Research Projects

Secure Internetworked Control Systems

The connectivity between control networks and internetworks, such as the Internet and enterprise networks, is an important trend for process control systems. The connectivity improves efficiency of system management, reduces cost by using commercial technologies, and provide increased visibility of the process to the enterprise. However, the connectivity introduces serious cyber security threats, which were not significant in control networks since most systems relied on physical isolation. A basic solution is to apply existing security mechanisms for internetworks to control networks directly. However, some solutions often don't address the security vulnerabilities completely and efficiently. For example, firewalls and VPNs are error prone due to human errors and provide only coarse-grained access control enforcement. Because the two networks have different purposes, the mechanisms can not handle some special requirements of control systems, such as timing constraints. Furthermore, current solutions do not address the security of future applications inspired by the connectivity between control networks and internetworks. Therefore, common security solutions may not be appropriate for control networks.

We claim End-to-End(E2E) security is a feasible approach to improve security of internetworked control systems. By E2E security, control devices have built-in security features. They can communicate independently and securely with other entities over internetworks. Authentication and authorization can be flexibly enforced on each device. E2E security can provide network assurance that guarantees secure message transmission with the concern of special requirements of process control, such as authenticated communications with desired latency, and prevent DoS vulnerabilities introduced by the connectivity. At the application layer, E2E trust is used to address authenticity and integrity of entities inside or outside of control networks. It is control system specific and bi-directional. Remote hosts can assess control device configurations; control devices can verify authenticity of remote hosts or other control devices. Based on E2E trust, a uniform authorization scheme can be used for fine-grained access control.

To achieve these goals, the proposal presents an E2E Control Network Architecture (E2E-CNA). We propose a Network Security Hub (Network Hub) to guarantee network assurance. By "inverted" hub-and-spokes communication scheme, which is based on existing security protocols, such as IPSec, Network Hub provides secure tunnels for timing critical communications within a process control network. Network Hub also behaves as a gateway to maintain secure tunnels across control networks and internetworks. We introduce Authentication & Authorization Hub (AA Hub) to realize E2E trust. Working with trust modules on each control device, it verifies credentials bi-directionally and enforces Attribute-Based Role Assignment access control policies. E2E-CNA is policy driven. Policies for secure communication and fine-grained access control are defined by centralized security hubs and then enforced by individual control devices.

End-to-End Control Network Architecture

We validate E2E-CNA with case study of power substation networks. Network Hub and AA Hub are implemented and deployed in a substation network test bed. Secure Intelligent Electronic Devices (SIEDs) are implemented with full features of E2E security; including modules of IPSec based substation communications and distributed authorization. Internet traffic and substation network traffic are emulated and analyzed under four basic scenarios: unloaded traffic, loaded traffic across internetworks, resilience on DoS attacks and combined traffic. Besides setting up our own test-bed for preliminary test, we also emulate a medium size control network via Deterlab. All validation scenarios are based on power substation network communication specifications, such as IEC61850.

Concerning both cyber security and domain specific requirements of control networks, E2E-CNA implements E2E security for internetworked control systems. By integrating and enhancing existing security mechanisms, E2E-CNA enables control devices to be connected to internetwork directly in a secure manner. This achieves a real connection between control networks and internetworks.

Past Projects

bullet

AMPol, a.k.a. Adaptive Messaging Policy, explores the idea of providing a way for potential respondents to advertise policies and for would-be initiators to adapt to these policies to enable communication.
bullet

Outsourcing Security Analysis with Anonymized Logs is a course project. It analyzes the logs used for security analysis with the concern of privacy and propose the constraints on anonymization of security monitor logs.
bullet

WSEmail explores the objective of improving Internet messaging (email) by redesigning it as a family of web services.

