Federated Simulation for Development of Improved Incident Detection and Management

s
Activity Leads: 
Industry Collaborators: 
  • PowerWorld
Summary Statement: 

NOTE: this is no longer an active CREDC research activity. 

Absolute security is not possible. Therefore, it is important to improve the ability of the energy delivery sector to detect, effectively intervene, and if necessary recover from cyber incidents. Emerging needs to coordinate among interdependent energy delivery systems in real time lead to further security requirements on the supporting cyber infrastructure. Necessary to the development of security controls in the operational grid is a means of bringing together detailed simulations of the grid's different components, to assess the impact of these controls on the real-time behavior of the system. The activity has three goals. First, the development of federated simulations of the power systems and its underlying cyber infrastructure, coupled with key real-time information-sharing and coordination mechanisms. We will meet this objective in part by leveraging existing commercial packages, such as interactive power system transient stability-level simulations, and in part by developing new prototype packages. Second, the development of publicly available synthetic case models that can be used within these environments. (While models of actual infrastructure are best, NDAs limit the use of such models in cooperative university research; hence the need for the synthetic case models.) Third, to develop compelling case studies and utilize the environment to develop effective analytics and visualizations that can be used to help the energy delivery sector detect security incidents, intervene, and, if necessary, recover.

This research activity aims to improve the management and detection of cyber incidents by developing an interactive simulation environment. This interactive and expendable environment can be used to study algorithms for real-time incident detection and analysis, test/verify new theories and other cyber security research on energy delivery systems.

This activity is scheduled to complete by June 1, 2017.

Energy Delivery System (EDS) Gap Analysis: 

The emerging needs for real-time coordination among interdependent energy delivery systems are creating new security requirements for the supporting cyber infrastructure. To help meet those new requirements, this activity is working to improve capabilities for incident detection and management on energy delivery systems.

Reference the research activity fact sheet (PDF) for an extended gap analysis and bibliography.

How does this research activity address the Roadmap to Achieve Energy Delivery Systems Cybersecurity?
This research activity aims to improve the management and detection of cyber incidents by developing an interactive simulation environment. This interactive and expendable environment can be used to study algorithms for real-time incident detection and analysis, test/verify new theories and other cyber security research on energy delivery systems.

Status of Activity: 
Inactive