GridTrust Helps Protect the Nation’s Electric Utilities from Cyber Threats

GridTrust system

Left: A Marietta electrical substation was used for testing the GridTrust system. Right: The Georgia Tech research team is shown in the Marietta substation yard with collaborators from the city of Marietta. (Credit: City of Marietta)

A new cybersecurity technology that relies on the unique digital fingerprint of individual semiconductor chips could help protect the equipment of electrical utilities from malicious attacks that exploit software updates on devices controlling the critical infrastructure.

The GridTrust project, which has been successfully tested in a real substation of a U.S. municipal power system, combines the digital fingerprint with cryptographic technology to provide enhanced security for the utilities and other critical industrial systems that must update control device software or firmware.

Led by researchers at the Georgia Institute of Technology (Georgia Tech) in collaboration with the City of Marietta, Georgia, the project was supported by the U.S. Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response (CESER). GridTrust also included researchers from Sandia National Laboratories and Protect Our Power, a security-focused not-for-profit organization. The three-year, $3 million project began in 2021.

GridTrust Improves Security for Device Updates

“The security of updates applied to equipment is critical to maintaining operation of the nation’s electricity grid,” said Santiago Grijalva, the project’s principal investigator and Southern Company Distinguished Professor in Georgia Tech’s School of Electrical and Computer Engineering. “We have demonstrated that GridTrust can block direct cyber-attacks through the equipment supply chain in multiple configurations and scenarios, while also preventing a whole array of potential errors. What we have developed and demonstrated will provide multiple layers of additional security to the existing electricity grid.”

The project focused on power system controllers, including sensors, actuators, and protection relays that are normally located in power substations distributed throughout a utility’s service area. Malicious actors may attempt to alter the software controlling the devices to, for instance, turn off power or damage the equipment. The attacks could take place if technicians attempt to use corrupted software to make updates at utility substations or other facilities.

Authentication Uses Semiconductor PUFs, Cryptography

Installed as part of the substation equipment, GridTrust would verify the authenticity of the software before any updates were installed, and it would ensure that the software was being applied to the correct device – by a person authorized to do so. In addition to cryptographic technologies, the system uses a new form of security based on unique physically unclonable functions (PUFs) that exist in certain semiconductor chips. PUFs are a set of unique characteristics created by minor variations that occur during chip fabrication.

“The PUF relies on random behavior based on variations in the manufacturing process, and they cannot be changed after fabrication,” said Vincent Mooney, an associate professor in Georgia Tech’s School of Electrical and Computer Engineering. “During an update, the GridTrust interfacing device first proves its identity using the PUF, then it verifies both utility and vendor signatures using their public RSA keys. Only if all these checks are passed will the firmware update be successfully installed. If the update isn’t installed, the device will continue to operate with its previous firmware version, and the utility’s network operations center will be notified to investigate.”

The GridTrust technology can operate as a standalone device with existing utility equipment or be built into new devices. Utility sensors, actuators, relays and similar control devices are currently produced by multiple manufacturers, and the Georgia Tech researchers have been in contact with an existing supplier that is interested in incorporating the technology, Grijalva said.

GridTrust Evaluated in a Real Utility Substation

Initial testing of the GridTrust system took place in Georgia Tech laboratories, then researchers worked with technical staff at the city of Marietta to evaluate the system in one of the utility’s substations. Located northwest of Atlanta, Marietta’s power network serves approximately 42,000 customers, including several critical electrical loads. The testing was done in a substation circuit isolated from the grid to ensure that the research activity would not affect customers.

“When Georgia Tech approached us about participating in an operational technology security research project, we were excited to participate, especially considering that our mayor and city manager have always supported working with state and local universities to develop new programs and technologies to solve real-world challenges,” said Ronald Barrett, Director of Information Technology for Marietta.

GTRI Cybersecurity “Red Team” Challenges the System

As part of the testing, Grijalva and Mooney involved “red team” cybersecurity researchers from the Georgia Tech Research Institute (GTRI), Georgia Tech’s applied research organization. GTRI researchers Trevor Lewis, David Huggins, Sam Litchfield, and Matt Guinn led an effort to challenge the GridTrust system with sophisticated attempts to install software that simulated the kind of potential malware that could affect utility equipment.

