Publications

Modular Multi Agent Grid Emulations for Joined Breakdowns in Linked Generative Emulations (MMAREJBLIGE) introduces an agent-based modeling framework into real-time cyber-physical emulation to achieve a context-aware environment that introduces operator/attacker/external-condition variability to improve emulation fidelity and testing rigor. We detail our agent framework design, internal communication via message passing, and time synchronization, as well as the individual components of the system. We include a brief analysis of several scenarios run on a real-time, hardware-in-the-loop, Industrial Control Systems (ICS) test-bed which include normal operation, physical disruption, disruption with mitigation, and disruption with mitigation during a cyber denial-of-service (DOS) attack.

Abstract not provided.

Network Operation Centers (NOCs) and Security Operation Centers (SOCs) play a critical role in addressing a wide range of threats in critical infrastructure systems such as the electric grid. However, when considering the electric grid and related industrial control systems (ICSs), visibility into the information technology (IT), operational technology (OT), and underlying physical process systems are often disconnected and standalone. As the electric grid becomes increasingly cyber-physical and faces dynamic, cyber-physical threats, it is vital that cyber-physical situational awareness (CPSA) across the interconnected system is achieved. In this paper, we review existing NOC and SOC capabilities and visualizations, motivate the need for CPSA, and define design principles with example visualizations for a next-generation grid cyber-physical integrated SOC (CP-ISOC).