Initializing….

Slides:

Advertisements

Similar presentations

14. Aug Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware SAC 2013, Burnaby, Canada Thomas Pöppelmann and Tim Güneysu.

Advertisements

1. AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.

TIME BASED ENCRYPTION ON NETWORK PROCESSOR TEAM WOLFDALE The University of Southern California 1.

Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood

FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.

Computer ArchitectureFall 2007 © October 3rd, 2007 Majd F. Sakr CS-447– Computer Architecture.

Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.

The Processor 2 Andreas Klappenecker CPSC321 Computer Architecture.

Application of NetFPGA in Network Security Hao Chen 2/25/2011.

Strategic Directions in Real- Time & Embedded Systems Aatash Patel 18 th September, 2001.

The Datapath Andreas Klappenecker CPSC321 Computer Architecture.

Deep Packet Inspection with Regular Expression Matching Min Chen, Danny Guo {michen, CSE Dept, UC Riverside 03/14/2007.

Host Intrusion Prevention Systems & Beyond

Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.

THE A-TEAM MATHIVATHANI BARATHI MOHAN DINESH UDAYAKUMAR BHARGAV BHAT BHASKAR.

Information Theory Based Parametric Network Consolidation Team Dark Knight Akhil Singhvi Anup Ganesh Avinash Varma Sushrith Hegde Vishaal Nagaraja.

A Critical Infrastructure Testbed for Cybersecurity Research and Education Ai Onda, Kalana Pothuvila, Joseph Urban, and Jordan Berg Abstract Awareness.

Department of Electrical and Computer Engineering Kekai Hu, Harikrishnan Chandrikakutty, Deepak Unnikrishnan, Tilman Wolf, and Russell Tessier Department.

Princess Sumaya Univ. Computer Engineering Dept. Chapter 4:

Chapter 10 Remote Access and Wireless Networking Business Issues Logical & Physical Topology Technology: Hardware & Software, & Wireless Personnel Communication.

Project Proposal (Title + Abstract) Due Wednesday, September 4, 2013.

Kamalapurkar Shounak Rajarshi Salil Joshi Rohan Bhavsar Sagar Pai Sandesh Low Latency Publisher-Subscriber Network for Stock Market Application Team WhiteWalkers.

Operating Systems Should Manage Accelerators Sankaralingam Panneerselvam Michael M. Swift Computer Sciences Department University of Wisconsin, Madison,

1 NETWORKED EMBEDDED SYSTEMS SRIKANTH SUBRAMANIAN.

Distributed Systems. Outline  Services: DNSSEC  Architecture Models: Grid  Network Protocols: IPv6  Design Issues: Security  The Future: World Community.

Workpackage 3 New security algorithm design ICS-FORTH Paris, 30 th June 2008.

“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.

Paper Review: XiSystem - A Reconfigurable Processor and System

DATA ANALYTICS AT LINE SPEED OVER CONTROLLED NETWORK TEAM :ALPHA ADROIT ANKIT DWIVEDI NITISH JAIN PUNEETH REDDY RITU ARORA VINIT MELINAMANI.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

PROV 504 NIKITHA VADDULA INTRODUCTION IMPORTANCE OF DISCIPLINE CURRENT ISSUES MAJOR ORGANIZATIONS PRE-EMINENT SCHOLARS SEMINAL WORKS CONNECTIONS.

Chapter 2 Summary Classification of architectures Features that are relatively independent of instruction sets “Different” Processors –DSP and media processors.

M340 Modbus Plus Proxy Link legacy systems to Ethernet

A.SATHEESH Department of Software Engineering Periyar Maniammai University Tamil Nadu.

Radix-2 2 Based Low Power Reconfigurable FFT Processor Presented by Cheng-Chien Wu, Master Student of CSIE,CCU 1 Author: Gin-Der Wu and Yi-Ming Liu Department.

Princess Sumaya Univ. Computer Engineering Dept. Chapter 5:

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES Lesson №18 Telecommunication software design for analyzing and control packets on the networks by using.

Information Technology Needs and Trends in the Electric Power Business Mladen Kezunovic Texas A&M University PS ERC Industrial Advisory Board Meeting December.

Lecture 12: Reconfigurable Systems II October 20, 2004 ECE 697F Reconfigurable Computing Lecture 12 Reconfigurable Systems II: Exploring Programmable Systems.

Initializing….

1 A single-cycle MIPS processor  An instruction set architecture is an interface that defines the hardware operations which are available to software.

Efficient Group Key Management in Wireless LANs Celia Li and Uyen Trang Nguyen Computer Science and Engineering York University.

An Operating System for Reconfigurable Computers Brandon Hamilton Department of Electrical Engineering University of Cape Town Brandon Hamilton Department.

services/load-stress-performance- testing.php Computer Platforms Evaluating performance.

1 CORPORATE INSTITUTE OF SCIENCE & TECHNOLOGY, BHOPAL DEPARTMENT OF ELECTRONICS & COMMUNICATIONS MICRO CODED CONTROLLER - PROF. RAKESH K. JHA.

TEAM HAL9000 Sachin Sreelal Sonam Waghray Heril Chheda.

Presented by, Amit Jain Pruthwin Kadmaje Giridhara Shailesh Kayambady Sathyanarayana Bhat.

ICC Module 3 Lesson 1 – Computer Architecture 1 / 11 © 2015 Ph. Janson Information, Computing & Communication Module 3 : Systems.

MIPS Processor.

THE NEW GENERATION TRANSMISSION By Ashroo M. Das 6 th sem, EEE & Deepak Kumar 6 th sem, EEE.

