Initializing….

Slides:



Advertisements
Similar presentations
Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Advertisements

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
14. Aug Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware SAC 2013, Burnaby, Canada Thomas Pöppelmann and Tim Güneysu.
Challenges in Protecting Critical National Infrastructure from Cyber Attacks Singapore University of Technology and Design Aditya P Mathur September 27,
1. AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.
TIME BASED ENCRYPTION ON NETWORK PROCESSOR TEAM WOLFDALE The University of Southern California 1.
Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.
FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.
Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.
Strategic Directions in Real- Time & Embedded Systems Aatash Patel 18 th September, 2001.
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
Architectural Power Management for High Leakage Technologies Department of Electrical and Computer Engineering Auburn University, Auburn, AL /15/2011.
Deep Packet Inspection with Regular Expression Matching Min Chen, Danny Guo {michen, CSE Dept, UC Riverside 03/14/2007.
OPC Alarm.NET.
THE A-TEAM MATHIVATHANI BARATHI MOHAN DINESH UDAYAKUMAR BHARGAV BHAT BHASKAR.
INTRUSION DETECTION SYSTEM
Information Theory Based Parametric Network Consolidation Team Dark Knight Akhil Singhvi Anup Ganesh Avinash Varma Sushrith Hegde Vishaal Nagaraja.
A Critical Infrastructure Testbed for Cybersecurity Research and Education Ai Onda, Kalana Pothuvila, Joseph Urban, and Jordan Berg Abstract Awareness.
Department of Electrical and Computer Engineering Kekai Hu, Harikrishnan Chandrikakutty, Deepak Unnikrishnan, Tilman Wolf, and Russell Tessier Department.
Chapter 10 Remote Access and Wireless Networking Business Issues Logical & Physical Topology Technology: Hardware & Software, & Wireless Personnel Communication.
Kamalapurkar Shounak Rajarshi Salil Joshi Rohan Bhavsar Sagar Pai Sandesh Low Latency Publisher-Subscriber Network for Stock Market Application Team WhiteWalkers.
Jennifer Rexford Princeton University MW 11:00am-12:20pm Programmable Data Planes COS 597E: Software Defined Networking.
Securing Information Systems
1 NETWORKED EMBEDDED SYSTEMS SRIKANTH SUBRAMANIAN.
Distributed Systems. Outline  Services: DNSSEC  Architecture Models: Grid  Network Protocols: IPv6  Design Issues: Security  The Future: World Community.
Workpackage 3 New security algorithm design ICS-FORTH Paris, 30 th June 2008.
Distributed Real-Time Systems for the Intelligent Power Grid Prof. Vincenzo Liberatore.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
CS CS 5150 Software Engineering Lecture 18 Security.
Hardware Protection Against Software Piracy Tim Maude and Derwent Maude Communication of the ACM September 1984 Presentation by Gayathri Ramakrishnan.
Paper Review: XiSystem - A Reconfigurable Processor and System
DATA ANALYTICS AT LINE SPEED OVER CONTROLLED NETWORK TEAM :ALPHA ADROIT ANKIT DWIVEDI NITISH JAIN PUNEETH REDDY RITU ARORA VINIT MELINAMANI.
Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.
PROV 504 NIKITHA VADDULA INTRODUCTION IMPORTANCE OF DISCIPLINE CURRENT ISSUES MAJOR ORGANIZATIONS PRE-EMINENT SCHOLARS SEMINAL WORKS CONNECTIONS.
Chapter 2 Summary Classification of architectures Features that are relatively independent of instruction sets “Different” Processors –DSP and media processors.
Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.
M340 Modbus Plus Proxy Link legacy systems to Ethernet
A.SATHEESH Department of Software Engineering Periyar Maniammai University Tamil Nadu.
1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.
Radix-2 2 Based Low Power Reconfigurable FFT Processor Presented by Cheng-Chien Wu, Master Student of CSIE,CCU 1 Author: Gin-Der Wu and Yi-Ming Liu Department.
Presented by, Team: Natus Vincere Adarsh Naga Seshulu Recherla Nikila Goli Venkata Harish Mopidevi Secure DNS Caching using Custom Network Processor.
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES Lesson №18 Telecommunication software design for analyzing and control packets on the networks by using.
11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 
Information Technology Needs and Trends in the Electric Power Business Mladen Kezunovic Texas A&M University PS ERC Industrial Advisory Board Meeting December.
Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire.
 Parallel Deposit (bit scatter)  Deposits in the result register, at positions flagged by 1’s in r 3, the right justified bits from r 2 Yedidya Hilewitz.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Efficient Group Key Management in Wireless LANs Celia Li and Uyen Trang Nguyen Computer Science and Engineering York University.
An Operating System for Reconfigurable Computers Brandon Hamilton Department of Electrical Engineering University of Cape Town Brandon Hamilton Department.
TEAM HAL9000 Sachin Sreelal Sonam Waghray Heril Chheda.
Initializing….
Presented by, Amit Jain Pruthwin Kadmaje Giridhara Shailesh Kayambady Sathyanarayana Bhat.
THE NEW GENERATION TRANSMISSION By Ashroo M. Das 6 th sem, EEE & Deepak Kumar 6 th sem, EEE.
Network Processing Systems Design
Cyber Security in the Water Sector
Dynamo: A Runtime Codesign Environment
MadeCR: Correlation-based Malware Detection for Cognitive Radio
4. NCdisk SP-based SoC Architecture 5. NCdisk Security Protocol
ABYSS : An Architecture for Software Protection
Tapping Into The Unutilized Router Processing Power
Hardware Support for Embedded Operating System Security
Reconfigurable Hardware Scheduler for RTS
Figure 1-7: Eavesdropping on a Dialog
Encryption and Hacking
INTRODUCTION TO COMPUTERS
Seminar Tittles 1-Modeling and Optimization of soft-error reliability of Sequential circuits. 2-Statistical Estimation of Sequential Circuit Activities.
ELEC / Computer Architecture and Design Spring 2015 Pipeline Control and Performance (Chapter 6) Vishwani D. Agrawal James J. Danaher.
Presentation transcript:

