Subscribe free to our newsletters via your
. 24/7 Space News .

Subscribe free to our newsletters via your

Device 'fingerprints' could help protect power grid, other industrial systems
by Staff Writers
Atlanta GA (SPX) Mar 04, 2016

Georgia Tech researchers have developed a device fingerprinting technique that could improve the security of the electrical grid and other industrial systems. The system would be used in electrical substations like this one. Image courtesy Fitrah Hamid, Georgia Tech. For a larger version of this image please go here.

Human voices are individually recognizable because they're generated by the unique components of each person's voice box, pharynx, esophagus and other physical structures.

Researchers are using the same principle to identify devices on electrical grid control networks, using their unique electronic "voices" - fingerprints produced by the devices' individual physical characteristics - to determine which signals are legitimate and which signals might be from attackers. A similar approach could also be used to protect networked industrial control systems in oil and gas refineries, manufacturing facilities, wastewater treatment plants and other critical industrial systems.

The research, reported February 23 at the Network and Distributed System Security Symposium in San Diego, was supported in part by the National Science Foundation (NSF). While device fingerprinting isn't a complete solution in itself, the technique could help address the unique security challenges of the electrical grid and other cyber-physical systems. The approach has been successfully tested in two electrical substations.

"We have developed fingerprinting techniques that work together to protect various operations of the power grid to prevent or minimize spoofing of packets that could be injected to produce false data or false control commands into the system," said Raheem Beyah, an associate professor in the School of Electrical and Computer Engineering at the Georgia Institute of Technology.

"This is the first technique that can passively fingerprint different devices that are part of critical infrastructure networks. We believe it can be used to significantly improve the security of the grid and other networks."

The networked systems controlling the U.S. electrical grid and other industrial systems often lack the ability to run modern encryption and authentication systems, and the legacy systems connected to them were never designed for networked security. Because they are distributed around the country, often in remote areas, the systems are also difficult to update using the "patching" techniques common in computer networks. And on the electric grid, keeping the power on is a priority, so security can't cause delays or shutdowns.

"The stakes are extremely high, but the systems are very different from home or office computer networks," said Beyah. "It is critical that we secure these systems against attackers who may introduce false data or issue malicious commands."

Beyah, his students, and colleagues in Georgia Tech's George W. Woodruff School of Mechanical Engineering set out to develop security techniques that take advantage of the unique physical properties of the grid and the consistent type of operations that take place there.

For instance, control devices used in the power grid produce signals that are distinctive because of their unique physical configurations and compositions. Security devices listening to signals traversing the grid's control systems can differentiate between these legitimate devices and signals produced by equipment that's not part of the system.

Another aspect of the work takes advantage of simple physics. Devices such as circuit breakers and electrical protection systems can be told to open or close remotely, and they then report on the actions they've taken. The time required to open a breaker or a valve is determined by the physical properties of the device. If an acknowledgement arrives too soon after the command is issued - less time than it would take for a breaker or valve to open, for instance - the security system could suspect spoofing, Beyah explained.

To develop the device fingerprints, the researchers, including mechanical engineering assistant professor Jonathan Rogers, have built computer models of utility grid devices to understand how they operate. Information to build the models came from "black box" techniques - watching the information that goes into and out of the system - and "white box" techniques that utilize schematics or physical access to the systems.

"Device fingerprinting is a unique signature that indicates the identity of a specific device, or device type, or an action associated with that device type," Beyah explained. "We can use physics and mathematics to analyze and build a model using first principles based on the devices themselves. Schematics and specifications allow us to determine how the devices are actually operating."

The researchers have demonstrated the technique on two electrical substations, and plan to continue refining it until it becomes close to 100 percent accurate. Their current technique addresses the protocol used for more than half of the devices on the electrical grid, and future work will include examining application of the method to other protocols.

Because they also include devices with measurable physical properties, Beyah believes the approach could have broad application to securing industrial control systems used in manufacturing, oil and gas refining, wastewater treatment and other industries. Beyond industrial controls, the principle could also apply to the Internet of Things (IoT), where the devices being controlled have specific signatures related to switching them on and off.

"All of these IoT devices will be doing physical things, such as turning your air-conditioning on or off," Beyah said. "There will be a physical action occurring, which is similar to what we have studied with valves and actuators."

In addition to those already mentioned, the research included graduate students David Formby, the paper's first author; Preethi Srinivasan and Andrew Leonard. David Formby, Preethi Srinivasan, Andrew Leonard, Jonathan Rogers and Raheem Beyah, "Who's in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems," (NDSS 2016).


Related Links
Georgia Institute of Technology
Powering The World in the 21st Century at

Comment on this article via your Facebook, Yahoo, AOL, Hotmail login.

Share this article via these popular social media networks DiggDigg RedditReddit GoogleGoogle

Previous Report
Creation of Jupiter interior, a step towards room temp superconductivity
Osaka, Japan (SPX) Dec 21, 2015
Hydrogen is the most abundant element in the universe, and a major component of stars such as the Sun, as well as gas-giant planets such as Jupiter and Saturn. In recent years, hydrogen's behavior at high temperature and high pressure has been in the realm of interest not only for planetary science, but also for fields such as materials science for the purpose of achieving a hydrogen energy soci ... read more

NASA May Return to Moon, But Only After Cutting Off ISS

Lunar love: When science meets artistry

New Lunar Exhibit Features NASA's Lunar Reconnaissance Orbiter Imagery

NASA releases strange 'music' heard by 1969 astronauts

Revisit NASA's Mars Pathfinder and Rover In 360 Viewer

Opportunity Mars Rover Goes Six-Wheeling up a Ridge

Jarosite in the Noctis Labyrinthus Region of Mars

Trace Gas Orbiter and Schiaparelli are joined

Tools and Talent at Michoud to Complete SLS Core Stage Welding in 2016

Orion Simulations Help Engineers Evaluate Mission Operations for Crew

Orion Test Hardware in Position for Solar Array Test

NASA Space Program Now Requires Russian Language

Logistics Rule on Tiangong 2

China to launch second space lab Tiangong-2 in Q3

China's moon lander Chang'e-3 enters 28th lunar day

Staying Alive on Tiangong 2

Paragon wins NASA ISS water processor development contract

NASA's Science Command Post Supports Scott Kelly's Year In Space

After nearly a year in space, Scott Kelly craves human contact

Scott Kelly returns to earth, but science for NASA's journey to Mars continues

At last second, SpaceX delays satellite launch again

Arianespace Soyuz to launch 2 Galileo satellites in May

SpaceX postpones rocket launch again

Russian rocket engines ban could leave US space program in limbo

Imaging Technique May Help Discover Earth-Like Planets Around Other Stars

Newly discovered planet in the Hyades cluster could shed light on planetary evolution

Imaging technique may help discover Earth-like planets

Longest-Lasting Stellar Eclipse Discovered

Bone research could yield stronger synthetic materials

New catalyst makes hydrogen peroxide accessible to developing world

Research demonstrates that air data can be used to reconstruct radiological releases

California researchers reveal how to hack a 3D printer

Memory Foam Mattress Review
Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily
XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News

The content herein, unless otherwise known to be public domain, are Copyright 1995-2016 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement All images and articles appearing on Space Media Network have been edited or digitally altered in some way. Any requests to remove copyright material will be acted upon in a timely and appropriate manner. Any attempt to extort money from Space Media Network will be ignored and reported to Australian Law Enforcement Agencies as a potential case of financial fraud involving the use of a telephonic carriage device or postal service.