Visible to the public Self-Healing Cyber Resilient Framework for Software Defined Networking-Enabled Energy Delivery System

TitleSelf-Healing Cyber Resilient Framework for Software Defined Networking-Enabled Energy Delivery System
Publication TypeConference Paper
Year of Publication2018
AuthorsHasan, K., Shetty, S., Hassanzadeh, A., Salem, M. B., Chen, J.
Conference Name2018 IEEE Conference on Control Technology and Applications (CCTA)
Date Publishedaug
Keywordsaccess control rules, authentication, authorisation, automated network management, autonomous attack containment, composability, computational complexity, computer network management, computer network security, configurable trust levels, Cyber Attacks, cyberattack, delays, end-to-end packet delay, Fault tolerance, Immune system, multiobjective optimization framework, network orchestration, networking paradigm, optimisation, pubcrawl, quality of service, resilience, Run Time, SDN controller, SDN self-healing mechanisms, security cost, security countermeasures, self-healing cyber resilient framework, self-healing networks, software defined networking, software defined networking-enabled energy delivery system, Sorting, system resilience, virtualization
AbstractSoftware defined networking (SDN) is a networking paradigm to provide automated network management at run time through network orchestration and virtualization. SDN can also enhance system resilience through recovery from failures and maintaining critical operations during cyber attacks. SDN's self-healing mechanisms can be leveraged to realized autonomous attack containment, which dynamically modifies access control rules based on configurable trust levels. In this paper, we present an approach to aid in selection of security countermeasures dynamically in an SDN enabled Energy Delivery System (EDS) and achieving tradeoff between providing security and QoS. We present the modeling of security cost based on end-to-end packet delay and throughput. We propose a non-dominated sorting based multi-objective optimization framework which can be implemented within an SDN controller to address the joint problem of optimizing between security and QoS parameters by alleviating time complexity at O(M N2), where M is the number of objective functions and N is the number of population for each generation respectively. We present simulation results which illustrate how data availability and data integrity can be achieved while maintaining QoS constraints.
Citation Keyhasan_self-healing_2018