“They pretended to be black-hat hackers who wanted to compromise the system by pushing a malicious configuration file to one of the devices or initiating a firmware update without being authorized to do that,” said Huggins, a GTRI senior research engineer. “They had several attack methods and strategies aimed at multiple components of the system – and were not successful.”

Such third-party validation is important to a broad range of systems, noted Lewis, a senior research engineer who participates in “red team” test scenarios for many critical systems. “We are routinely contracted to perform assessments on a variety of system architectures to emulate the actions of real cyber attackers, and to test and evaluate the security of all components within an architecture under test,” he said.

Next Step: Implementation in Utility Industry

While there are multiple manufacturers of equipment for the utility industry, the devices provide similar functions and have similar needs for periodic updating. The protection system developed by Georgia Tech should be broadly applicable to devices produced by different manufacturers, and could therefore have broad application to the utility industry.

“Georgia Tech is creating technology that makes energy delivery systems safer, and protecting that critical infrastructure is important for national security,” Huggins said. “Reliable electrical power is critical to every aspect of our society today.”

In addition to ensuring the safety of device updates, the GridTrust system will also help utilities inventory the software operating on substation devices. Large utility companies can have hundreds or thousands of substations in their service areas, each with dozens of devices that may need periodic updates.

The three-year GridTrust project is now moving into the commercialization phase where it could be licensed to manufacturers or spun off into a start-up company, Grijalva said. For utilities like Marietta Power that want to be on the cutting edge of cybersecurity, that comes as welcome news.

“We believe the work that Georgia Tech has done is critical to maintaining a safe and secure electrical grid,” said Eric Patten, Marietta Power’s electrical director. “Our goal for this project was to see a system that added another layer of security from attacks, and from what we have seen, we believe this was a success.”


Writer: John Toon (john.toon@gtri.gatech.edu)
GTRI Communications
Georgia Tech Research Institute
Atlanta, Georgia USA

 

The Georgia Tech Research Institute (GTRI) is the nonprofit, applied research division of the Georgia Institute of Technology (Georgia Tech). Founded in 1934 as the Engineering Experiment Station, GTRI has grown to more than 2,800 employees supporting eight laboratories in over 20 locations around the country and performing more than $800 million of problem-solving research annually for government and industry. GTRI's renowned researchers combine science, engineering, economics, policy, and technical expertise to solve complex problems for the U.S. federal government, state, and industry.

Semiconductor chip to help create the cybersecurity for the GridTrust system

Left: The physically unclonable functions (PUF) of a semiconductor chip help create the cybersecurity for the GridTrust system. Right: A “red team” from the Georgia Tech Research Institute (GTRI) tested the GridTrust system’s ability to protect substation devices from cyberattack. (Credit: City of Marietta)

News Contact

(Interim) Director of Communications

Michelle Gowdy

Michelle.Gowdy@gtri.gatech.edu

404-407-8060

Georgia Tech Researchers Win NSF Rules of Life Funding to Address Societal Challenges

research building exterior

Exterior of the Hinman Research Building on the Georgia Tech main campus.

Three of 12 projects that received funding from the U.S. National Science Foundation’s Using the Rules of Life to Address Societal Challenges are led by researchers in Georgia Tech’s School of Chemical and Biomolecular Engineering (ChBE).

The 12 projects received a total of $27 million in investment, supporting the use of knowledge learned from studying the Rules of Life — the complex interactions within and between a broad array of living systems across biological scales, and time and space — to tackle pressing societal challenges, including clean water, planet sustainability, carbon capture, biosecurity, and antimicrobial resistance to antibiotics. The Georgia Tech-related projects received a total of $7.7 million.

"The enormous opportunity to apply biological principles to solving the biggest problems of today is one we cannot take lightly," said Susan Marqusee, NSF assistant director for Biological Sciences. "These projects will use life to improve life, including for many underprivileged communities and groups."

The Georgia Tech-led projects include:

  • Co-Producing Knowledge, Biotechnologies and Practices to Enhance Biological Nitrogen Fixation for Sustainable Agriculture. $2.67 million (Georgia Tech and Worcester Polytechnic Institute, award 2319430)

The project’s principal investigator is Lily Cheung, assistant professor of ChBE@GT, and the co-principal investigators are Shuichi Takayama, professor of biomedical engineering at Georgia Tech, and William San Martín, assistant professor of global environmental science, technology, and governance at Worcester Polytechnic Institute.