Initializing…

Arvind Balakumar Chaitanya Amin Akshay Desai University of Southern California Hardware Based Secure SCADA System For Distributed Power Generation And Control Arvind Balakumar Chaitanya Amin Akshay Desai

Smart Power Distribution Frequency   Data

Smart Power Distribution   Data

Motivation Attacker

Our System Hardware Based Secure SCADA System For Distributed Power Generation And Control

Frequency< F_optimum Power < Pmax Frequency< F_optimum Decrypt Increase Speed Intrusion Detected..! Provide Support to PS1 and Connect Tie Lines Data Decrypt HMI Power Station 2 Encrypt J.A.R.V.I.S Network Processor Attacker Archiver Power Station 1 Power < Pmax Frequency = F_optimum Load Balanced Decrypt Power < Pmax Frequency= F_optimum Data Data

Deep Packet Inspection..!! Yay!! Packet is safe Deep Packet Inspection..!! Input Queues IDS Intrusion Detection System Decrypt Processing & Data Logging Encrypt Output Queues

Data Processing & Decision Making Input Queues IDS No Match Decrypt Data Processing & Decision Making Encrypt Output Queues

Data Memory Crypto Engine Instruction Memory Control Logic Data Data PC 1 PC 2 Control Logic Opcode Branch Thread Scheduler Jump Zero Data ALU Data Register File Data Memory qef Data Instruction Memory qwedq Data IncomingPacket Sign Ext Crypto Engine Power = 10MW Freq. = 60Hz Decrypting qef qwedq bwrg qwmm

Data Processing & Decision Making Input Queues IDS Decrypt Data Processing & Decision Making Encrypt Output Queues

Data Memory Crypto Engine Instruction Memory Control Logic Header PC 1 PC 2 Count Count Control Logic Opcode Control Control SW Compare Branch Thread Scheduler Jump Zero rs rs T1 T2 ALU Register File Data Memory #rs #rs Header Instruction Memory Instruction Instruction Freq. = 60Hz Power = 10MW Power = 10MW Speed++ rt rt Power = 10MW #rt #rt Speed ++ Sign Ext Crypto Engine

Frequency < Optimum Speed++ Power <= Max Frequency = Optimum No Change ENCRYPT Data Memory Header Freq. = 60Hz Power < Max Frequency < Optimum Speed++ Power = 10MW Speed ++ Activate Power Station2 Power = Max Frequency <Optimum

Data Processing & Decision Making Input Queues IDS Decrypt Data Processing & Decision Making Encrypt Output Queues

Frequency< F_optimum Power < Pmax Frequency< F_optimum Decrypt Increase Speed Intrusion Detected..! Provide Support to PS1 and Connect Tie Lines Data Decrypt Load Balancing HMI Power Station 2 Encrypt Attacker Archiver Power Station 1 Power < Pmax Frequency = F_optimum Load Balanced Decrypt Power < Pmax Frequency= F_optimum Data Data

(PowerLogic by Schneider Electric) Comparison with existing SCADA Software Parameters (PowerLogic by Schneider Electric) Our System Security Vulnerable to malware and virus attacks Secure system-Symmetric Key exchange using RSA, IDS, Exchange of encrypted data Latency High due to software overhead when security features are included Low latency even with sophesticated security measures Human Intervention Human intervention is required most of the time Major redundant decisions are taken by the processor Flexibility Designed to accommodate modifications to the system allowing users to enhance performance Less flexible as a final product as the hardware cannot be re-configured

Snapshots of Real Time Graphs Data

MileStones Date Description Status April 13 Dual thread processor design and Integration April 20 Integration of IDS to Dual Thread system Finalizing of Final project features April 27 Improving Encryption and Security of processor Socket programming May 4 Plotting of real time processed values in graph Data logging of processed values Comparing with existing SCADA software

References ï S. Ganapathy and T. Wolf, “Design of a network service architecture,” in Proc. of Sixteenth IEEE International Conference on Computer Communications and Networks (ICCCN), Honolulu, HI, Aug. 2007, pp. 754–759.  ï T. Wolf, “Challenges and applications for network-processor-based programmable routers,” in Proc. of IEEE Sarnoff Symposium, Princeton, NJ, Mar. 2006.  ï Bonnie Zhu and Shankar Sastry, “SCADA-specific Intrusion Detection/Prevention Systems: A Survey and Taxonomy” ï Balancing and Frequency Control - A Technical document prepared by the NERC Resources subcommittee. ï Niv Goldenberg, Avishai Wool, School of Electrical Engineering, Tel Aviv University, Ramat Aviv 69978, Israel, “Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems”, ELSEVEIR - International Journal For Critical Infrastructure Protection 2013 ï Y. Yang, K. McLaughlin, S. Sezer et al, “Multiattribute SCADA-Specific Intrusion Detection System for Power Networks” IEEE Transactions On Power Delivery, Vol. 29, No. 3, June 2014 Data

Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.