Utilizing trust to achieve cyber resilient substations

dc.contributor.advisorGhorbani, Ali A.
dc.contributor.advisorLashkari, Arash H.
dc.contributor.authorBoakye-Boateng, Kwasi
dc.date.accessioned2024-04-17T18:25:38Z
dc.date.available2024-04-17T18:25:38Z
dc.date.issued2024-02
dc.description.abstractThe Smart Grid integrates cyber technology into power grids for automated and efficient management of electricity generation, transmission, and distribution. Key to its operation is the substation, regulating voltage across the system. However, cyberinfrastructure integration has increased the substation’s vulnerability to advanced persistent threats (APTs) like PipeDream that exploit device protocols such as Modbus and Distributed Network Protocol 3 (DNP3). Cyber resilience in substations is crucial because APTs can disrupt operations, necessitating manual interventions for recovery, thus causing downtime. Enhancing cyber resilience helps substations minimize downtime and recover more efficiently in the face of these disruptive events. However, the substation’s constraints pose challenges for implementing cyber resiliency measures such as encryption and intrusion detection. This dissertation proposes a trust-based framework that includes a trust, risk posture, and trust transferability model to enhance the substation’s cyber resiliency. The trust model detects protocol-based attacks on Intelligent Electronic Devices (IEDs) and Supervisory Control and Data Acquisition (SCADA) Human Machine Interface (HMI) systems. The risk posture model dynamically assesses the substation’s risk posture pre- and post-attack, while the transferability model evaluates the device and its trust’s integration across substations. Practical implementation involves a substation-emulated Docker-based testbed with a multi-agent architecture. Following Security Operations Center (SOC) principles, a real-time dashboard offers updates. Using the MITRE Industrial Control Systems (ICS) Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework, evaluation assesses the trust framework against various attacks. The trust model consistently shows efficient performance, with response latency less than 10 ms, superior to alternatives with a minimum latency of 20 ms. Evaluation under rogue devices, compromised SCADA HMI, and compromised IED scenarios highlights robust detection capabilities, except for baseline replay and delay response attacks. The risk posture model effectively represents substation risk postures, providing insights into attack impacts. The transferability model consistently denies admission to devices with malicious behavior in scenarios like normal replacement, compromised replacement, and trust IED with poor trust scores. Results show the trust framework’s efficacy in evaluating substation resilience, identifying malicious behavior, and endorsing trustworthy devices. Additionally, a dataset comprising the experiments’ captures in the testbed is available to the public1.
dc.description.copyright© Kwasi Boakye-Boateng, 2024
dc.format.extentxxvi, 181
dc.format.mediumelectronic
dc.identifier.oclc(OCoLC)1439829452en
dc.identifier.otherThesis 11334en
dc.identifier.urihttps://unbscholar.lib.unb.ca/handle/1882/37781
dc.language.isoen
dc.publisherUniversity of New Brunswick
dc.relationAtlantic Canada Opportunities Agency (ACOA) - Atlantic Innovation Fund (AIF)
dc.relationNatural Sciences and Engineering Research Council of Canada (NSERC)
dc.rightshttp://purl.org/coar/access_right/c_abf2
dc.subject.disciplineComputer Science
dc.subject.lcshSmart power grids.en
dc.subject.lcshHuman-machine systems.en
dc.subject.lcshCyberinfrastructure--Security measures.en
dc.titleUtilizing trust to achieve cyber resilient substations
dc.typedoctoral thesis
oaire.license.conditionother
thesis.degree.disciplineComputer Science
thesis.degree.grantorUniversity of New Brunswick
thesis.degree.leveldoctorate
thesis.degree.namePh.D.

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Kwasi Boakye-Boateng - Dissertation.pdf
Size:
12.5 MB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.13 KB
Format:
Item-specific license agreed upon to submission
Description: