10 likes | 128 Views
F 2. F 2. P. F 1. F 3. S. P. F 1. F 3. S. F 4. F 4. Dynamically replace F 1 ,F 2 with F 1 ,F 3 which is maintaining QoS bounds. Forwarding under two routes F 1 ,F 2 and F 1 ,F 4 . Route F 1 ,F 2 is experiencing high delay causing packets to miss QoS bounds. Dynamic Routing. Q.
E N D
F2 F2 P F1 F3 S P F1 F3 S F4 F4 Dynamically replace F1,F2 with F1,F3 which is maintaining QoS bounds. Forwarding under two routes F1,F2 and F1,F4. Route F1,F2 is experiencing high delay causing packets to miss QoS bounds. Dynamic Routing Q P publisher Q Q Q S QoS/Security Layer subscriber FE Q FE forwarding engine Q P FE FE S Forwarding Layer QoS monitor FE Basic utilization of PlanetLab nodes GridStaton GENI: Simulating a Smart Power Grid Infrastructure over GENI 1st DFG/GENI Doctoral Consortium, San Juan, PR March 13th-15th, 2011 Divya Giri, Ruma Paul, Haiqin Liu, Victor Valgenti, Carl Hauser and Min Sik Kim Washington State University Abstract Developments in power grid measurement and monitoring technology have enabled precise and frequent measurement of the state of the power grid. Modern power grid control infrastructure are insufficient to the effective forwarding of this information to the necessary control facilities. The GridStat framework offers an efficient, low-latency data forwarding framework that can provide the necessary Quality of Service for control facilities to maintain sub-second status of monitored power grid substations. However, the current GridStat prototypes have not been tested outside local clusters. The GENI infrastructure, in particular PlanetLab, provide the platform through which it is possible to test GridStat at scale and identify problems with the current framework. Overview of GridStat [1,2] • Research Objectives • Create a functioning GridStat overlay on top of GENI • Evaluate GridStat in face of pandemic failure and security threats • Develop and evaluate methods to identify and counter failures and threats • Develop efficient dynamic routing to meet GridStat QoS over GENI • Identify new instrumentation for maintaining system awareness of GridStat FE FE FE FE FE FE FE [5] GridStatNetwork Publisher Subscriber Substations, as well as other locales, monitor the power network. They take measurements describing the current state of the power grid at that location. These measurements are published to the GridStat Network which forwards them to subscribers who gather those measurements for an accurate view of the current state of the power grid. Experiments GridStat on GENI: Recreate the work as initially demonstrated in [1,2]. This required building forwarding engines to run on PlanetLab nodes. However, since PlanetLab does not necessarily maintain required latency bounds we added dynamic routing to detect and change routes when latency boundaries are exceeded. GridStat Survivability: These tests examine the impact of failing and compromised nodes on the GridStat network. It consists of three distinct batteries: Blackout attack, where n Forwarding Engines (FE) simply cease functioning, Starvation attack, where n FE suffer DOS, and the Confusion attack where n FE start propagating spurious data. Instrumenting and Security for GridStat on GENI: These tests will extend the work from [3,4] to detect security threats, failing nodes, and congested links to improve the sustainability of GridStat. This is a repeat of the GridStat Survivability tests with a focus of identifying problems and routing around them. Dynamic Routing Current & Future Experiments • Instrumentation uses probe packets to periodically determine latency on links (broadcast probe). • Initial Results demonstrate some fluctuation in calculations dependent on number of probes-per-second—examining ways to minimize probes. • Next step: Implement Dynamic routing and test impact of route changes. GridStatTraffic is forwarded through the network. Each node collects data about all packets arriving at each node. That data is periodically transmitted to the TrustGuard monitor [3,4]. GridStat traffic is forwarded through the network. However, Large shifts in IP address can be detected when a DDoS attack occurs as per [3,4]. The monitor can detect these attacks as indicated in the preliminary results found to the right. Q Monitor F2 P F1 F3 DDoS A Detected attack Basic DDoS Attack Detecting Purposeful Attacks against GridStat Nodes Preliminary Results for Detecting Attacks Proposed Publications Furture Work Synchrophasor Measurement Access to GENI: WSU has one synchroPhasor Measurement Unit (PMU), donated by [5]. Our goal is to provide an interface such that meaningful measurements are published to GENI and can be consumed by prospective users of this data. Optimally, other PMUs could be connected to GENI to create a virtual power grid. Improving GridStat: In addition to the above experiments, we hope to use the GENI infrastructure and this implementation of GridStat in future enhancements and evaluations of the GridStat framework. Use of Glab/GENI Infrastructure Forwarding Engines (FE) run as applications on PlanetLab nodes. The FE forward power measurements to subscribers. A QoS layer monitors routes. If a route falls out of QoS bounds due to congestion or attack, new routes are chosen. The QoS layer uses active and passive monitoring. The Research efforts have resulted in the following proposed publications: Conference / Journal Papers Divya Giri and Min Sik Kim, “Monitoring and Securing Information in Mission Critical Networks”, TBD. Master Thesis Divya Giri, “Dynamic Routing for Enhancing Security in Mission Critical Networks” References • G. Harald, D. Bakken, C. Hauser, and A. Bose, “GridStat: A Flexible QoS Managed Data Dissemination Framework for the Power Grid,” IEEE Transactions on Power Delivery, Jan 2009. • C. Hauser, D. Bakken, and A. Bose, “A Failure to Communicate,” IEEE Power and Energy, March/April 2005. • H. Liu, Y. Sun, V. Valgenti, and M. Kim, “Trustguard: A Flow-level Reputation-based DDoS Defense System,” Workshop on Personalized Networks, January 2011. • H. Liu, and M. Kim, Real-time Detection of Stealthy DDoS Attacks using Time-Series Decomposition,” ICC 2010. • SEL 351, Schweitzer Engineering Laboratory (SEL), http://www.selinc.com.