Research

Projects

Secure Multicast for Control Networks

The connectivity between control networks and inter-networks becomes an important trend of control systems. The connectivity improves efficiency of system management, reduces cost and provides increased visibility of the process to the enterprise. However, the connectivity also introduces serious cyber security threats, which were not significant in control networks when most systems relied on physical isolation.

In this project, we aim at next generation multicast for control networks, e.g. secure GOOSE for power substations. We propose an IPsec based multicast scheme with the concern of timing constraints, including Group Security Association (GSA), Group Security Policy (GSP) and an enhanced group key management protocol. We design and evaluate the performance of native IPsec multicast and hub-and-spokes IPsec multicast schemes with off-the-shelf IPsec implementations in LAN. For the case study of IEC61850 enabled substations, a secure multicast configuration tool integrated with Substation Configuration Language (SCL) is under development.

Group Internet Key Exchange

Current IETF group key management protocol, Group Domain of Interpretation (GDOI), is based on inefficient and DoS-vulnerable IKEv1. We propose an enhanced key management scheme for multicast IPsec, which substitutes Phase 1 of GDOI, i.e. Phase 1 of IKEv1, with IKEv2's first two exchanges for mutual authentication. We are editing an IETF draft. A more efficient and DoS-resistant scheme will be concerned based on new protocol scheme.

Secure Intelligent Electronic Device

By analyzing the security threats to networked IEDs and current power grid communication protocols and network architectures, we argue the idea of defense in depth of control devices in substation networks. We propose an integrated architecture of secure wired and wireless network for substations. A white paper is under editing with TCIP researchers.

Past Projects

	TVA Bradley IEC61850 Substation IED Test Project (intern project)
	AMPol: Adaptive Messaging Policy
	Outsourcing Security Analysis with Anonymized Logs (course project)
	A Framework of Peer-to-Peer Policy Negotiation (intern project)
	XKeySec - XML Based PKIX Key Management System

Talks

	TVA Bradley IEC61850 Substation IED Test Project Jianqing Zhang TCIP SIG Architecture, UIUC. December 2008
	Secure Intelligent Electronic Devices (SIEDs) Carl A. Gunter, Sam King and Jianqing Zhang Power Systems Engineering Research Center (PSERC) Industrial Advisory Board Meeting, Urbana, U.S., May 2007
	IEC 61850 - Communication Networks and Systems in Substations: An Overview of Computer Science Jianqing Zhang and Carl A. Gunter UIUC, April, 2007

Professional Service

	Reviewer: The 29th International Conference on Distributed Computing Systems (ICDCS'09)
	Reviewer: The 41st Hawaii International Conference on System Sciences (HICCS-41)
	Reviewer: The 20th IEEE Computer Security Foundations Symposium (CSF'07)
	Reviewer: Workshop on Privacy in the Electronic Society 2007 (WPES'07)
	Reviewer: The 3rd IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS'06)