Morgantown, West Virginia
March 24, 2023
March 24, 2023
March 25, 2023
16
10.18260/1-2--44898
https://strategy.asee.org/44898
143
Sagnik Basumallik is with the Lane Department of Computer Science and Electrical Engineering, West Virginia University, Morgantown, WV 13244 USA. Sagnik's research interests include power systems cybersecurity, operations, and optimization. In the past, he has worked in a different capacity at the University of Colorado-Boulder, Brookhaven National Laboratory, Independent System Operator, New England, Siemens India, Indian Institute of Technology, Mumbai, and Durgapur Projects Limited.
Anurag K. Srivastava is a Raymond J. Lane Professor and Chairperson of the Computer Science and Electrical Engineering Department at the West Virginia University. He is also an adjunct professor at the Washington State University and senior scientist at the Pacific Northwest National Lab. He received his Ph.D. degree in electrical engineering from the Illinois Institute of Technology in 2005. His research interest includes data-driven algorithms for resilient power system operation and control and engineering education. In past years, he has worked in a different capacity at the Réseau de transport d´électricité in France; RWTH Aachen University in Germany; PEAK Reliability Coordinator, Idaho National Laboratory, PJM Interconnection, Schweitzer Engineering Lab (SEL), GE Grid Solutions, Massachusetts Institute of Technology and Mississippi State University in USA; Indian Institute of Technology Kanpur in India; as well as at Asian Institute of Technology in Thailand. He is serving as chair of the IEEE Power & Energy Society’s (PES) PEEC committee, co-chair of the microgrid working group, vice-chair of power system operation SC, chair of PES voltage stability working group, chair of PES synchrophasors applications working group, co-chair of distributed optimization application in power grid, vice-chair of tools for power grid resilience TF, and member of CIGRE C4C2-58 Voltage Stability, C4.47/ C2.25 Resilience WG. Dr. Srivastava is serving or served as an editor of the IEEE Transactions on Smart Grid, IEEE Transactions on Power Systems, IEEE Transactions on Industry Applications, and Elsevier Sustainable Computing. He is an IEEE Fellow and the author of more than 300 technical publications including a book on power system security and 4 patents.
This paper discusses efforts to develop a real time cyber-physical security testbed for hands-on training and education of undergraduate students. Developed cybersecurity testbed has been used for a course and senior capstone project. The testbed helps the students to specifically focus on cyber threats against critical electricity infrastructures and develop appropriate defense mechanisms by utilizing MITRE ATT&CK adversary emulation techniques, NERC CIP compliance and NIST Cybersecurity Framework. To mimic a realistic power substation network, we have developed a three-tier architecture through a mix of simulation, emulation, and actual hardware implementation, consisting of the power system substation, communication network, and control center layer. The substation layer enables the student to integrate components including generation, electric bus bars, switches, transformers and distributed energy resources such as solar, wind, and large scale battery. Here, multiple industry-graded sensors and actuators have been integrated to capture realtime voltage and current measurements and enable remote control and protection schemes. This helps students to get acquainted with different industrial automation standards and protocols such as IEC 61850, DNP3, and Modbus. The communication network layer, consisting of a combination of Software Defined Networking (SDN) and traditional networking, allows the student to focus on state-of-the-art network technology paradigms, features, and how they are involved in exchanging end-to-end power system data. At the control center layer, the students are able to capture and visualize the cyber and power data from multiple sources and develop machine learningbased anomaly detection, classification, and localization tools to improve cyber power resiliency. Industry-standard Security Information and Event Management (SIEM) tools such as Splunk and Intrusion Detection Systems (IDS) are used to train students to detect, defend and analyze coordinated cyber attacks. The hardware-in-the-loop learning ecosystem lets the students perform red-team, blue-team, and purple-team exercises for power systems following cybersecurity standards, guidelines, and related frameworks. As an outcome, the students develop an understanding of cyber security concepts such as digital forensics, incident response, and reverse engineering related to the smart grid, and design steps to keep it secured. Overall, our approach advances the cybersecurity profession and helps develop a robust talent pipeline to meet the increasing demand for cybersecurity jobs that affect national security.
Hussain, M. M., & Basumallik, S., & Srivastava, A. K., & Hefeida, M. (2023, March), Teaching Critical Infrastructure Cyber Security to Undergraduate Students using Real-Time Hardware-in-the-Loop Cyber-Power Testbed Paper presented at 2023 ASEE North Central Section Conference, Morgantown, West Virginia. 10.18260/1-2--44898
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2023 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015