Network Processing Systems Design

Access the Instruction from Memory

EE204 Computer Architecture

Cyber Security in the Water Sector

Electrical and Computer Engineering University of Cyprus

Dynamo: A Runtime Codesign Environment

MadeCR: Correlation-based Malware Detection for Cognitive Radio

Products/Solutions/Expertise of C-DAC Mumbai in Smart City Domain

SHORT CIRCUIT MONITORING BY USING PLC & SCADA

4. NCdisk SP-based SoC Architecture 5. NCdisk Security Protocol

ABYSS : An Architecture for Software Protection

Morgan Kaufmann Publishers The Processor

Tapping Into The Unutilized Router Processing Power

Hardware Support for Embedded Operating System Security

Reconfigurable Hardware Scheduler for RTS

Encryption and Hacking

COMP541 Datapaths I Montek Singh Mar 18, 2010.

INTRODUCTION TO COMPUTERS

Seminar Tittles 1-Modeling and Optimization of soft-error reliability of Sequential circuits. 2-Statistical Estimation of Sequential Circuit Activities.

ELEC / Computer Architecture and Design Spring 2015 Pipeline Control and Performance (Chapter 6) Vishwani D. Agrawal James J. Danaher.

Presentation transcript:

Initializing…

Arvind Balakumar Chaitanya Amin Akshay Desai University of Southern California Hardware Based Secure SCADA System For Distributed Power Generation And Control Arvind Balakumar Chaitanya Amin Akshay Desai

Smart Power Distribution Frequency Data

Smart Power Distribution Data

Motivation Attacker

Our System Hardware Based Secure SCADA System For Distributed Power Generation And Control

Frequency< F_optimum Power < Pmax Frequency< F_optimum Decrypt Increase Speed Intrusion Detected..! Provide Support to PS1 and Connect Tie Lines Data Decrypt HMI Power Station 2 Encrypt J.A.R.V.I.S Network Processor Attacker Archiver Power Station 1 Power < Pmax Frequency = F_optimum Load Balanced Decrypt Power < Pmax Frequency= F_optimum Data Data

Deep Packet Inspection..!! Yay!! Packet is safe Input Queues IDS Intrusion Detection System Decrypt Processing & Data Logging Encrypt Output Queues

Data Processing & Decision Making Input Queues IDS Decrypt Data Processing & Decision Making Encrypt Output Queues

Data Memory Crypto Engine Instruction Memory Control Logic Data Data PC 1 PC 2 Control Logic Opcode Branch Thread Scheduler Jump Zero Data ALU Data Register File Data Memory qef Data Instruction Memory qwedq Data IncomingPacket Sign Ext Crypto Engine Power = 10MW Freq. = 60Hz Decrypting qef qwedq bwrg qwmm

Data Processing & Decision Making Input Queues IDS Decrypt Data Processing & Decision Making Encrypt Output Queues

Data Memory Crypto Engine Instruction Memory Control Logic Header PC 1 PC 2 Count Count Control Logic Opcode Control Control SW Compare Branch Thread Scheduler Jump Zero rs rs T1 T2 ALU Register File Data Memory #rs #rs Header Instruction Memory Instruction Instruction Freq. = 60Hz Power = 10MW Power = 10MW Speed++ rt rt Power = 10MW #rt #rt Speed ++ Sign Ext Crypto Engine

Frequency < Optimum Speed++ Power <= Max Frequency = Optimum No Change ENCRYPT Data Memory Header Freq. = 50Hz Power < Max Frequency < Optimum Speed++ Power = 10MW Speed ++ Activate Power Station2 Power = Max Frequency <Optimum

Data Processing & Decision Making Input Queues IDS Decrypt Data Processing & Decision Making Encrypt Output Queues

Frequency< F_optimum Power < Pmax Frequency< F_optimum Decrypt Increase Speed Intrusion Detected..! Provide Support to PS1 and Connect Tie Lines Data Decrypt Load Balancing HMI Power Station 2 Encrypt Attacker Archiver Power Station 1 Power < Pmax Frequency = F_optimum Load Balanced Decrypt Power < Pmax Frequency= F_optimum Data Data

(PowerLogic by Schneider Electric) Comparison with existing SCADA Software Parameters (PowerLogic by Schneider Electric) Our System Security Vulnerable to malware and virus attacks Secure system-IDS, Exchange of encrypted data Latency High due to software overhead when security features are included Low latency even with sophesticated security measures Human Intervention Human intervention is required most of the time Major redundant decisions are taken by the processor Flexibility Designed to accommodate modifications to the system allowing users to enhance performance Less flexible as a final product as the hardware cannot be re-configured

Snapshots of Implementation Data

Snapshots of Real Time Graphs Data

References ï S. Ganapathy and T. Wolf, “Design of a network service architecture,” in Proc. of Sixteenth IEEE International Conference on Computer Communications and Networks (ICCCN), Honolulu, HI, Aug. 2007, pp. 754–759. ï T. Wolf, “Challenges and applications for network-processor-based programmable routers,” in Proc. of IEEE Sarnoff Symposium, Princeton, NJ, Mar. 2006. ï Bonnie Zhu and Shankar Sastry, “SCADA-specific Intrusion Detection/Prevention Systems: A Survey and Taxonomy” ï Balancing and Frequency Control - A Technical document prepared by the NERC Resources subcommittee. ï Niv Goldenberg, Avishai Wool, School of Electrical Engineering, Tel Aviv University, Ramat Aviv 69978, Israel, “Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems”, ELSEVEIR - International Journal For Critical Infrastructure Protection 2013 ï Y. Yang, K. McLaughlin, S. Sezer et al, “Multiattribute SCADA-Specific Intrusion Detection System for Power Networks” IEEE Transactions On Power Delivery, Vol. 29, No. 3, June 2014 Data

Thank You!