The Fraunhofer-Gesellschaft (www.fraunhofer.com) currently operates 76 institutes and research institutions throughout Germany and is the world’s leading applied research organization. Around 30 800 employees work with an annual research budget of 3.0 billion euros.
The increasing integration of renewable energies and other decentralized energy resources (DER) into the power grid is leading to a growing number of Virtual Power Plants (VPP). These VPPs consist each of networks of decentralized power generation units, flexible power consumers, and storage systems that are aggregated and managed as a single entity to supply power to the grid or specific consumers. In this setting, utilities and VPP operators relies on wide-area communication networks to remotely control a variety of DER such as renewable energy plants and even battery storage systems and inverter-coupled devices including electric vehicles and heat pumps, or to interface or coordinate with each other. Cyber-resilience primary adversary is the Advanced Persistent Threat (APT), and one of the cornerstones of cyber-resilience engineering is the acceptance of the assumption that the adversary has infiltrated the system and achieved a persistent presence within it. The conceptual objective is to assure its mission despite the adverse conditions that the APT may cause to the system. Deception technology and adversary engagement are included in the constructs of NIST SP 800-160v2r1, however their practical implementation in decentralized Cyber-physical Systems, such as the VPP, is mostly unknown, especially due to the complexity (i.e., our ability to predict the behavior of the system against a set of conditions) of critical infrastructure systems, and their operation at the edge of chaos.
Furthermore, with the average life span of VPP components ranging in at least 10 years, the current and expected computational capabilities of components, sub-systems, or the VPP as a whole, is limited, making integration of deception technology challenging. However, the strategic asymmetric advantage that deception technology provides may supersede the potential trade-offs; a notion that is put to the question through this thesis research proposal.
We are looking for motivated students who are interested in a challenging master's thesis in the field of cyber resilience of Virtual Power Plants (VPP). This work focuses on the development and evaluation of deception technology, specifically tailored to the needs of a VPP.
What you will do
Potential tasks may include the following:
- Task 1: **Systematic Literature Review on the applicability of deception technology within the parameters of cyber resilience: ** Conduct a comprehensive literature review to identify existing methods, solutions and implementation approaches of deception technology in Virtual Power Plants with a view of the Goals and Objectives of Cyber-resilience.
- Task 2: **Evaluate existing deception technology tools and frameworks in their applicability in Virtual Power Plants: ** Investigate and evaluate the state of the art in deception technology in respect to tooling, such as Artillery, Open Canary, and Web Bug Server; frameworks, such as the Harbringer distribution; and prototypes, such as the AHEAD pod prototype. Based on the literature review and evaluation of the tooling, examine the synergies and conflicts of deception technology in the context of the Virtual Power Plant as a Complex System.
- Task 3: **Design and Implementation of a Cyber-resilience maneuvering strategy:** Based on the findings from Task 1 & Task 2, design a cyber-resilience maneuvering strategy, which may be based on Non-persistence, examine the Game-Theoretic aspects of optimal deception technology usage, especially with respect to its diminishing returns, and implement the strategy in a simulation environment.
- Task 4: **Evaluation: ** Evaluate the usefulness, effectiveness and usability of the developed strategy. Furthermore, you are expected to subsequently analyze the results of the evaluation studies and derive well-founded recommendations for the further development and optimization of deception technology in the context of Virtual Power Plants. Consider technical improvement opportunities to further strengthen the cyber resilience of VPPs through cyber-resilience maneuvering.
What you bring to the table
- You are studying Computer Science, Electrical Engineering or a comparable subject
- Interest in current developments in the field of cyber resilience.
- Knowledge in the fields of energy systems and software development is advantageous.
- Interest in interdisciplinary research: Cyber security engineering; Human factors in security and privacy; Usable security and privacy
- A high degree of initiative and team spirit
- Good language skills in German or English
What you can expect
- Professional supervision and collaboration in a dedicated team
- Ideal conditions for practical experience alongside your studies
The weekly working time is 39 hours. This position is also available on a part-time basis. We value and promote the diversity of our employees' skills and therefore welcome all applications - regardless of age, gender, nationality, ethnic and social origin, religion, ideology, disability, sexual orientation and identity. Severely disabled persons are given preference in the event of equal suitability.
With its focus on developing key technologies that are vital for the future and enabling the commercial utilization of this work by business and industry, Fraunhofer plays a central role in the innovation process. As a pioneer and catalyst for groundbreaking developments and scientific excellence, Fraunhofer helps shape society now and in the future.
Interested? Apply online now. We look forward to getting to know you!
Fraunhofer Institute for Secure Information Technology SIT
Requisition Number: 73862 Application Deadline:
Job Segment: Computer Science, Cyber Security, Electrical Engineering, Engineer, Part Time, Security, Technology, Engineering