Cloud-enabled Operation, Security Monitoring, and Forensics (COSMIC)

Summary

While information technologies evolve at pace, the adoption of the modern IT cloud infrastructure and services are widely considered anathema with respect to ICS, due to fear of disruption to operations, challenges involved in the migration of legacy systems, and questions around resilience. The COSMIC project therefore proposes to investigate approaches for seamless and secure transition of legacy critical industrial control systems to the cloud with improved security, resilience, and failover protection, while also enabling new opportunities to enhance intrusion response and post-event forensics. This disruptive change has the potential to support both existing ICS operations, and to enable the creation of new solutions to improve ICS operations.

The main focus of this project will be the power systems domain and the technologies used in the substations. Emerging cloud technologies will provide an opportunity for industry to embrace a new paradigm, moving away from installing multiple stand-alone “boxes”, comprising a vertical stack of sensors, hardware and software, and instead adopt a modernised, platform-based approach, where sensors and actuators can be serviced by a common computing platform.

Project members

Professor Sakir Sezer, Director of Research and the Head of the Networked System Security at the Centre for Secure Information Technology (CSIT) at Queen's University Belfast

Professor Sezer is a world-renowned authority in high-performance network processing and Internet security technologies. His research is leading major advances in the field of high-performance content and security processing, spanning cybersecurity related topics in malware, embedded systems, IoT, ICS and network security, in collaboration with leading corporations in the US and UK. Professor Sezer is also co-founder and CTO of Titan IC Systems Ltd, and is a member of various research and executive committees.

Dr David Laverty, Senior Lecturer in the School of Electronics, Electrical Engineering and Computer Science at Queen's University Belfast

David’s research interests involve methods of enhanced grid stability through use of advanced active network management, or Smart Grid, technologies. He has particular interests in the areas of Phasor Measurement Unit design, certification and testing, and I founded and lead the OpenPMU project. He is interested in wide area monitoring and control, and the telecoms challenges involved in doing so. Thus he undertakes research work in the areas of wide area telecoms performance, protocols and cyber security.

His developing interests consider the use of PMU technology and wide area telecoms for enhanced operation of the electricity infrastructure during times of stress and faults. This involves islanding detection of embedded generation, phase control of embedded generation, power quality, and the use of electric vehicles to provide inertia to the power system.

Dr Kieran McLaughlin, Senior Lecturer in the School of Electronics, Electrical Engineering and Computer Science at Queen's University Belfast

Since 2010, Dr McLaughlin has led the building of CSIT’s research capabilities in Industrial Control System (ICS) cyber-security, specialising in network and SCADA security for Smart Grids and Critical Infrastructure. His research focuses on emerging approaches for Intrusion Detection Systems (IDS), customised protocol analysis approaches, detection methods for malicious/anomalous network communications activity, threat analysis and ethical hacking of ICS networks, cyber security resilience, and automated intrusion response systems. Dr McLaughlin is also active in a number of complimentary cyber-security related research areas, particularly IT network anomaly detection and malware analysis and detection. He is principal investigator of EPSRC project ADAMA, investigating a threat measurement approach to establish the real-time cyber-security status of a networked environment.