Illinois receives $18.7M to develop testbed for electric grid security

8/29/2016 Kim Gudeman, CSL

ECE Professors David M. Nicol and Thomas J. Overbye will lead the research to create a framework that provides the same conditions as the real grid for cyber security tools development.

Written by Kim Gudeman, CSL

The University of Illinois at Urbana-Champaign has received an $18.7 million grant from the Defense Advanced Research Projects Agency (DARPA) to develop a testbed that will enable researchers to validate new technology and provide faster response and recovery following an attack on the electric grid. Building on previous testbed work at Illinois, researchers will create a framework that provides the same conditions as the real grid, enabling the development and validation of cyber security tools in an environment with unprecedented system fidelity.

“This effort will mimic grid behavior at a higher fidelity and a more realistic manner than what has been done before,” said Tim Yardley, principal investigator and associate director for technology at the Information Trust Institute. “As a result, we’ll be able to verify and validate cyber response and recovery tools at unprecedented levels.”

Illinois ECE Professors David Nicol and Tom Overbye are co-investigators on the project.

The project, called Cyber-Physical Experimentation Environment for RADICS (CEER), will leverage expertise, tools, and data provided by industry collaborators, which include SimSpaceSchweitzer Engineering Laboratory (SEL)ABBDragos Security, and a utility. As a result, the CEER testbed will take a generational leap forward by providing a professional testbed interface, mimicking utility operation, and representing a variety of grid conditions under normal operation or attack.

Cyber security professionals often use modeling to predict how the power grid will react to a certain kind of event. However, the CEER effort will approach this from a holistic perspective, integrating multiple dimensions -- network, data, hardware, and software – at the system level, allowing researchers to see how a variance might affect each dimension.

David Nicol
David Nicol

After building grid representations, researchers will run those models for a set period to get “blue sky” data, which depicts the grid under normal conditions. Then they will inject various types of disturbances into the system to represent both natural and attack-based grid events. These physical properties will then be overlaid with time-correlated cyber behavior to provide a simultaneous view of both the cyber and physical aspects of the model. By combining the domains, researchers will be able to take a snapshot of actual operation and derive a picture of grid conditions that could extend several years into the past or future.

“Many approaches today look at the problem from a single axis, missing crucial information that can help determine the root cause,” Yardley said. “Our environment will represent both cyber and physical domains, bringing the combined data into the evaluation process.”

Thomas J Overbye
Thomas J Overbye

Researchers will be able to quickly command the testbed to model specific substation configurations through a combination of virtualization, simulation, and physical devices. Based on the results, utilities will be able to explore their security protections and design more resilient approaches, while cyber security professionals can use the information to create more effective tools to determine root cause, impact, and a path to recovery.

 “Our goal is to provide a generational step forward that proves the recovery tools being built are going to be reliable and useful if an attack ever does occur,” Yardley said. “CEER will provide that environment allowing cyber security professionals to explore, develop, refine, stress, and validate the technology they develop in support of responding and recovering in the aftermath of an attack.”


Share this story

This story was published August 29, 2016.