Interview with Salam Bani-Ahmed on Smart Grid Cyber-Security
Abedalsalam (Salam) Bani-Ahmed (M’11) was born in Sakib, Jordan in 1984. He received a B.Sc degree (2007) in Engineering Technology from Yarmouk University, Irbid, Jordan, a M.Sc degree in Computer Engineering (2011) from Jordan University of Science & Technology, Irbid, Jordan, and a PhD degree in Electrical Engineering (2017) from the University of Wisconsin - Milwaukee, Wisconsin, specializing in the cyber-physical integration in decentralized smart microgrid control systems. He has worked as research assistant at the Center for Sustainable Electrical Energy Systems (UW-Milwaukee) from 2012 to 2017, and a Power Systems Engineer at Eaton Corporation in 2017.
Currently, Dr. Bani-Ahmed is a Lead Engineer of Power Systems Cyber-Security at Eaton Corporation, Corporate Research and Technology. His research interests include Smart Grids, Microgrids and DERMS, IIoT communications infrastructure, protocols, cyber-security, and standards, and has published numerous technical journal and conference papers, and white papers on related topics. In addition, he is active with IEEE Smart Grid (Operations & Chair of Education committee) and IEEE Smart Cities (R&D, Education, and Publication committees). He also serves as a reviewer to multiple IEEE PES and IAS transactions, and various international Smart Grid related journals.
Dr. Bani-Ahmed is an active member in the following societies: IEEE Member, IEEE Power & Energy Society (PES), IEEE Computer Society (CS), IEEE Industry Applications Society (IAS), IEEE Young Professionals & IEEE Communications Society (ComSoc).
In this interview, he answers questions as a follow up to his IEEE Smart Grid tutorial, The Outbreak of Smart Grid Cyber-Security: The Modern Campfire Story. To view this tutorial on-demand, visit the IEEE SG Resource Center here.
Should the smart grid Cyber-Security definition include containment of the attack, not just prevention?
Containment of the attack the first step towards prevention. There is a thin line between prevention and containment. The Risk Management Framework (RMF) dictates the presence of a response plan for the cyber-attack. This plan falls into the recovery algorithm and falls into prevention and containment stages.
One critical part of carrying out research is the ability to evaluate your research. For those who do not have access directly to a smart grid to carry out research, are there any simulators, emulators or "affordable" test beds you can recommend?
There are many options for such tools. Some are open access and some requires certain budget considerations. A simple search can yield free access tools developed by government, industry, and academic institutions. Example of the tools:
- Simulation software: simulation of electrical and physical infrastructure (usually mimics the behavior of the actual system but lacks the capability of performing in real-time.
- Hardware-In-The-Loop testing. Performing testing on a scaled-down system.
- Emulation: Use of KVMs/Hypervisors to emulate multiple components.
With the air gapped system, how will vendors not know that their systems have been breached, if from the onset they would not know that their system is compromised?
Software vendors should pass their software during design and implementation stages into what’s called a Security Development Lifecycle (SDL), one stage is called Source Code Analysis that tests for security issues. As the time passes, malicious developers may have the skillset to hide the unsafe code knowing the source code analysis process. It’s a risky bet to take, unfortunately, if the SCA doesn’t show any signs of malicious code, the only way to detect it is by witnessing a cyber-incident or create a system level security solution.
How can someone hack a power grid and/or a smart grid and what kind of data do they target?
We mentioned in the presentation that we have to define the critical infrastructure that we are protecting. Some attacks may target the power components especially the legacy equipment with embedded controllers. Other attacks may target data to gather an operational profile in preparation for a future attack towards the overall system starting from the SCADA and down to the device level. The scenarios are countless, and that what’s makes the security process harder.
Were the trusted vendors that were attacked by the Russian Hackers officially vendors offering services to the US? If so, where were there the vendors operating from. And how did they breach the system?
Not much information were published on this incident. The report only mentioned high level description on the attack, no details were revealed.
Electricity supply in Africa is not reliable, what is the solution for introducing a smart grid setup in Africa?
The instability of the grid may require a physical (Electrical) solution rather than a cyber-solution. Microgrids are considered a reliability solution to power quality and grid support. I believe the focus on local generation is a good path to solve these issues and drives the adoption of smart grid capabilities.
As a white Hat, the only holes I can punch into this presentation is the lack of emphasis on the training and retraining of users of "the Network", with knowledge that the network is only as secure as the habits of the users.
We have to differentiate between multiple roles of the “users”. One may refer to the security analyst as a user, others may refer to the system operators as users, and this category of users are the ones who requires special attention and training on the system security in order to have certain unwanted habits avoided. A white hat hacker is part of the system design, not a user. The only common thing between the two is the capability of the white hat hacker to exploit their shortcomings, solely towards defining possible system breach points.
Can AI be incorporated to SG Cyber Security and at what level can it be incorporated?
From cybersecurity standpoint. Artificial intelligence and machine learning techniques can be incorporated through data analysis and anomaly detection. The detection may be followed by certain procedures to mitigate system outages or malicious behavior. Please refer to the white paper found here.
