GridStat on GENI: Simulating a Smart Power Grid Infrastructure over GENI Divya Giri, Ruma Paul, Haiqin Liu, Victor Valgenti, Carl Hauser and Min Sik Kim Washington State University Abstract Developments in power grid measurement and monitoring technology have enabled precise and frequent measurement of the state of the power grid. Modern power grid control infrastructure are insufficient to the effective forwarding of this information to the necessary control facilities. The GridStat framework offers an efficient, low-latency data forwarding framework that can provide the necessary Quality of Service for control facilities to maintain sub-second status of monitored power grid substations. However, the current GridStat prototypes have not been tested outside local clusters. The GENI infrastructure, in particular PlanetLab, provide the platform through which it is possible to test GridStat at scale and identify problems with the current framework. Proposed Publications The Research efforts have resulted in the following proposed publications: Conference / Journal Papers Divya Giri and Min Sik Kim, “Monitoring and Securing Information in Mission Critical Networks”, TBD. Master Thesis Divya Giri, “Dynamic Routing for Enhancing Security in Mission Critical Networks” Use of Glab/GENI Infrastructure Forwarding Engines (FE) run as applications on PlanetLab nodes. The FE forward power measurements to subscribers. A QoS layer monitors routes. If a route falls out of QoS bounds due to congestion or attack, new routes are chosen. The QoS layer uses active and passive monitoring. Furture Work Synchrophasor Measurement Access to GENI: WSU has one synchroPhasor Measurement Unit (PMU), donated by [5]. Our goal is to provide an interface such that meaningful measurements are published to GENI and can be consumed by prospective users of this data. Optimally, other PMUs could be connected to GENI to create a virtual power grid. Improving GridStat: In addition to the above experiments, we hope to use the GENI infrastructure and this implementation of GridStat in future enhancements and evaluations of the GridStat framework. Experiments GridStat on GENI: Recreate the work as initially demonstrated in [1,2]. This required building forwarding engines to run on PlanetLab nodes. However, since PlanetLab does not necessarily maintain required latency bounds we added dynamic routing to detect and change routes when latency boundaries are exceeded. GridStat Survivability: These tests examine the impact of failing and compromised nodes on the GridStat network. It consists of three distinct batteries: Blackout attack, where n Forwarding Engines (FE) simply cease functioning, Starvation attack, where n FE suffer DOS, and the Confusion attack where n FE start propagating spurious data. Instrumenting and Security for GridStat on GENI: These tests will extend the work from [3,4] to detect security threats, failing nodes, and congested links to improve the sustainability of GridStat. This is a repeat of the GridStat Survivability tests with a focus of identifying problems and routing around them. 1 st DFG/GENI Doctoral Consortium, San Juan, PR March 13 th -15 th, 2011 FEFE FEFE FEFE FEFE FEFE FEFE FEFE FEFE FEFE FEFE FEFE FEFE FEFE FEFE Publisher Subscriber GridStat Network Overview of GridStat [1,2] Substations, as well as other locales, monitor the power network. They take measurements describing the current state of the power grid at that location. These measurements are published to the GridStat Network which forwards them to subscribers who gather those measurements for an accurate view of the current state of the power grid. Research Objectives Create a functioning GridStat overlay on top of GENI Evaluate GridStat in face of pandemic failure and security threats Develop and evaluate methods to identify and counter failures and threats Develop efficient dynamic routing to meet GridStat QoS over GENI Identify new instrumentation for maintaining system awareness of GridStat Basic utilization of PlanetLab nodes FEFE FEFE FEFE FEFE SP Q Q Q QQ Forwarding Layer QoS/Security Layer P FEFE S Q publisher subscriber forwarding engine QoS monitor References 1.G. Harald, D. Bakken, C. Hauser, and A. Bose, “GridStat: A Flexible QoS Managed Data Dissemination Framework for the Power Grid,” IEEE Transactions on Power Delivery, Jan C. Hauser, D. Bakken, and A. Bose, “A Failure to Communicate,” IEEE Power and Energy, March/April H. Liu, Y. Sun, V. Valgenti, and M. Kim, “Trustguard: A Flow-level Reputation- based DDoS Defense System,” Workshop on Personalized Networks, January H. Liu, and M. Kim, Real-time Detection of Stealthy DDoS Attacks using Time- Series Decomposition,” ICC SEL 351, Schweitzer Engineering Laboratory (SEL), [5] F1F1 F2F2 F4F4 F3F3 SP Forwarding under two routes F 1,F 2 and F 1,F 4. Route F 1,F 2 is experiencing high delay causing packets to miss QoS bounds. F1F1 F2F2 F4F4 F3F3 SP Dynamically replace F 1,F 2 with F 1,F 3 which is maintaining QoS bounds. Dynamic Routing Preliminary Results for Detecting Attacks Dynamic Routing Current & Future Experiments Instrumentation uses probe packets to periodically determine latency on links (broadcast probe). Initial Results demonstrate some fluctuation in calculations dependent on number of probes-per-second—examining ways to minimize probes. Next step: Implement Dynamic routing and test impact of route changes. F1F1 F2F2 P F3F3 Q A DDoS Monitor Basic DDoS Attack GridStatTraffic is forwarded through the network. Each node collects data about all packets arriving at each node. That data is periodically transmitted to the TrustGuard monitor [3,4]. GridStat traffic is forwarded through the network. However, Large shifts in IP address can be detected when a DDoS attack occurs as per [3,4]. The monitor can detect these attacks as indicated in the preliminary results found to the right. Detecting Purposeful Attacks against GridStat Nodes Detected attack