Device 'fingerprint' technique to protect power grid
Device fingerprinting is a unique signature that indicates the identity of a specific device, or device type, or an action associated with that device type.
New York: Researchers have developed a new technology called “device fingerprinting” that could help address the unique security challenges of the electrical grid and other cyber-physical systems.
"Device fingerprinting is a unique signature that indicates the identity of a specific device, or device type, or an action associated with that device type," said one of the researchers Raheem Beyah, associate professor at Georgia Institute of Technology in the US.
Just as human voices are individually recognisable because they are generated by the unique components of each person's voice box, and other physical structures, researchers used the same principle to identify devices on electrical grid control networks.
The research was presented at the Network and Distributed System Security Symposium in San Diego, US.
The approach has been successfully tested in two electrical substations.
"We have developed fingerprinting techniques that work together to protect various operations of the power grid to prevent or minimise spoofing of packets that could be injected to produce false data or false control commands into the system," Beyah noted.
"This is the first technique that can passively fingerprint different devices that are part of critical infrastructure networks. We believe it can be used to significantly improve the security of the grid and other networks," Beyah said.
The researchers set out to develop security techniques that take advantage of the unique physical properties of the grid and the consistent type of operations that take place there.
To develop the device fingerprints, the researchers built computer models of utility grid devices to understand how they operate.
Information to build the models came from "black box" techniques - watching the information that goes into and out of the system - and "white box" techniques that utilise schematics or physical access to the systems.
"We can use physics and mathematics to analyse and build a model using first principles based on the devices themselves. Schematics and specifications allow us to determine how the devices are actually operating," Beyah explained.