Towards a Secure and Resilient Industrial Control System Using Software-Defined Networking
Jin, Dong (Kevin)
MetadataShow full item record
Modern industrial control systems (ICSes) are increasingly adopting Internet technology to boost control efficiency, which unfortunately opens up a new front for a potential “cyber Pearl Harbor.” People typically applied existing security techniques, such as firewalls or anti-virus software to secure ICSes. However, those solutions can only provide fine-grained protection at single devices. In this talk, we present a novel software-defined networking (SDN) based communication architecture for microgrid operations, with the goal of building a resilient and secure microgrid in the face of growing cyber-attacks and human errors. We leverage the global visibility, direct networking controllability and programmability offered by SDN to investigate multiple security applications, including self-healing network management, real-time and uncertainty-aware network verification, and resilient network forwarding. To enable high-fidelity evaluation of those applications in large-scale settings, we also develop a hybrid testbed combining virtual-machine-based network emulation and power system simulation using our kernel-based virtual time system.