The researchers will address food security through low-cost technology based on biological principles to increase nitrogen content in soils and improve crop production on marginal lands.

  • Next-Generation Biological Security and Bio-Hackathon, $2.81 million (Georgia Tech and Massachusetts Institute of Technology, award 2319231).

The project’s principal investigator is Corey Wilson, professor of ChBE@GT, and the co-principal investigators are Matthew Realff, professor of ChBE@GT, and Christopher Voigt, professor of biological engineering at Massachusetts Institute of Technology.

The researchers will create programmable, biological combination lock methods — "on and off" states — for using synthetic biology safely, containing potentially dangerous organisms and protecting valuable ones.

  • Synthetic Protocell Communities to Address Critical Sensing Challenges, $2.23 million (Georgia Tech, award 2319391).

The project’s principal investigator is Mark Styczynski, professor of ChBE@GT, and the co-principal investigators are Shuichi Takayama, professor of biomedical engineering at Georgia Tech; Brian Hammer, associate professor of biological sciences at Georgia Tech, and Neha Garg, assistant professor of chemistry and biochemistry at Georgia Tech.

The researchers will create synthetic "protocells" enabling the development of a highly sensitive, field deployable analysis system that could be used for many applications such as measuring micronutrient deficiencies in undernourished populations.

Assistant Professor Lily Cheung

Assistant Professor Lily Cheung

Professor Mark Styczynski

Professor Mark Styczynski

Professor Corey Wilson

Professor Corey Wilson

News Contact

Lesker University Vacuum Technology Class

Course Schedule (with approximate times):

  • 8:30 a.m. - 12:30 p.m. - Introduction to Vacuum Science and System Design
  • 12:30 p.m. - 1:00 p.m. - Lunch (will be provided to registered attendees)
  • 1:00 p.m. - 4:00 p.m. - Physical Vapor Deposition and Thin Film Growth Models
Participation is free of charge, but registration is required.  To register for this class please use the following link: bit.ly/LeskerU_Reg

Nanowire Week 2023

October 9-13, 2023

Nanowire Week is the premier technical conference of the international nanowire community, attracting 200-250 researchers from a diverse range of fields, including chemistry, physics, materials science, and engineering.

IEN Microfabrication Short Course

August 17-18, 2023

The Institute for Electronics and Nanotechnology (IEN) at Georgia Tech will offer a short course on microfabrication on August 17-18, 2023. This in­tensive two-day short course combines classroom lectures and laboratory based hands-on fabrication in the IEN cleanroom. The goal of the course is to impart a basic understanding of the science and technology of microfabrication processes as used in academia and industry.

NNCI Computation Webinar: Silvaco Technology CAD, Background, Overview and Future

Featuring Eric Guichard, SVP and GM of TCAD Silvaco, Inc.

Abstract: As one of only a few generic TCAD providers, Silvaco TCAD simulation solution covers the full spectrum, from circuit simulation size, using Victory TCAD, to nanometric size using Victory Atomistic, an NEGF based quantum transport simulation solution inherited from Purdue University. The addition of Machine Learning and AI, to process significantly more data than before, combined with compute power and parallelization, offers the best in class TCAD simulation solution today.

Tools & Methods: Goniometry and Drop Shape Analysis

Join the OMCL for a webinar given by DataPhysics Instruments’ Chief Applications Scientist, Paul Simutis, on modern methods for characterization of surface properties using the DataPhysics Contact Angle Goniometer. This webinar is for researchers, faculty and students who want to learn the latest information on experimental capabilities and applications using optical goniometry.

Novel Ultrasound Imaging Research Earns Trailblazer Award Funding

Shaolan Li (ECE) and Levent Degertekin (ME)

Photo of Georgia Tech professors Shaolan Li (ECE) and Levent Degertekin (ME).

Assistant Professor Shaolan Li in the School of Electrical and Computer (ECE) has been awarded the prestigious Trailblazer R21 Award from the National Institute of Biomedical Imaging and Bioengineering(NIBIB). The research will be performed with collaborator Professor Levent Degertekin in the George W. Woodruff School of Mechanical Engineering (ME).

