NCSA shares $1.6 million cybersecurity grant

NCSA shares $1.6 million cybersecurity grant

URBANA — The National Center for Supercomputing Applications at the University of Illinois has received a federal grant to examine strategies for protecting the power grid and other utilities from cyber attacks.

The National Science Foundation awarded the three-year, $1.6 million grant to the university, NCSA and the International Computer Science Institute at the University of California, Berkeley.

UI Professor Ravi Iyer of the UI's Trustworthy Cyber Infrastructure for the Power Grid project, Adam Slagell, research scientist with NCSA and Robin Sommer of California are leading the project.

Iyer said the U.S. Department of Energy has done a lot in recent years to help companies make the grid smarter, providing smart meters and better control systems.

"I think the functionality is in place but the security of these systems is much in doubt. It was much better from when we started working [about eight or nine years ago], but the attackers continue to get sophisticated. What we need to do is keep ahead of the attackers," Iyer said.

"We do well with attacks we know about," he said. The issue is how to handle what he called "zero-day" attacks, ones in which researchers have no previous knowledge.

"We just don't look at how and where information is flowing but look in detail into the meaning of actions that are going to be taken or are being taken. ... We think we can preempt actions viewed as malicious. That's our forte [at Illinois]. That's really one of the achievements that we have made in the past and how we bring this to the environment is important," said Iyer, who said the project has generated interest from across the industry, including power and utility companies and those that manufacture power grid systems.

When consumers shop on a website like Amazon there is a secure connection ensuring them that when "talking" to Amazon, there's no one else between their computer and Amazon's server, Slagell said.

The way most industrial control systems are set up now — in transition from old hierarchical systems and networks to systems that are connected to Internet technologies — there's no real guarantee that some criminal or rogue nation-state will not tamper with the controls, he said.

"What you really want is to detect on a deeper, more semantic level. To try to dig into specifics of the power commands, not just signatures and traffic," Slagell said.

What researchers are addressing, Iyer said, is called the common protocol that allows networks to be managed in real time.

That monitoring tool is called Bro and it's being adapted to work in this industrial control environment.

Iyer said the grant brings together computer engineering and computer science with the applied nature of NCSA's work.

The grant initially will fund researchers studying industrial control systems and later running computer models to determine if X type of attack happens, then these are the different responses the company can take.

"My role is to transition this to practice, to get this used in industry, from research prototype ... into a rock solid piece of software and work with industry to try get them to use it, and get feedback from them," Slagell said.

"We want to get started on that soon," he added.

Sections (2):News, Local