If patience is the hacker's greatest strength, then will constantly modifying the operations of the smart grid be a good approach to securing it?
The nature of the smart grid is already involving certain flexibility to change over time. Modifying the operations for security purposes can be economically not viable. One good way to add security to the system is what’s called a “moving target defense”. Here is one source to start with.
Should regulators be added under the heading, “Who should I talk to?” since regulators are in charge of the utilities?
Most definitely. Regulators by default are part of this strategic resources. We also have to keep in mind that the regulators are already talking to the utilities in order to advise on certain regulations, and to involve them into the regulation process. Most utilities prefer to be part of the advisory board, but others are considered regulators by themselves.
What are the Application of cyber security in hospitals?
This takes us back to the question: What are we trying to protect?
A hospital may have many security concerns starting from the patient confidential data, to the physical security of their infrastructure. A smart grid application may involve the backup energy system in case of power outage or a neighboring source of fault that may affect the power quality in the building. Usually, these systems are automated and though air-gapped. Hospitals are usually considered a less likely target to certain cyber-attacks from the smart grid perspective.
Do you see any role that machine learning can play in enhancing the security of the smart grid? If so, could you provide examples?
Machine learning is already playing a big role in this field. The role is identified by the application of the algorithm and their anticipated outcome. For example: Anomaly detection as a part of Intrusion Detection Systems (IDS) requires machine learning techniques that minimizes the false positive rates.
What is the presenters view about the adoption of smart grid in developing countries like Uganda?
I believe the deployment of smart grids applications in Uganda may have a broader impact in terms of grid reliability. The only thing that we need to remember is to priorities our needs. Grid instability may require a physical (Electrical) solutions rather than a cyber solution. Microgrids are considered a reliability solution to power quality and grid support. I believe the focus on local generation is a good path to solve these issues and drives the adoption of smart grid capabilities.
How do hackers get access to an environment without an authorization?
There are countless ways for the hackers to get access. The first thing that they look for is another method of authorization, knowing usernames and password for system operators is easy if the operation crew is not well-trained to keep their credentials confidential and safe. Some hackers may exploit the gaps through the manufacturer leaked information to create additional authorization accounts. Scenarios are countless, but the mitigation is possible.
What will it take to build a smart-grid test bed for a small research team?
A quick answer to this is a (laptop/PC). Software has great capability to simulate/emulate/virtualize cyber components and mimic a system operation without the need to build the actual system. Some simulators have the capability to transmit real-time data outside of the simulation environment, this method helped with creating the concept of co-simulation. A lab setup with co-simulation is considered a low-budget and an effective way to get significant results.
If somebody hacked and you said that they don't even know about hack, how we can alert system admins about hacks?
This actually falls into the capability of the network components. Many system breaches are not detectable in the conventional method. AI and machine learning are good way to increase the probability of generating a security alert through anomaly detection based on the system data.
Do we have any security model for security of mission critical systems?
Security models are identified by the system structure and their critical components that has the highest priority in terms of system resiliency. Some documents are available online that describes the basic components of a security model, but there is always a need to define application-specific models with the variation of system configurations.
Are there manual bypass systems that can be deployed under distribution grids as a mitigation of cyber security risks? If yes, what are some examples?
Some security solutions may involve a manual bypass system in case of a compromised system. Usually, these are considered confidential information and required certain level of clearance and expertise to access them. The only example I can provide is a recovery plan for a compromised system, this may involve taking the system offline, and probably shutdown the critical components that may harm the rest of the system in case of a misuse.
How will you know your grid has been hacked and what is the first point of action? Is it ever justified to shut down the grid to stop an attack?
This actually falls into the capability of the network components. Many system breaches are not detectable in the conventional method. AI and machine learning are good way to increase the probability of generating a security alert through anomaly detection based on the system data. Shutting the system down may be the first choice in the absence of a well-developed recovery plan.
With advancing edge computing in various devices including UPs and power systems, what other challenges are coming up?
Two challenges come to mind: 1. The challenge to create effective algorithms to be deployed at the edge level device to maintain control, security, and resiliency of one power component. 2. The challenge to create distributed algorithms to be deployed at the edge level systems that involves multiple edge level devices. Usually, this requires complex computations and interoperability level to ensure a proper operation under circumstances.
About the secure design algorithm, when will you be able to tell or when you have a secured system?
My answer is “Never”. Security engineers are always working towards making it hard to the attacker to breach the system. On the other hand, security models usually define several layers of security, the hierarchy involves device level, network level, and system level security requirements. The adoption of these levels are bound the requirement of the system owner or the cost of any additional structural and operational modifications.
How do we guarantee that the persons who designed the system is not one(s) of the attackers?
This is a bet you’ll have to take. If you lose trust in all systems designers, you won’t find anyone to work in this field. Personally, I’d like to see the good in people, I’ve known people who work in this field out of passion, and they dedicate long hours and expertise to this field.
To view past interviews, please visit the IEEE Smart Grid Resource Center.