[00:00:11] >> OK Hello everyone Good afternoon my name is Toby chicory and I met a 30 year Ph D. student at E.C. Georgia Tech and today I'm going to present you did a radio censor for providing cyber security for the power grid this is directed him which includes 2 graduate students 3 faculty members in Georgia Tech we have an interdisciplinary team expertise in the field of cybersecurity electromagnetic analysis and I will teach power engineer OK let me start with a brief story imagine that you own a big business in a big city like Atlanta in a regular day in a regular summer day you back your home and you go to bed early and Fiore's later you wake up because of a hot temperature in your bedroom you're trying to figure out what's going on you 1st try to turn on the lies it seems that you lost power your home there for a track system doesn't work that's why the temperature in the room is so hot just but just on the Korea city you open up your cell phone checking the news and you notice that there is a big blackout happening in Atlanta Why did it happen you read the news that some of the power delivery equipment had been targeted by d'etat cyber criminals and they took down the critical infrastructure and the emergency response team from Georgia Power are saying do that OK it's going to take place 3 weeks to reconnect all the lows to the city. [00:02:01] It's a huge disaster for a big business or Ray But what if you were a C.E.O. of Georgia Power What if you were the seas of Georgia Power How would you answer the complaints coming from customers business owners or even politicians in recent years and let me tell you something this is not a story this has already happened for multiple times in recent years like if we had dragon fly version to get some Alberta targeted several countries in Europe they took down the turkey power grid in 2015 Switzerland in 2015 in other malware called Black Energy Target that Ukrainian power grid 2 times 20152016 last month in Venezuela they took down the power grid with cyber attack you might think that this is the case in the international level not in the U.S. we are secure here but that's not true we have been targeted a lot of cyber we have experienced a lot of cyber attacks in the U.S. a couple of them here in North Carolina in California into any 13 and wanting Arizona 2016 and takes us 2017 but. [00:03:30] What is the main problem why we can to mitigate the threats of cyber attacks and power grids why we can prevent these attacks to Problem is coming from the structure of the cup poverty grid that has been designed in back in 60 and seventy's. Basically power grid is being removed clean monitored and controlled through contrails centers so we have multiple substations in every substations we have sensors those sensors that are pole together in the suburbs in the control center. [00:04:08] And there are some data on Alex going on in the control center and control actions are being sent back to the substations So we have a structure like this we have a conference center multiple substations like every other computer network it can be compromised usually the attackers can compromise one or multiple substations do malicious things in the substations to pose damage to the system to Coles several weeks of power interruption while of reporting normal operating condition to the control center so the problem is that the current sensors in the substations they cannot provide authentication like any other sensor temperature sensor pressure sensor you can prove record some data from yesterday and replay it in today's as if it's a fresh and alive that to solve this problem we developed are if did it's basically a cyber security tool and sensor can provide secure monitoring for departure grid it provides you with a live and fresh data that cannot be manipulated or touched even if you have physical access to the sensor We talked with a lot of utility companies across the U.S. and we got close collaboration between utility companies chopped Dominion Energy We tested our prototype in their substations and we got very promising results. [00:05:53] What is the current market structure the car market is dominated by these 5 big names A.B.B. Schneider's emails to us are Gee they provide current sensor to the substations But as I said they are insecure throughout our interviews with the utilities sizzles project engineers in the security. Areas of the utility companies we notice that they suffer from 2 meaning problems so the current sensors the 1st problem is authentic edition they cannot provide authentication they can be easily fake you can replay fake data to D. sensors on the other hand are if did provide the authentication eat basically captures the electromagnetic signal surrounding the substation and it's been naturally been in code by the cosy random distribution of lightning strikes happened 1000 kilometers away so we can authenticate the measure signal in every 2nd literally this 2nd problem was Insall a sion difficulty the current sensors are very hard to install you have to take down everything cut the power to the customers feed them with backup power and it requires multiple technical people working on several days to install the sensors but on the other hand are if kids is very easy to install You don't need any technical people it can be installed in a few minutes and it's basically noninvasive you don't have to take down anything. [00:07:40] That's why those utility companies agreed to have close collaboration with us because we didn't have to touch anything in the substation. We are already protected we already filed a patent application and we already developed the magic behind this technology we already published a paper in one of the top security menus and we also had some