Dynamic
Data-Driven and Real-Time
Verification for
Industrial Control System
Security
Figure 1. An ICS Example in Smart Grid. In the pursuit of this goal, we will develop a real-time verification framework, named "VeriGrid" (see Figure 2), for verifying the network and application behavior of an ICS in real time. VeriGrid takes dynamic input data from the network layer (e.g., topologies, forwarding tables) and the application layer (e.g., control event, data traffic), and then verifies the network/application behavior against system policies. Violations will indicate errors and vulnerabilities caused by cyber-attacks or misconfigurations. One key feature of VeriGrid is that our models are capable of accepting data at execution time (both traces or real-time data) as system states evolve, and the input data will drive VeriGrid to (1) select the appropriate models with different level of details, and (2) dynamically update the models, to steer the verification process. Figure 2. System Design of VeriGrid. In addition, we also plan to perform rigorous evaluation of VeriGrid on the IIT campus microgrid (see Figure 3). IIT and the Robert W. Galvin Center have built the first ever fully-functional Perfect Power system on IIT's Main Campus in Chicago, a "Living Laboratory" for smart grid, microgrid, and other energy technologies. Figure 3. IIT Campus Microgrid. Sponsor Illinois Institute of
Technology . Department of
Computer Science . Chicago, IL .
60616
|