Securing Critical Infrastructure Through Nontraditional Means
A cloud project takes advantage of emerging concepts to protect energy against disruptive threats.
Researchers at Cornell University and Washington State University have teamed to create GridCloud, a software-based technology designed to reduce the time and difficulty involved with creating prototypes of smart-grid control paradigms. The system will help overcome hurdles of cloud computing in complex settings. The effort combines Cornell’s Isis2 platform, designed for high-assurance cloud computing, with Washington State’s GridStat technology for smart grid monitoring and control. The advent of this technology promises to boost both the security and the reliability of electrical services.
Developers aim to build a scalable software structure that is secure, self-healing and inexpensive to operate. They believe that by combining Isis2 and GridStat, a cloud-based grid can have all those factors as well as guarantee consistency. Infrastructure owners motivated by economies of scale and the desire to deploy the new smart-grid solutions end up with a system that also is more resistant to attack and likely to survive other disruptions.
Dr. Ken Birman, a professor at Cornell and co-principal investigator on the project, explains that several motivations drive the effort. One involves trying to find a solution to control a power grid when multiple organizations own and have access to the infrastructure. “A second challenge that’s emerged is that people have studied the power grid and found that we don’t operate it very efficiently,” Birman says. Power suppliers often are producing extra power, for example, or finding it difficult to take advantage of renewable sources. Sometimes renewable energy—such as the type that comes from solar panels on homes—is blocked from entering the power grid because officials lack the knowledge to access and use it safely.
The third driver is the military, especially in terms of security. Various malefactors could target power grids through the Internet, impacting U.S. Defense Department operations and overall safety in the United States or other areas of North America. Developers of GridCloud believe they can help determine how to use network computer systems to monitor the power grid and then improve ways to control it “so we can actually do a better job of protecting the grid against mishaps,” Birman explains.
Working on the effort now is important, with increasing power problems occurring across the world from the large-scale outage in India last July to problems restoring electricity after Hurricane Sandy last October. Birman believes the world is moving closer to instabilities in power provision, so officials must find ways to prevent those in a manner secure enough to also protect against deliberate attacks.
Another upcoming trend enabling GridCloud involves the placement of high-rate synchronized sensors onto the grid. According to project personnel, some of these sensors are deployed in experimental set-ups, but usage remains in the early stages. The tools enable monitoring personnel to view activity many times per second compared to current sensors that submit information every two to four seconds. Dr. Carl Hauser of Washington State University, the other co-principal on the project, says that the time delays leave plenty of time for strange occurrences to happen without anyone noticing.
With the high-rate sensors, information is processed at superhuman time scales, creating high-resolution insights into the true state of the grid at any time. But this requires a system that can capture the data, place it safely into a data center and then use it to construct accurate models. Hauser explains that the type of processing GridCloud offers would give operators a much more immediate sense of the grid’s state, so they could react to events as they occur rather than analyze what caused past problems.
Project personnel are working to demonstrate a capability for performing high-assurance monitoring, data collection and other related efforts over whatever networks grid owners employ. The scale of power grids demands incorporation of huge numbers of data sources, lending itself well to cloud computing. Developers want to take advantage of that technology to build a capability that can secure the grid. The GridStat component collects and transmits data in reliable ways into the cloud environment. Much of what researchers are focusing on includes determining the interfaces and boundaries between power grids and the cyber infrastructure they are building as well as the appropriate networking.
Along with the cloud comes the ability to compute on an enormous scale and on different levels of scales, essentially enabling users to buy computation in small units to build up to larger computation. The cloud also allows flexibility in the location of that computation.
Hauser says that during Hurricane Sandy, companies with cloud computing moved their work from the East Coast to the West Coast to keep nationwide services running. “The companies that did that were very, very successful at it” compared to location-bound organizations, he explains. This circumstance illustrates how cloud computing can be more reliable and available. However, it also means that personnel at various locations must rely on more communication between one another because power resides in more locations and more overall interdependencies exist. Owners must actively manage these interdependencies and adjust to changes in the environment to ensure computational capabilities remain available to keep the grid operating.
Birman believes that for cloud computing and the grid to work best together, data must be collected by more than one source. With GridCloud, sensors are monitored by several machines within the cloud. Each sensor acts like a microphone and the machines as audio-capture devices. Through this process, one or two accurate copies still can be captured even if one glitch occurs, because the odds of all the copies incurring damage is minimal. Because GridCloud is self-repairing, it should fix problems quickly, and continue to capture data during any trouble.
A single power-grid controlling application runs on the data, merging the copies to reduce the duplication. The operators see only one report of the state of the grid, but what they access has better timing properties, fault-tolerance and security than if information were generated without the redundancy built into the system.
Birman likens the concept to streaming one Netflix show to three televisions simultaneously. Even if the stream freezes on one set, chances are good the video will continue uninterrupted to at least one of the two others. Redundancy can help achieve a more balanced outcome if a system or other piece of technology crashes. Ideally, the problems would be invisible to users. Continuing with Netflix as an example, Hauser explains that the Christmas Eve outage of the streaming services—which the company attributed to trouble with cloud services—demonstrates that putting services into the cloud environment works only if sufficient attention is paid to ensuring availability in the face of risks created by additional interdependencies.
GridCloud currently is about one year into its three-year grant funded by the U.S. Department of Energy's Advanced Research Projects Agency-Energy (ARPA-E). Developers are striving to produce a viable demonstration vehicle that people could use to build a scalable monitoring center. Hauser explains that ARPA-E intends the project to pay significant attention to the path the technology would take into commercial use. “That’s something we’re required to do and eager to do,” he states.
Birman adds that the government is introducing the academic researchers to big players in industry while exposing them to the types of challenges operators face. These actions help project personnel obtain the real-world data necessary to create a convincing demonstration. Without the authentic facts, creating a realistic situation is difficult. Developers find themselves in the interesting situation of using an open-source software model, which means that work cannot focus on a specific company while aiming for a product that others actually will employ. “We’ll be disappointed if we don’t create something people can one day use,” Birman says.
Hauser emphasizes that the project is building what developers call a platform for the development of power grid monitoring and control applications in the cloud. They are not building the full applications but only bits of them to demonstrate the overall capabilities of the platform. “The point is to build something that other people can use to sort of explosively create new things,” he states. “New kinds of software; new kinds of programs that will allow people to do these energy efficiency and reliability and security tasks that we know need to be done that can’t be done today and to put them into use across the grid.”
Who exactly would employ GridCloud one day remains open, but Birman states that the list might be longer than people would expect. For one, a political question exists of whether the government should create larger monitoring centers to watch the state of the national power grid. If it does, GridCloud would be a fit for that effort. At the same time, as larger regional structures continue to emerge, providers will compete while sharing the infrastructure, so groups of these competitors may need to operate regional centers. “Those are going to get built because they have to be built by people making their money in that area,” Birman says. How that will play out remains unclear and may develop differently in different locations.
Even individual power operators with their own large regional networks will need to increase the management of their networks. As various renewable energies become more prominent—such as offshore wind farms—infrastructure management will increase in complexity. Birman believes more entities will begin to play roles in keeping the power grids safe and operational. The type of software he and his team are developing can become a powerful tool to protect operation of the infrastructure against various forms of manipulation, including an attack by a nation-state.