media coverage. [00:08:11] But let me talk about the market size so if I'm talking about only the United States we have more than $70000.00 service stations in the U.S. and each substation needs at least 10 sensors to be fully secured so the market size in the U.S. is requires more than 700000 substations in talking 700000 sensors in total and it's growing every year we guarding the marketing plans we can approach the market with 3 different plans we can approach it individually we can go through one of the I see a security companies or we can go through what I'm to big names available in the market regarding the next steps we need more prototypes because we want to deploy our we currently have only one prototype we need to build at least 2 more prototypes to permanently deploy them in substations and we need to do more field tests to. [00:09:15] Fill the gaps and we need to do more about the marketing plans and how we can approach the market Thank you for your attention and I'm here for any questions thank you thank you. The below is on well done nice presentation just 1st a clarification than a question so I think you saw it as the U.S. 70000 substations from your slide that you talked about 10 sensors can you like 1st of all so you saying there are 10 critical points that you'd want to have these sensors in each one of the substations So you've got the $700000.00 or are there more critical points in terms of sizing the number of sensors you really need to adequately monitor a substation that's a good point actually it depends on the substation size that was a rough estimate of each substation so each substation you need at least 10 sensors on average to fully provide this security the security monitoring in that specific substation Thank you it's good and then. [00:10:41] In terms of the level of effort for the customer I'm just trying to understand the call it the you know installation and then the integration into their operations today so it's one thing to install a sensor that's very easy and it takes one person you know 5 minutes it's another to integrate that into However they're operating today so if you have a sense of the level of effort to do the installation as well as the integration operationally Well we try to automate everything so that after installation you you wouldn't need to do data much to operate the sensor but the conventional sensor is on the other hand it's a high voltage substation it's 200 kilowatts you have to take down the energize everything you should start on them and it requires a lot of efforts with expertise in other domains but our states doesn't you just need to walk through the substation and connect the power and network cables and tearing the algorithm. [00:11:51] So with the solution presented nice job by the way thank you with the solution if you had experience as to working with customers of actually detecting the type of cyber attackers are incident the trial and related question is how you how do you how are you going about research to figure out what possible attack types are for the skater devices so on average the U.S. power grid in tall is experiencing more than $2000000.00 at tax and daily basis most of them fortunately are trivial attacks but in order to see the performance of our matter in bills in the case of real attacks we have to pay eminently deploy the sensors to see what what can happen in real practice we tested that in some simulated conditions like we tested our sensor during a maintenance scheduling that they did some switching stuff to see and we noticed that our algorithm can detect those successfully but in order to see the real situations we have to deploy it permanently actually to utility companies they suggested to permanently deploy our technology to to work in parallel with their current system to see its performance in a long term what do they do today so clearly clearly they've got some sort of sensing for intrusion What are the. [00:13:29] Whys is better. Will dig her Aunt Lee They're trying to keep their system up to date to just I mean for reduce the number of attacks successful attacks today or system but the thing is that they can't patch here system so frequently because it's proper appropriate 3 algorithm and products and it's usually big it's oscillated from the Internet so it's usually being has been done manually so they do that at most twice a year so they can't actually they don't have any viable solution for this currently and have so and your intrusion your sensors to detect that intrusion Yeah but it doesn't solve just regular Stilton of itself because if you if you can't detect it immediately you can change the Kontrol of the system if the attacker let's say even open the sewage maliciously you can reconnect it and put it in the manual obviously the challenge is detection Can you talk a little bit more about the intellectual property that you mentioned just so you know what number of patents and what areas defensibility and that kind of thing. [00:14:52] What specific Can I ask for the specific thing for me I think you mention that you've gotten some patterns in the actual property so I just want to understand a little more about that like we don't how many how many patterns and what area of interest roughly you know what you could say about it and then how defensible Yeah we we filed only one pattern from this work we've filed actually to protect our prototype and specific research one of the unique parts of this work and it can be used in other domains too was lightning goeth into cation So basically to censor can has applications in other domains death can generate electromagnetic signal in areas like electric trains so that that's the main part that we filed in our patent application Thank you. [00:15:50] Thanks.