NIBIB is a branch of the National Institutes of Health (NIH) dedicated to advancing health through the promotion of cutting-edge research in biomedical imaging and bioengineering.

The award will provide support for the interdisciplinary team’s work, “Space-Time Compressed Sampling Techniques for Integrated Ultrasound Imaging System-on-a-Chip,” focused on advancing compact, energy-efficient integration of ultrasound front-end electronics.

The Trailblazer R21 Award is specifically aimed at new and early-stage investigators, with the goal of facilitating groundbreaking research at the intersection of life sciences, engineering, and the physical sciences. Notably, applicants are required to propose novel high-risk high-return research approaches that have minimal or no preliminary data.

The three-year project aims to integrate compact and power-efficient electronics into portable and wearable ultrasound imaging systems, meeting the growing demand in the field. Li and Degertekin will explore a novel approach called compressed sensing (CS) at the integrated circuit level to overcome the current challenges posed by the requirements of high-performance imaging and the limitations of power, physical size, and interconnects.

The research purposes a novel CS framework that reduces the size of ultrasound data without sacrificing image quality. By combining compression techniques and advanced chip design, the team hopes to achieve faster and more efficient imaging.

Ultimately, the researchers plan to develop a prototype device that integrates different components on a single chip, potentially reducing the need for multiple cables during catheter-based ultrasound procedures. The performance of this prototype will be compared to traditional imaging systems to assess its effectiveness.

The project is expected to contribute valuable theories, models, circuit techniques, and insights into the design space and limitations of emerging portable and wearable ultrasound systems.

News Contact

Dan Watson

Tentzeris Named Distinguished Lecturer by Electronic Packaging Society

Photo of Professor Manos M. Tentzeris

Manos M. Tentzeris, Ken Byers Professor in Flexible Electronics at the Georgia Tech School of Electrical and Computer Engineering

Manos M. Tentzeris, a professor at the Georgia Tech School of Electrical and Computer Engineering, has been appointed as a Distinguished Lecturer by the IEEE Electronic Packaging Society (EPS). The recognition is considered one of the highest honors within the society.

EPS Distinguished Lecturers are selected from among EPS Fellows, award winners, and society leaders. Selected experts are highly regarded members of the technical community and renowned experts in their respective fields. They are invited to deliver lectures and courses at EPS events, including chapters, conferences, workshops, symposia, and IEEE Student Chapter events.

Notably, Tentzeris has previously served as a Distinguished Lecturer for the IEEE Microwave Theory and Technology Society (MTT) and the IEEE Council on Radio Frequency Identification (CRFID), highlighting his exceptional contributions across multiple societies within IEEE (Institute of Electrical and Electronics Engineers).

Since 2016, Tentzeris has held the Ken Byers Professorship in flexible electronics in ECE. He joined the faculty in 1998 and leads the ATHENA Research Group. Tentzeris’ research specializes in 3D Printed RF electronics, antennas and modules, flexible and conformal electronics and phased antenna arrays up to sub-THz, origami and morphing electromagnetics, Highly Integrated/Multilayer Packaging for RF and Wireless Applications using ceramic and organic flexible materials, “green” paper-based RFIDs and sensors, nanostructures for RF, wireless sensors, energy harvesting and wireless power transfer/wireless power grids, reconfigurable intelligent metasurfaces, heterogeneous integration and SOP-integrated (UWB, multiband, conformal) antennas.

As an EPS Distinguished Lecturer, Tentzeris will deliver lectures on Smart Cities, Smart Agriculture, Smart Manufacturing/Industry 4.0, and Digital Twin domains.

News Contact

Dan Watson
 

Best Practices in Elemental Analysis using ICP Workshop

Join us for this tailored seminar to uncover how new analytical technologies can make your laboratory more efficient and productive and gain insights on how to achieve optimal performance from your analytical workflows.

Agenda

11:30 a.m. - Welcome and introduction
David Tavakoli, Research Scientist II, IEN/IMat Materials Characterization Facility, Georgia Tech 
Kristin Roberts, Account Manager, Chromatography & Mass Spectrometry, Thermo Fisher Scientific
Barb Millard, Sales Representative, CCG RSD, Fisher Scientific