Secure GPS clock synchronization in smart grids

Tese de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2015As smart grids resultaram da integração da rede elétrica atual no mundo digital. Isso traz várias vantagens às redes elétricas, como uma instalação, configuração e manutenção mais simples e eficiente, mas também a fácil integração na rede de novas tecnologias. Enquanto as redes elétricas continuam a crescer em dimensão e complexidade, elas tornam-se mais importantes para a sociedade e subsequentemente mais sujeitas a ataques distintos. Alguns dos objetivos mais importantes da smart grid são: acomodar uma grande variedade de tecnologias de produção de eletricidade como a eólica, solar e geotérmica; ser resiliente a ataques físicos e ciber-ataques; ter mecanismos de deteção, análise e resposta automática a incidentes; dar mais poder ao consumidor final sobre como e quando a energia pode ser comprada ou consumida. Para implementar actividades relacionadas com a monitorização do estado da smart grid, vários componentes especializados são geograficamente distribuídos pela rede. Um dos dispositivos críticos é o Phase Measurement Unit (Unidade de Medição de Fase) (PMU). Este dispositivo é usado para estimar o estado da smart grid num determinado momento, recolhendo várias métricas sobre a qualidade do sinal elétrico. Para se conseguir criar uma imagem geral da rede inteira, todos estes dispositivos necessitam de ser sincronizados no tempo, assegurando assim que as medições são efetuadas aproximadamente no mesmo instante. A sincronização do tempo desempenha um papel crucial na estabilidade e no funcionamento correto de todos os componentes da smart grid. Dada a importância da sincronização de tempo, e a falta de qualquer tipo de proteção nas soluções atuais, este sistema torna-se num alvo potencial para atacantes. Em conformidade com os standards, a precisão dos relógios dos PMU’s devem ter um erro máximo na ordem dos 30 µs. Isso garante que a informação recolhida sobre o estado da smart grid é válida. Hoje em dia este requisito é satisfeito usando equipamentos GPS em cada sítio onde se encontra um PMU. Quando o GPS foi concebido, não se pensou que podia vir a ter o sucesso e o impacto atual e, portanto, assegurar a sua segurança não foi um ponto importante. Ao longo do tempo passou a ser usado em infraestruturas críticas, o que introduz eventuais problemas graves de segurança. As smart grids são uma destas estruturas críticas onde o GPS está a ser usado sem qualquer tipo de proteção. Atualmente existe também uma versão segura do GPS que é empregue pelas forças militares. Os dispositivos que conseguem decifrar este sinal só estão disponíveis ao exército. Por além disso, todos os detalhes sobre o funcionamento do algoritmo de cifra são mantidos em segredo. Ao longo dos anos foram desenvolvidos vários tipos de ataques ao GPS. O mais básico é o Blocking que consiste simplesmente em impedir a comunicação entre a antena do recetor e o sinal GPS. Isso pode ser conseguido de uma maneira tão simples como tapar a antena com um bocado de metal. Um ataque que tenta também quebrar a ligação com o satélite é o Jamming. A ideia deste ataque é introduzir ruído suficiente para que o recetor não consiga distinguir o sinal original. Estes dois tipos de ataques só conseguem perturbar o funcionamento do recetor GPS. Um tipo de ataque mais potente é o Spoofing. Este ataque consegue modificar o sinal original vindo do satélite de forma a enganar o recetor. Assim é possível fazer com que o recetor GPS mostre