To fortify the integrity of the United States’ energy grid, systems must be able to hold their own against destructive hackers. Sometimes, the best approach is to learn the ways of the enemy, beating them at their own game—a tactic that Virginia Commonwealth University (VCU) and Idaho National Laboratory (INL) researchers took to heart.
Known as the Autonomic Intelligent Cyber Sensor, the system watches and learns from attempted attacks, adding to the time-worn back and forth between the power grid and cyber-criminals. The relationship between the two has been described by Milos Manic, Ph.D., VCU College of Engineering professor of computer science and director of VCU’s Cybersecurity Center, as “an underground war of many years.”
By compromising code, login information, and other assets of energy infrastructure, infiltrators can create a scenario known as the “Black Sky Event”—the day the U.S. power grid shuts down. In this circumstance, economic hardships, disabled cellphones, and erased bank accounts will roam free, and engineers will have only 72 hours before we run out of medicine, food supplies, batteries, and water, according to VCU.
“Hackers are much smarter than in the past. They don’t necessarily look at one particular component of the system,” Manic says. “Often, they can fool the system by taking control of the behavior of two different components to mask their attack on a third.”
With so much on the line, and the enemy upping their wit and knowledge by the day, Manic turned to artificial intelligence (AI) algorithms and machine learning. The new system looks at interconnected systems as a whole, and adapts with each and every attack.
According to VCU, design inspiration took the form of our very own autonomic nervous system, which delegates breathing, swallowing, circulation, and heart rate, among others, as primarily unconscious functions. Thus, the Autonomic Intelligent Cyber Sensor acts as the autonomic nervous system for the energy grid as it waits, watches, and learns.
Another ploy the system uses is honeypots, which consist of data that seems to be legitimate and contain info valuable to hackers, but is actually a shadow system that diverts and quarantines the intruders.
“Honeypots can make a hacker think he has broken into a real system,” explains Manic. “But if the hacker sees that the ‘system’ is not adequately responding, he knows it’s a honeypot.” To keep the honeypot’s’ cover under wraps, it too updates and learns on the fly.
The cybersecurity system was recently recognized at the 2018 R&D 100 Awards, an international awards program honoring the 100 most exceptional innovations of science and technology, run through ECN’s sister pillar R&D.