Interventional Security: Unified End-to-End Cyber-Physical Defense Leveraging Deep Network Intervention for Attack-Mitigation in Power-Control Networks : vTools Events

IEEE.org | IEEE Xplore Digital Library | IEEE Standards | IEEE Spectrum | More Sites

Interventional Security: Unified End-to-End Cyber-Physical Defense Leveraging Deep Network Intervention for Attack-Mitigation in Power-Control Networks

#atlanta #georgia #energy #pes #technical #defense #cybersecurity #interventionalsecurity #human-in-the-loop

The modern electrical grid faces rapid, cyber-enabled threats that outpace traditional defenses. Operators need immediate command filtering and predictive assessment. However, current cybersecurity and power-security solutions cannot stop malicious commands in time or evaluate contingency analysis quickly enough. This work details a unified ``interventional security'' framework that defines a proactive cyber-physical security paradigm that combines the ability to intercept communications (deep network intervention) with centralized decision-making that determines when, where, and to what extent to intervene, thereby mitigating unsafe states and trajectories before they can cause harm (interventional security). This is accomplished by employment of (i) semantics-aware in-line devices that intercept and conditionally block hazardous DNP3/TCP commands, (ii) a deep-neural-network power-security estimator to predict the impact of control actions, and (iii) conditional human-in-the-loop decisions for final authorization or rejection of commands. Evaluation on real utility traffic and with large-scale electrical transmission simulation shows sub-millisecond latency for packet interception and analysis, 10-times lower error and 30-times faster evaluation than existing power-security analysis methods, and validation of this pipeline's ability for improving operator situational awareness and control. Results demonstrate this solution's ability to mitigate effects of real-world attacks like those against the Ukrainian electrical grid, preventing widespread disruption before damage occurs.

Date and Time

Location

Hosts

Registration

Add Event to Calendar
iCal
Google Calendar

430 10th Street
Atlanta, Georgia
United States 30332

Contact Event Host

Starts 11 March 2026 08:00 AM UTC
Ends 23 April 2026 04:00 PM UTC

Admission fee ?

Speakers

Adam King

Biography:

Adam King (Graduate Student Member, IEEE) is a doctoral candidate in the School of Electrical and Computer Engineering at the Georgia Institute of Technology, Atlanta, Georgia, USA. He earned his M.S. degree in Electrical and Computer Engineering from the Georgia Institute of Technology in 2022, and his dual B.S./M.S. degrees in Computer Science from the University of Georgia, Athens, Georgia, USA in 2018. Mr. King has prior work experience with embedded systems for small satellites, hypersonic rockets, and suborbital reentry vehicles. His current research is on cyber-physical security of transmission, distribution, and microgrid power systems.

Trevor Lewis

Biography:

Dr. Trevor M. Lewis is a Principal Research Scientist and Offensive Cybersecurity Engineer for the Georgia Tech Research Institute (GTRI), Atlanta, Georgia, USA. Dr. Lewis' primary areas of research and consulting for the US Department of Defense (DoD), US Department of Energy (DoE), and Critical Infrastructure entities include penetration testing, red teaming, cyber threat emulation, Defensive Cyber Operations (DCO), security architecture design, and threat hunting, among many others. At GTRI, Dr. Lewis routinely leads research projects that implement real-world operational cybersecurity capabilities for industry, government, and DoD customers that have real mission impacts, including electric power/ICS/SCADA environments.

Agenda

11:00am - 11:15am - Sign in and Networking

11:15am - 12:45pm - Lunch and Presentation

12:45pm - 1:00pm - Questions and Adjourn