Date of Graduation
12-2024
Document Type
Dissertation
Degree Name
Doctor of Philosophy in Engineering (PhD)
Degree Level
Graduate
Department
Electrical Engineering and Computer Science
Advisor/Mentor
Jin, Ding (Kevin)
Committee Member
Farnell, Chris
Second Committee Member
Li, Qinghua
Third Committee Member
Wu, Jingxian
Keywords
Cybersecurity; P4; Programmable Networks; Programmable Switch; Smart Grids; Supervisory Control and Data Acquisition (SCADA) System
Abstract
The security and resilience of smart grids are essential to ensuring reliable and efficient energy distribution, especially as these cyber-physical systems grow more interconnected and complex. Supervisory Control and Data Acquisition (SCADA) systems play a critical role in smart grid operations by enabling essential infrastructure control and real-time monitoring. However, SCADA systems are highly vulnerable to modern cyber threats, which target weaknesses in industrial protocols and real-time data requirements.
This dissertation investigates the potential of programmable network technologies, with a focus on P4 (Programming Protocol-independent Packet Processors) switch, to deliver adaptable, in-network security solutions tailored to the needs of smart grids. The P4-based programmable switches enable customizable behavior within the data plane, providing distinct advantages for securing smart grids, including comprehensive information extraction across network layers, packet-level analysis at line rate, integrated network monitoring with traffic engineering, and compatibility with existing network infrastructures. These capabilities facilitate robust in-network defenses against evolving cyber threats targeting SCADA systems.
There are three primary phases to the research:
• In the initial phase, we focus on addressing vulnerabilities within Distributed Network Protocol 3 (DNP3), a protocol widely employed in SCADA communications. Programmable switches are used to implement in-network security measures like real-time packet inspection, filtering, and encryption, which effectively detect, mitigate, and prevent protocol-specific attacks such as length overflow attack (malformed packet), event buffer flooding attack (denial-of-service), and configuration file corrupt attack (man-in-the-middle attack). We demonstrate P4’s capability in attack detection, mitigation, and prevention and the efficacy of in-network processing for securing SCADA systems in smart grids.
• In the second phase, we shift our focus to advancing in-network intrusion detection for smart grid critical attacks. We develop mechanisms to analyze, store, and detect anomalous behavior in time-series data directly within programmable network devices. The introduction of the Meter Data Accumulator (MDA), a data structure designed for compact storage and efficient processing of power grid data, is central to this phase. Combined with data compression and decision-tree based models, this approach enables the detection of critical threats, including Distributed Denial of Service (DDoS) and False Data Injection Attacks (FDIA), while maintaining network performance. Experiments on programmable switch hardware (Barefoot Tofino) confirm the scalability and adaptability of this in-network intrusion detection system.
• In the last phase, we develop a cross-domain testbed that combines communication network emulation in Mininet with power system distribution simulation in OpenDSS to provide a realistic environment for evaluating programmable switch-based security interventions. This controlled environment facilitates the safe exploration of cyber-physical threats without compromising operational systems. Our testbed improves threat detection accuracy by integrating data from network communications, including packet length and inter-packet latency, with power system measures, such as voltage. The substation circuit breaker takeover attack is used as a case study to validate the testbed’s effectiveness, showcasing how cross-domain data can strengthen SCADA resilience through improved threat detection.
Citation
Hu, Z. (2024). Enhancing Smart Grid Security and Resilience using Programmable Networks. Graduate Theses and Dissertations Retrieved from https://scholarworks.uark.edu/etd/5576
