Facebook: https://fb.me/cicunbca
LinkedIn:   / canadian_institute_cybersecurity  
Blog: https://cyberdailyreport.com/blog
Website: https://www.unb.ca/cic/

Canadian Institute for Cybersecurity
University of New Brunswick
46 Dineen Drive, Fredericton, NB E3B 9W4
Canada

0:00 Introduction
1:30 Opening Remarks
1:58 Outline
2:49 Operational Technology & Smart Grids
3:00 Operational Technology
3:54 Power Grid
4:47 Smart Grid-Cyber Integration with Power Grid
5:57 Smart Grid Attack Surface Increase
7:10 Advance Persistent Threats
9:40 Protecting the Substation-Challenges & Approach
10:28 Attack Surface of a Substation
11:07 APT-Attack Flow
11:40 Current Cyber Resiliency Approaches
12:14 Is it Tough to Protect Substations
13:07 Alternative Approach
13:48 Game Plan
14:10 Multi-Agent System
14:35 Implementation
16:36 Implementation-Architecture
16:59 Attacks Mapped
17:52 Testing Scenarios
18:37 Results
21:07 Dataset Structure
23:15 5Ws-CIC Datasets
24:48 Closing Remarks & Q&A