Achieving over-the-wire configurable confidentiality, integrity, authentication and availability in GridStat's status dissemination

Erik Solum

Back

Achieving over-the-wire configurable confidentiality, integrity, authentication and availability in GridStat's status dissemination

Thesis

Open access

Achieving over-the-wire configurable confidentiality, integrity, authentication and availability in GridStat's status dissemination

Erik Solum

Washington State University

Master of Science (MS), Washington State University

2007

Handle:

https://hdl.handle.net/2376/100217

Files and links (1)

pdf

e_solum_1218073.60 MBDownload View

Open Access

Abstract

Interconnected electric utility systems--Communications.;Interconnected electric utility systems--Stability.;Computer networks--Security measures.;Electric utilities--Communications.

As a result of ever increasing demands for electrical power the power grid is continuously being operated closer and closer to its operational limits. This can only be done safely by increasing both the quantity and quality of the monitoring data across utilities. GridStat is a framework that tries to address this need by leveraging a QoS aware status dissemination overlay network built on the publish-subscribe paradigm. The publish-subscribe paradigm allows a decoupling of the producers and the consumers of information. In GridStat the publishers produce status updates at regular intervals, which the subscribers can subscribe to at any rate they need with quality of service (QoS) guarantees, such as maximum latency and redundant paths, at any point in the network. The status updates are routed through a mesh of application level routers called the data plane, controlled by a management plane of hierarchically structured QoS brokers. The power grid’s increasing reliance on richer monitoring data also necessitates a greater level of security, especially considering the world’s building political tensions. Sensitive data also needs to be secured from malicious attackers that could use the information indirectly or, by manipulating the data, directly harm the power grid. The inter-utility-sharing of information also makes it necessary to keep market sensitive data confidential from competitors. The real challenge in this problem space lies in providing the security for power grid information systems that are large and distributed with long life cycles. Unmanned nodes would be expected to operate for as much as 25 years while the security requirements are constantly changing and unpredictable. This thesis presents a security architecture extension to GridStat’s management plane that provides confidentiality, integrity, authentication and availability to the data plane through the use of over-the-wire runtime configurable sets of software modules. New modules can be added to the security architecture at runtime and be securely distributed to the data plane end points. This allow the security to evolve with the inevitable changes in the security field and make optimal tradeoffs between different security and performance attributes for each individual publication.

Metrics

3 File views/ downloads

11 Record Views

Details

Title: Achieving over-the-wire configurable confidentiality, integrity, authentication and availability in GridStat's status dissemination
Creators: Erik Solum
Contributors: Carl H. Hauser (Degree Supervisor)
Awarding Institution: Washington State University
Academic Unit: Electrical Engineering and Computer Science, School of
Theses and Dissertations: Master of Science (MS), Washington State University
Publisher: Washington State University; [Pullman, Washington] :
Identifiers: 99900525053601842
Language: English
Resource Type: Thesis