SBIR-STTR Award

Today's power systems are large-scale physical systems with an essential IT component that enables computation and communication for distributed decision processes. While traditional cybersecurity focuses on an analysis of extrinsic vulnerabilities, by looking, for example, for known malware signatures in network packets or estimating which system components or sensitive data are likely to be compromised, a complementary analysis of intrinsic vulnerabilities is often lacking. These vulnerabilities reveal where and how the system could be severely compromised if an attacker or other disruption could affect the right system components in particular ways, simply due to the way the cyber, physical, and human components of the system interact with each other. Achilles Heel Technologies has developed expertise and tools to identify, analyze, and mitigate intrinsic vulnerabilities. These tools have been applied to broad range of critical infrastructure technologies, including precision agriculture, regional water management, UAV swarms, and Next-Generation 911 networks. Our approach uses a proprietary technique to extract an attack surface model from first principles descriptions of the system operation and a hypothesis of attacker capabilities or disruption potential. We then apply a suite of mathematical tools from robust control in order to discover the kinds of dynamic, coordinated and distributed perturbations that could compromise the system’s operation within the hypothetical admissible set. Iterating over different hypotheses of attacker capabilities (e.g. single point of failure vs. coordinated distributed attacks) and different model information (e.g common knowledge vs. insider information) can reveal distinct, quantified characterizations of system vulnerability (e.g. the system may be secure to single points of failure but vulnerable to certain coordinated distributed attacks that exploit specific insider information). This analysis is encoded in software and delivered to system administrators, who can use the tool to quantify risk associated with attack or other disruptions, check the current system status, evaluate the implications of component upgrades or proposed system changes, and ultimately make informed decisions for allocating cybersecurity and emergency resources. Phase I of this project will be devoted to exploring the feasibility of these techniques to power systems. In particular, we will: 1. Apply our attack design methodology to simplified linear power system models to confirm that the approach to vulnerability analysis is sensible for a local system analysis; and 2. Apply a specific nonlinear model reduction technique, the Model Boundary Approximation Method (MBAM), to an established power system model in order to confirm that this method of model reduction can be applied to nonlinear power system models to yield useful lower-order approximations, possible attack-surface models for the entire system. Successful completion of both objectives in Phase I will then motivate Phase II, where the linear, and thus local, attack design methodology is extended to become a global technique for power system analysis using MBAM. In Phase III we will work with potential customers to build models of specific, regional power systems and adapt the software interface to best support customer needs. The tools we develop as part of this initiative have the potential revolutionize organizational awareness of power system cybersecurity and emergency response.

Complex networked systems, like the power grid, use feedback architectures as a means to change the native dynamics of system components and compensate for variation and uncertainty in the actual integrated behavior of these components. Nevertheless, these feedback cycles of information flow through the system create intrinsic vulnerabilities that can be exploited through stealthy, coordinated attacks on the system, or they may even be triggered by component failures or other disruptions. The result canbe catastrophic, with cascading failures ripping through the system, destroying components and shutting down operations. The aim of this project is to develop tools that can be used to understand and quantify the exposure of power systems to such intrinsic vulnerabilities. In Phase I, general vulnerability analysis tools were adapted to and shown to be effective on approximate, linear models of power systems. Attacks designed using these techniques appear to be catastrophic, stealthy, and mathematically generated: made-to-order at varying levels of attacker sophistication or ability to access the power system (e.g.,insider threatsvs. external attacks). A sophisticated mathematical technique was also developed for simplifying nonlin- ear models of power systems, with the potential for extending the linear tools to more realistic, nonlinear models. Phase II will further develop these tools by developing mitigation strategies based on linear mod- els, developing the computational methods to design made-to-order attacks based on nonlinear models, and applying machine learning methods to attack design. The tools developed in this project will allow system operators to identify the disruptions, including attacks, to which the system is most vulnerable, quantify the associated risk, and develop mitigation strategies. A systematic risk analysis service will simultaneously reduce operating margins while guarding against component failures and external attacks. Protecting the power grid in this way has the potential to save billions of dollars and hundreds of human lives, as evidenced by the 2021 Texas Power Crisis.