uma posição¸ ou tempo incorretos. Nesta dissertação também foi analisada uma evolução deste ataque que tem como alvo a alteração ilegítima dos dados contidos no sinal. Isso pode fazer como que o recetor falhe ou deixe de poder ser usado. Os algoritmos de sincronização de relógios existentes hoje em dia, nomeadamente o Network Time Protocol (NTP) e o Precision Time Protocol (PTP), não são suficientemente robustos, em termos de segurança ou precisão, para serem utilizados na smart grid. O NTP foi concebido para a sincronização de relógios em redes de grande escala mas não consegue fornecer a precisão necessária para os requisitos da smart grid. Por outro lado temos o PTP que consegue atingir uma precisão na ordem dos nanosegundos em certas condições, mas é muito sensível a atrasos e oscilações na rede. Isso faz com que o PTP só consiga garantir uma precisão de tempo na ordem dos nanosegundos em redes de pequena escala. A smart grid usa uma rede de alta velocidade com relativamente pouco tráfego, o que torna o PTP uma possível solução para algumas partes dessa rede. Em termos de segurançaa, o PTP não está preparado para ser utilizado num ambiente tão crítico como a smart grid, sendo suscetível a ataques. O foco desta investigação é encontrar um algoritmo resiliente a faltas, capaz de satisfazer os requisitos de sincronização de tempo necessários para o correto funcionamento da smart grid. Foi desenvolvida uma solução baseada no PTP, que consegue cumprir os requisitos de precisão temporal na smart grid e também consegue mitigar todos os tipos de ataques ao GPS que foram identificados. Para além disso, a solução também permite reduzir o número de recetores de GPS necessários para o funcionamento correto da smart grid.Smart grids resulted from the integration of computer technologies into the current power grid. This brings several advantages, allowing for a faster and more efficient deployment, configuration and maintenance, as well as easy integration of new energy sources (e.g., wind and solar). As smart grids continue to grow in size and complexity, they become subject to failures and attacks from different sources. Time synchronization plays a crucial role in the stability and correct functioning of many grid components. Considering how sensitive time synchronization is, the tight restrictions imposed for correct operation and the lack of any kind of protection, makes this service a potential prime target for attackers. Today most of the time synchronization requirements are met using relatively expensive GPS hardware placed in some locations of the smart grid. When GPS was first devised, nobody could have predicted the success and the impact that it would have and therefore, security was never an important concern. Through the years, it slowly gained entrance into more critical systems, where it was never intended to be used, which can lead to serious security problems. The smart grid is just one of these critical systems where GPS is being employed without any kind of protection. The focus of this research is trying to solve this problem, by proposing a more secure and robust clock synchronization algorithm. A solution based on the Precision Time Protocol (PTP) was developed that manages to fulfill the time synchronization requirements of the smart grid and is also capable of mitigating all types of identified GPS attacks. As an added benefit, the solution may also reduce the number of GPS receivers necessary for the correct operation of the smart grid, contributing to decrease costs

