NNSA PACT Project

Federated Cybersecurity Testbed for Experimentation, Validation and Demonstration

Emerging smart city systems and applications are so complex and diverse that traditional approaches for cybersecurity, performance prediction, measurement and management are not applicable in a straightforward manner. Furthermore, current work for securing different systems is done in isolation, focused on solutions limited to patching or single domain with limited cooperation across the industry, government and academia. Note that the security was not considered when the protocols for the Internet were designed. Use of same protocols for emerging connected systems including smart city applications would result in significant cyberattacks that would lead to huge devastation. It is clear that the traditional cybersecurity and cyber-defense solutions cannot meet the security requirements of emerging connected systems.

Furthermore, traditional solutions did not consider the following

i) high mobility of end users (in case of smart transportation systems) where network topology changes dynamically based on the speed of vehicles and drivers destinations;

ii) heterogeneous wireless access environment where security solution in one is different from another; iii) data offloading to third party (cloud, edge or peer) for data analytics and getting the response back in case of big data;

iv) self-healing and resilience operations since there was control mechanism unlike emerging cyber physical systems,

v) authentication and access control where millions or billions of devices are connected to Internet or each other; and

vi) efficient and automated password/PIN or policy update process where most of the time IoT devices run without keyboard type input devices.

Thus, cyber defense solutions for emerging IoT enabled connected systems in smart city environment will have to meet the expected exponential growth in demand through a variety of strategies beyond traditional security approaches.

Develop Tools to Support Automatic Federated Cybersecurity Testbeds

There are many testbeds, physical, virtual and simulations for critical infrastructures and cyber systems. Furthermore, it is extremely difficult for one organization to have all the required expertise to perform research and development on these heterogeneous testbeds, and it is cost prohibitive to own and manage these testbeds. However, to understand the interdependency among these testbeds and their implications on cybersecurity issues and how to develop effective defense solutions, researchers and educators need to have full access to federated testbeds that accurately model their operations and their interdepedencies. It is important to be able to compose several testbeds into one federated testbed that includes smart devices and sensors, IoT devices, cloud systems, smart grids, smart buildings, etc.

The federated testbed can then be used to:

(1) train students on how to analyze the normal operations of the composed testbeds,

(2) identify their inter-dependencies, vulnerabilities and how they can be exploited to lunch sophisticated cyberattacks,

(3) how to develop innovative defend techniques, and

(4) how to protect them.

There are currently many isolated cybersecurity and cyber-physically testbeds (Adjih, 2015; Siaterlis, 2014; Nati, 2013; Cintuglu, 2017) but currently there are no methodologies and tools to automatically build a federated testbed (a testbed of heterogeneous testbeds). The goal of this project is to leverage the NSF Federated Cybersecurity Testbed as a Service (TCTaaS) project to further develop the capabilities to provide further support for experimentation, training and validation. This will allow researchers and students to experiment with and evaluate different techniques and tools to detect and protect smart infrastructures and their services from malicious cyberattacks, faults or accidents.

In addition, the PACT researchers will be provided with the tools to add their cybersecurity testbeds to FCTaaS portal. The initial testbed portal will include the UA IoT Testbed, Virtual Cybersecurity Testbed that is currently hosted on Amazon public cloud, and our Wireless Security Testbed. The FCTaaS architecture shown in Figure 8 will utilize open communication standards and the cybersecurity tools that are developed by Dr. Hariri team to maintain the security and privacy of the federated security testbed. These services will allow heterogeneous testbeds to communicate their data syntactically and semantically (so we can understand the data semantics and the dependencies among these testbeds). The Experiment management services will also allow users to configure the required testbeds and their interactions, manage the global time among all testbeds used in the experiment, and also adopt these testbeds as required by the experiment goals.

Illustrative Use Cases For Experimentation, Validation and Training D2.1 Smart City Services

One important class of services to be studied is the one related to smart grid systems. We apply the research developed in thrust areas A, B, and C to develop cyber-attack detection and cyber defense solutions since the smart grid system has assets distributed across the PACT sites, and the system needs feedbacks (for cyber-defense or fault tolerance) that can respond in milliseconds (3 ms to 500 ms) to avoid power outage. Specifically, our goals are:

• To develop a system that minimizes the attacking time (where attackers is trying to maximize the attack time), probability of false alarm and incident response time using federated framework (Howard University, University of Arizona)

• To tightly couple the control, communication and computing with security for smart grid systems with Federated Framework (Howard University, Navajo Technical University)

• To design, develop and evaluate cyber-attack detection and countermeasure for resilient smart grid systems. (Howard University, University of Arizona, Navajo Technical University)

• To validate and evaluate the performance of federated framework enabled cyber-defense solutions (Howard University, University of Arizona, Navajo Technical University)

The cyberattack detection approaches and cyber defense solutions would be applicable to other smart city applications such as transportation systems where delay/latency has important role while distributing emergency messages in a secure manner. Other sample projects related to smart city applications include:

• Smart Transportation Cyber Physical Systems

• Unmanned vehicular systems

• Smart health care systems

• Smart mobile computing for data driven applications

Waggle-based Power Utility Infrastructure Testbed

Argonne National Laboratory is collaborating with Exelon Corporation to adapt Argonne’s open source, modular “Waggle” platform to provide intelligent measurement and predictive analytics for power utility infrastructure. Waggle has been deployed in Chicago and a growing number of cities worldwide through an NSF-funded project, the Array of Things, measuring environmental, air quality, and urban activity. The platform, which supports edge computation (embedded machine learning and other remotely programmable capabilities), is an example of “smart infrastructure” that supports research, development, and deployment of novel cyberinfrastructure approaches.

In this project, we will collaborate with the Argonne researchers to add the Waggle testbed to our FCTaaS pool and add the developed security and defense tools to make the Waggle services highly secure and trustworthy.