About Me

Ph.D. student, Department of Computer Science
@ Johns Hopkins University.

Advisor : Dr. Yair Amir

Research interests : Intrusion-tolerant Systems and Networks, Critical Infrastructure, Distributed Algorithms, Replication and Networks.

Research

Research

My primary research focuses on designing and building resilient critical infrastructure. Many sectors of society depend on critical infrastructure such as the power grid, making them essential to the functioning of society. Supervisory Control and Data Acquisition (SCADA) systems provide automated control and remote monitoring of such systems. Traditionally SCADA systems (equipment and software) were designed to be operated in the air-gapped environment without network interconnectivity or exposure. However, over time many factors such as cost-effectiveness and scalability drove vendors and utilities to adopt standard Information Technology (IT) platforms, increasing their interconnectivity to other networks beyond the traditional limits of Operational Technologies (OT). As a result, sophisticated attacks increasingly target power grid SCADA systems. These overwhelmingly increasing threats drive the need to build intrusion-tolerant techniques in resilient SCADA systems.



Real-Time Byzantine Resilience

In the world of increasing cyber threats, a compromised protection relay can put power grid resilience at risk by irreparably damaging costly power assets (tens of thousands of dollars), causing significant disruptions, or leading to an inconsistent state. This projects develops Byzantine Fault Tolerant architecture and protocols to protect bulk power system components (345kV transformer) even when some protection relays (protecting the assets) are compromised. While developing Byzantine Fault Tolerant protocols is challenging, a power grid substation's worst-case latency requirement is a quarter power cycle, i.e., four milliseconds, adding a real-time response challenge.
Spire of the Substation is the first Real-time Byzantine Resilient System for the power grid substations is built to maintain correct operation while satisfying the performance and latency requirements, even in the face of successful compromises and network attacks in power grid substations. The work uses proactive recovery and diversity to allow the system to survive unbounded number of compromises over the system lifetime, as long as the number of simultaneous compromises does not exceed a certain threshold. Finally, machine learning-based situational awareness modules supplement the intrusion-tolerant system.
The system is developed and delivered to be deployed in testbeds at General Electric, Siemens and Hitachi Energy.



Severe Impact Resilience

The joint threats of increasingly frequent severe natural disasters and follow-on sophisticated malicious cyberattacks are becoming increasingly realistic and seriously threaten critical infrastructure systems. This novel threat model and the impact of such threats on critical infrastructure are not well understood. The project defines the threat model and develops a framework to assess the impact of novel compound threats on critical infrastructure with the aim to develop severe impact resilient control systems.
One interesting outcome of initial work is that existing architectures are not resilient to compound threats. This led to many interesting research directions in Resilitient Systems for Critical Infrastructure where we are exploring more dynamic and flexible architectures compared to traditinal architectures.

Open Source Software Releases


The opensource software releases from my work in DSN Lab during my Ph.D.

Spire

Spire is an open-source intrusion-tolerant SCADA system for the power grid. Spire is designed to withstand attacks and compromises at both the system level and the network level, while meeting the timeliness requirements of power grid monitoring and control systems (on the order of 100-200ms update latency).

Spines

Spines is a generic messaging infrastructure that provides transparent unicast, multicast and anycast communication over dynamic, multi-hop networking environments without the need for expensive router programming environments or low level router coding. It provides automatic reconfiguration and network flexibility required for research and production deployments.

Prime

Prime is a Byzantine fault-tolerant replication engine that provides meaningful performance guarantees even after some of the replication servers have been compromised.

Publications


Real-Time Byzantine Resilient Power Grid Infrastructure: Evaluation and Tradeoffs

Sahiti Bommareddy, Maher Khan, David J Sebastian Cardenas, Carl Miller, Christopher Bonebrake, Yair Amir, Amy Babay

Accepted at International Workshop on Explainability of Real-time Systems and their Analysis at the IEEE Real-Time Systems Symposium (RTSS 2022)

Real-Time Byzantine Resilience for Power Grid Substations

Sahiti Bommareddy, Daniel Qian, Christopher Bonebrake, Paul Skare, Yair Amir

International Symposium on Reliable Distributed Systems, Vienna, Austria, September 2022, pp. 134-144

Data-Centric Analysis of Compound Threats to Critical Infrastructure Control Systems

Sahiti Bommareddy, Benjamin Gilby, Maher khan, Imes Chiu, Mathaios Panteli, John W. van de Lindt, Yair Amir, Amy Babay

Workshop on Data-Centric Dependability and Security (co-located with IEEE/IFIP DSN), Baltimore, USA 2022

Teaching

I had the great pleasure and opportunity to be Teaching Assistant and Special help on the following courses:

Advanced Distributed Systems (JHU EN.601.717):
The course is managed as a few discussion groups, each is focused around a selected research topic. Each group investigates far-reaching ideas, and designs and implements a useful semester-long project related to the topic.

Spring 2022

Distributed Systems (JHU EN.601.417/617):
The course teaches how to design and implement efficient tools, protocols and systems in a distributed environment.

Fall 2021 , Fall 2019

Software for Resilient Communities (JHU EN.601.310):
This is a project-based course focusing on the design and implementation of practical software systems. Students will work in small teams to design and develop useful open-source software products that support our communities. Students will be paired with community partners and will aim to develop software that can be used after the course ends to solve real problems facing those partners today.

Spring 2021

Intermediate Programming (JHU EN.601.220 ):
Programming in C and C++.

Fall 2020

Introduction to AI (Duke University, CS270):
The course is algorithms and representations used in artificial intelligence. Introduction to and implementation of algorithms for search, planning, decision, theory, logic, Bayesian networks, robotics and machine learning.

Spring 2019

Professional Experience


Specialized in application load analysis, performance evaluation, network performance analysis and optimization.

2013 - 2016 @ Aktrix Technologies : Co-Founder and Software Engineer

Led the performance engineering team on multiple client projects.

Ensured application performance Service-Level-Agreement(SLA) by identifying and resolving performance bottlenecks.

Initiated and led development of on an automated performance monitoring system to enable machine learning-based analysis, that reduced cost and time spent on RCA of performance degradation and bottleneck identification by 2x to 5x in each of the issue instances.

2011 - 2012 @ Deloitte : Performance Engineering Analyst

Reduced application transaction latency to bring it within the Service-Level-Agreement(SLA) window by identifying performance bottlenecks.

Received Applause Award in recognition of my application performance optimization efforts at Deloitte for both optimization and performing Root Cause Analysis (RCA) with traffic profiling, CPU, and memory utilization analysis.

Ensured guaranteed performance (backed by SLAs) in geo-distributed systems.

Contact