Towards efficient coexistence of IEEE 802.15.4e TSCH and IEEE 802.11

A major challenge in wide deployment of smart wireless devices, using different technologies and sharing the same 2.4 GHz spectrum, is to achieve coexistence across multiple technologies. The IEEE~802.11 (WLAN) and the IEEE 802.15.4e TSCH (WSN) where designed with different goals in mind and both play important roles for respective applications. However, they cause mutual interference and degraded performance while operating in the same space. To improve this situation we propose an approach to enable a cooperative control which type of network is transmitting at given time, frequency and place. We recognize that TSCH based sensor network is expected to occupy only small share of time, and that the nodes are by design tightly synchronized. We develop mechanism enabling over-the-air synchronization of the Wi-Fi network to the TSCH based sensor network. Finally, we show that Wi-Fi network can avoid transmitting in the "collision periods". We provide full design and show prototype implementation based on the Commercial off-the-shelf (COTS) devices. Our solution does not require changes in any of the standards.Comment: 8 page

A Priority-based Fair Queuing (PFQ) Model for Wireless Healthcare System

Healthcare is a very active research area, primarily due to the increase in the elderly population that leads to increasing number of emergency situations that require urgent actions. In recent years some of wireless networked medical devices were equipped with different sensors to measure and report on vital signs of patient remotely. The most important sensors are Heart Beat Rate (ECG), Pressure and Glucose sensors. However, the strict requirements and real-time nature of medical applications dictate the extreme importance and need for appropriate Quality of Service (QoS), fast and accurate delivery of a patient’s measurements in reliable e-Health ecosystem. As the elderly age and older adult population is increasing (65 years and above) due to the advancement in medicine and medical care in the last two decades; high QoS and reliable e-health ecosystem has become a major challenge in Healthcare especially for patients who require continuous monitoring and attention. Nevertheless, predictions have indicated that elderly population will be approximately 2 billion in developing countries by 2050 where availability of medical staff shall be unable to cope with this growth and emergency cases that need immediate intervention. On the other side, limitations in communication networks capacity, congestions and the humongous increase of devices, applications and IOT using the available communication networks add extra layer of challenges on E-health ecosystem such as time constraints, quality of measurements and signals reaching healthcare centres. Hence this research has tackled the delay and jitter parameters in E-health M2M wireless communication and succeeded in reducing them in comparison to current available models. The novelty of this research has succeeded in developing a new Priority Queuing model ‘’Priority Based-Fair Queuing’’ (PFQ) where a new priority level and concept of ‘’Patient’s Health Record’’ (PHR) has been developed and integrated with the Priority Parameters (PP) values of each sensor to add a second level of priority. The results and data analysis performed on the PFQ model under different scenarios simulating real M2M E-health environment have revealed that the PFQ has outperformed the results obtained from simulating the widely used current models such as First in First Out (FIFO) and Weight Fair Queuing (WFQ). PFQ model has improved transmission of ECG sensor data by decreasing delay and jitter in emergency cases by 83.32% and 75.88% respectively in comparison to FIFO and 46.65% and 60.13% with respect to WFQ model. Similarly, in pressure sensor the improvements were 82.41% and 71.5% and 68.43% and 73.36% in comparison to FIFO and WFQ respectively. Data transmission were also improved in the Glucose sensor by 80.85% and 64.7% and 92.1% and 83.17% in comparison to FIFO and WFQ respectively. However, non-emergency cases data transmission using PFQ model was negatively impacted and scored higher rates than FIFO and WFQ since PFQ tends to give higher priority to emergency cases. Thus, a derivative from the PFQ model has been developed to create a new version namely “Priority Based-Fair Queuing-Tolerated Delay” (PFQ-TD) to balance the data transmission between emergency and non-emergency cases where tolerated delay in emergency cases has been considered. PFQ-TD has succeeded in balancing fairly this issue and reducing the total average delay and jitter of emergency and non-emergency cases in all sensors and keep them within the acceptable allowable standards. PFQ-TD has improved the overall average delay and jitter in emergency and non-emergency cases among all sensors by 41% and 84% respectively in comparison to PFQ model

Impacts of Channel Switching Overhead on the Performance of Multicast in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising technology for next generation wireless networking. A WMN extends network coverage using wireless mesh routers that communicate with each other via multi-hop wireless communications. One technique to increase the network capacity of WMNs is to use routers equipped with multiple radios capable of transmitting and receiving on multiple channels. In a Multi-Channel Multi-Radio wireless mesh network (MCMR WMN), nodes are capable of transmitting and receiving data simultaneously through different radios and at least theoretically doubling the average throughput. On the other hand, the use of multi-radio and multi-channel technology in many cases requires routers to switch channels for each transmission and/or reception. Channel switching incurs additional costs and delay. In this thesis, we present a simulation-based study of the impacts of channel switching overheads on the performance of multicast in MCMR WMNs. We study how channel switching overheads affect the performance metrics such as packet delivery ratio, throughput, end-to-end delay, and delay jitter of a multicast session. In particular, we examine: 1. the performance of multicast in MCMR WMNs with three orthogonal channels versus eleven overlapping channels defined in IEEE 802.11b. 2. the performance of the Minimum-interference Multi-channel Multi-radio Multicast (M4) algorithm with and without channel switching. 3. the performance of the Multi-Channel Minimum Number of Transmissions (MCMNT) algorithm (which does not do channel switching) in comparison with the M4 algorithm (which performs channel switching)

Experimental Evaluation and Comparison of Time-Multiplexed Multi-FPGA Routing Architectures

