1

AbstractPreserving the availability and integrity of the pow-

er grid cyber infrastructure in the face of fast-spreading intru-
sions requires advances not only in prevention and detection
algorithms, but also in automated and semi-automated response
techniques. In this panel presentation, we will discuss these three
techniques to achieving resiliency, with particular emphasis on
new techniques for detection and response. Regarding detection,
we will present a new specification-based approach to intrusion
detection that makes use of formal power grid protocol specifica-
tions to build provably good detectors. Regarding response, we
will present emerging approaches for automated and semi-
automated cyber response techniques using game theory ap-
proaches. More specifically, we will describe the Response and
Recovery Engine (RRE), which represents adversaries as oppo-
nents in a two-player Stackelberg stochastic game. Case studies
will also be presented to illustrate the usefulness of these tech-
niques.

Index Termscomputer security, networked control systems,
power system security.
ACKNOWLEDGEMENT
This material is based in part upon work supported by the Depart-
ment of Energy and Department of Homeland Defense (under Award
Number DE-OE0000097) and by the NSF (under grant CNS-
0448499). The views and opinions of authors expressed herein do not
necessarily state or reflect those of the United States Government or
any agency thereof.
BIOGRAPHIES
William H. Sanders (M82, F00) is a Donald Biggar
Willett Professor of Engineering and the Director of
the Coordinated Science Laboratory
(www.csl.illinois.edu) at the University of Illinois at
Urbana-Champaign. He is a professor in the
Department of Electrical and Computer Engineering
and Affiliate Professor in the Department of
Computer Science. He is a Fellow of the IEEE and
the ACM, a past Chair of the IEEE Technical Committee on Fault-Tolerant
Computing, and past Vice-Chair of the IFIP Working Group 10.4 on
Dependable Computing. He was the founding Director of the Information
Trust Institute (www.iti.illinois.edu) at Illinois.
Dr. Sanders's research interests include secure and dependable computing and
security and dependability metrics and evaluation, with a focus on critical
infrastructures. He has published more than 200 technical papers in those
areas. He is currently the Director and PI of the DOE/DHS Trustworthy Cyber
Infrastructure for the Power Grid (TCIPG) Center (www.tcipg.org), which is
at the forefront of national efforts to make the U.S. power grid smart and

William H. Sanders is with the Department of Electrical and Computer

Engineering, the Coordinated Science Laboratory, and the Information Trust
Institute at the University of Illinois, Urbana-Champaign, IL, 61801 (e-mail:
whs@illinois.edu).

resilient.
He is also co-developer of three tools for assessing computer-based systems:
METASAN, UltraSAN, and Mbius. Mbius and UltraSAN have been
distributed widely to industry and academia; more than 500 licenses for the
tools have been issued to universities, companies, and NASA for evaluating
the performance, dependability, and security of a variety of systems. He is also
a co-developer of the Loki distributed system fault injector, the AQuA/ ITUA
middlewares for providing dependability/security to distributed and networked
applications, and the NetAPT (Network Access Policy Tool) for assessing the
security of networked systems.




Building Resilient Infrastructures for Smart
Energy Systems (Abstract)
William H. Sanders

, Fellow, IEEE
978-1-4577-2159-5/12/$31.00 2011 IEEE