Cyber Monitoring, Metrics, and Event Detection

CREDC is addressing key gaps in cyber event detection and continuous monitoring. Some approaches involve:

identifying metrics that correlate with cyber events
monitoring that does not perturb the energy delivery control system under observation
integrating knowledge of physical system behavior with physical measurements as a validity check on data, state, and other behaviors reported by the cyber infrastructure
detection algorithms and response decision algorithms that balance uncertainties in measurements, uncertainties in correlations of measurements to intrusion or corruption of data, risks of not responding to actual intrusions, costs of a dynamic response, and effectiveness of a response

Related Research Activities

Adaptive and Proactive Security Assessment on Energy Delivery Systems
Anomaly Detection for Securing Communications in Advanced Metering Infrastructure
Assured Cyber Supply Chain Provenance Using Permissioned Blockchain
Cyber Resilience Metrics for Bulk Power Systems
Data Sharing for Energy Delivery Systems
Evaluating Effectiveness of an Embedded System Endpoint Security Technology on EDS OT: Defeating the Hackers of IIoT Devices
Implementation of Resilience via Operational Controls
Metrics and Tools for Measuring Cyber Resiliency of Electric Grids
Network Function Insertion for Reliable and Secure Control Messaging Over Commodity Transport
Online, Context-aware, Intelligent Anomaly Detection, Causality and Consequence Analysis, and Response Suggestion for Supervisory Control and Data Acquisition (SCADA) Systems in Energy Distribution Systems
Reliability and Cyber-Physical Threat Model Generation from a Standards Influenced Ontology
REMEDYS: Research Exploring Malware in Energy DeliverY Systems
Robust and Secure GPS-based Timing for Power Systems
Supporting Security with Advanced Multimodal Grid Data Analytics

Related Publications

Analysis of In-order Packet Delivery Network Policy Enforcement Function
Analysis of Stepping Stone Attacks in Dynamic Vulnerability Graphs
Analyzing Impact of Communication Network Topologies on Reconfiguration of Networked Microgrids
Anomaly Detection Using Optimally-Placed micro-PMU Sensors in Distribution Grids
Attack Resilient GPS-based Timing for PMUs using Multi-Receiver Direct Time Estimation
Automated Anomaly Detection in Distribution Grids Using Micro-PMU Measurements
CloudPoS: A Proof-of-Stake Consensus Design for Blockchain Integrated Cloud
Cyber Resilience Metrics for Bulk Power Systems
Cyber-Air-Gapped Detection of Controller Attacks through Physical Interdependencies (2016)
Cyber-Air-Gapped Detection of Controller Attacks through Physical Interdependencies (2017)
Cyber-Physical Resilience: Definition and Assessment Metric
Data Injection Attacks in Randomized Gossiping
Detecting Manipulation of Power Distribution System Control Devices
Detecting PLC Control Corruption via On-Device Runtime Verification
EDMAND: Edge-Based Multi-Level Anomaly Detection for SCADA Networks
EDSGuard: Enforcing Network Security Requirements for Energy Delivery Systems
Enhancing Microgrid Resiliency Against Cyber Vulnerabilities
F-DETA: A Framework for Detecting Electricity Theft Attacks in Smart Grids
GPS Spoofer Localization for PMUs using Multi-Receiver Direct Time Estimation
Improving Bulk Power System Resilience by Ranking Critical Nodes in the Vulnerability Graph
Interfacing Techniques in Testbed for Cyber-Physical Security Analysis of the Electric Power Grid
Low-Resolution Fault Localization Using Phasor Measurement Units with Community Detection
Micro Synchrophasor-Based Intrusion Detection in Automated Distribution Systems: Towards Critical Infrastructure Security
Multi-Receiver GPS-Based Direct Time Estimation for PMUs
Online Thevenin Parameter Tracking Using Synchrophasor Data
OntoEDS: Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements
Peer-to-peer Detection of DoS Attacks on City-Scale IoT Mesh Networks
PulseSS: A Pulse-Coupled Synchronization and Scheduling Protocol for Clustered Wireless Sensor Networks
Robust GPS-Based Direct Timing Estimation for PMUs
Simultaneous Localization of Multiple Jammers and Receivers Using Probability Hypothesis Density
Towards a Reliable and Accountable Cyber Supply Chain in Energy Delivery System Using Blockchain
Towards Adaptive and Proactive Security Assessment for Energy Delivery Systems