Emulating large complex designs require multi-FPGA systems (MFS). However, inter-FPGA communication is confronted by the challenge of lack of interconnect capacity due to limited number of FPGA input/output (I/O) pins. Serializing parallel signals onto a single trace effectively addresses the limited I/O pin obstacle. Besides the multiplexing scheme and multiplexing ratio (number of inter-FPGA signals per trace), the choice of the MFS routing architecture also affect the critical path latency. The routing architecture of an MFS is the interconnection pattern of FPGAs, fixed wires and/or programmable interconnect chips. Performance of existing MFS routing architectures is also limited by off-chip interface selection. In this dissertation we proposed novel 2D and 3D latency-optimized time-multiplexed MFS routing architectures. We used rigorous experimental approach and real sequential benchmark circuits to evaluate and compare the proposed and existing MFS routing architectures. This research provides a new insight into the encouraging effects of using off-chip optical interface and three dimensional MFS routing architectures. The vertical stacking results in shorter off-chip links improving the overall system frequency with the additional advantage of smaller footprint area. The proposed 3D architectures employed serialized interconnect between intra-plane and inter-plane FPGAs to address the pin limitation problem. Additionally, all off-chip links are replaced by optical fibers that exhibited latency improvement and resulted in faster MFS. Results indicated that exploiting third dimension provided latency and area improvements as compared to 2D MFS. We also proposed latency-optimized planar 2D MFS architectures in which electrical interconnections are replaced by optical interface in same spatial distribution. Performance evaluation and comparison showed that the proposed architectures have reduced critical path delay and system frequency improvement as compared to conventional MFS. We also experimentally evaluated and compared the system performance of three inter-FPGA communication schemes i.e. Logic Multiplexing, SERDES and MGT in conjunction with two routing architectures i.e. Completely Connected Graph (CCG) and TORUS. Experimental results showed that SERDES attained maximum frequency than the other two schemes. However, for very high multiplexing ratios, the performance of SERDES & MGT became comparable

Recent Trends in Communication Networks

In recent years there has been many developments in communication technology. This has greatly enhanced the computing power of small handheld resource-constrained mobile devices. Different generations of communication technology have evolved. This had led to new research for communication of large volumes of data in different transmission media and the design of different communication protocols. Another direction of research concerns the secure and error-free communication between the sender and receiver despite the risk of the presence of an eavesdropper. For the communication requirement of a huge amount of multimedia streaming data, a lot of research has been carried out in the design of proper overlay networks. The book addresses new research techniques that have evolved to handle these challenges

Design and implementation of high quality H.264 video streaming over wireless mesh networks

Wireless multimedia home servers are the next generation of home entertainment systems. From a single broadband connection entering a residence, the multimedia stream is transmitted to television headsets and other peripherals by using only wireless links. The provision of high quality time-critical multimedia services in indoor environment is very challenging due to high attenuation and multi-path fading caused by the walls and contention in the shared channel. In this thesis, we demonstrate that the newly proposed wireless standard on wireless mesh networks can help improve the coverage while supporting Quality of Service requirements of both multimedia and data users, when the video packets are given EDCA priorities based on their importance according to the new high definition video streaming standard H.264. We support our hypothesis by presenting test results gathered from both simulations and from a real implementation test bed, where we observe very low delay and very few packet losses in video stream and almost no loss in perceived video quality even in the presence of high contending neighboring data traffi

Design of a low-cost high speed data capture card for the Hubble Sphere Hydrogen Survey

Includes bibliographical references (leaves 101-105).This thesis describes the design and implementation of a low-cost high speed data capture card for the Hubble Sphere Hydrogen Survey (HSHS). The Hubble Space Hydrogen Survey was initiated in an effort to build a low-cost cylindrical radio telescope for an all sky redshift survey with the observational goal to produce a 3-dimensional mapping of the bulk Hubble Sphere using Hydrogen 21cm emissions. This dissertation ï¬ rst investigates the system design to see how each of the user speciï¬ cations set by the planning team could be achieved in terms of design decisions, component selection and schematic capture. The final design. AstroGIG, satisï¬ es the user speciï¬ cations by capturing data up to a full power bandwidth of 1.7GHz with an instantaneous bandwidth of ≤ 250MHz white maximizing the dynamic range. AstroGIG buffers, processes, stores and ï¬ nally transmits the data through a 4-lane PCI-Express interface to a standard PC where the majority of the processing is performed. The system implementation is then described where issues relating to the process of transforming schematics into a physical PCB, and HSHS integration are discussed. The design is veriï¬ ed through Hyperlynx simulations to give a high degree of certainty that physical implementation and production would be successful. Results from tests on the actual hardware characterizing the overall system performance are presented. Conclusions are drawn based on these results and suggestions for future work and design improvements are recommended