Publications

Thesis and Papers

bullet

Raja N. Afandi, Jianqing Zhang, and Carl A. Gunter, AMPol-Q: Adaptive Middleware Policy to Support QoS, 4th International Conference on Service Oriented Computing (ICSOC'06), Chicago, U.S., 2006
bullet

Raja N. Afandi, Jianqing Zhang, Munawar Hafiz and Carl A. Gunter, AMPol: Adaptive Messaging Policy, the 4th IEEE European Conference on Web Services (ECOWS'06), Zurich, Switzerland, December 2006
bullet

Jianqing Zhang, Nikita Borisov, William Yurcik, Outsourcing Security Analysis with Anonymized Logs, 2nd International Workshop on the Value of Security through Collaboration (SECOVAL'06), Baltimore, U.S., 2006
bullet

Jianqing Zhang, Nikita Borisov, William Yurcik, and Adam J. Slagell, Future Internet Security Services Enabled by Sharing of Anonymized Logs (position paper), Future Internet Security Services Enabled by Sharing of Anonymized Logs, ETRICS Workshop on Security and Privacy in Future Business Services, Jun. 2006
bullet

Jianqing Zhang, Xudong Liu, Jinpeng Huai, Research and Implementation Of XML-Based Key Management, Journal Of Computer Research & Development, Vol. 40, Jan. 2003, P. R. China
bullet

Jianqing Zhang, Research & Implementation of XML-Based Key Management System, Master thesis, Beijing Univ. of Aero. & Astro., Mar. 2002, P. R. China
bullet

Jianqing Zhang, Network Security and Internet Firewall, Oct. 1999, China Internet Times, P.R. China

Book Chapters

bullet

Microsoft Access Version 2002 Inside Out, Translation, Tsinghua University Press, Nov. 2002, P.R. China.
bullet

MCSE Training Kit: Microsoft Exchange 2000 Server, Translation, Chapter 6 - Chapter 10. Tsinghua University Press, Oct. 2001, P.R. China.
bullet

MCSE Training Kit: Microsoft SQL Server 2000 Database Design and Implementation, Translation, Chapter 13 ¨C Chapter 20. Tsinghua University Press, Sep. 2001, P.R. China.

Reports and Drafts

bullet

Carl A. Gunter, Michael LeMay, Jianqing Zhang, George Gross, and Samuel T. King, Mitigating Risks and Exploiting Opportunities for Networked Power Devices, Mar. 2007
bullet

Raja N. Afandi, Jianqing Zhang, Munawar Hafiz and Carl A. Gunter, AMPol: Adaptive Messaging Policy System, Nov. 2005
bullet

Jianqing Zhang, Anne Anderson, A framework of Peer-to-Peer Policy Negotiation, Aug. 2005

Presentations and Posters

bullet

Jianqing Zhang, Chris Grier, Samuel T. King, and Carl A. Gunter, Secure Intelligent Electronic Devices, the 4th Midwest Security Workshop (MSW), Chicago, U.S., October, 2007
bullet

Carl A. Gunter, Sam King and Jianqing Zhang, Secure Intelligent Electronic Devices (SIEDs), Power Systems Engineering Research Center (PSERC) Industrial Advisory Board Meeting, Urbana, U.S., May 2007
bullet

Jianqing Zhang and Carl A. Gunter, IEC 61850 - Communication Networks and Systems in Substations: An Overview of Computer Science, July, 2007
bullet

Jianqing Zhang, Raja Afandi, Carl Gunter, Adaptive Messaging Policy (AMPol), Apr. 2005
bullet

Raja Afandi, Jianqing Zhang, Policy-based Puzzle Anti-Spam on WSEmail, Dec. 2004. Course project report of CS598CAG

Other Academia Activities

bullet

Reviewer: The 41st Hawaii International Conference on System Sciences (HICCS-41)
bullet

Reviewer: The 20th IEEE Computer Security Foundations Symposium (CSF'07)
bullet

Reviewer: Workshop on Privacy in the Electronic Society 2007 (WPES'07)
bullet

Reviewer: The 3rd IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS'06)