This work is partially supported by AFOSR DDDAS award # FA9550-12-1-0241, and NSF awards IIP- 0758579, DUE-1303362 and SES-1314631. Securing Smart Grids and Buildings Infrastructures and Services Jesus Horacio Pacheco Ramirez, Bilal Al Baalbaki, Jin Bai, Zhiwen Pan, Youssif Al Nashif and Salim Hariri http://acl.ece.arizona.edu/projects/current/aimsg/index.html Problem ZigBee BACnet Solution Controller Sensors Devices Observer Outputs Control Station 2 Control Station 1 • The development of Smart Grids is strongly linked to the utilization of technology that has the capability of enhancing system performance, reduce costs, and introduce new services by interconnecting (e.g. ZigBee, Wi-Fi, DNP3, BACNET) with internet (IoT). The problem arises when the system is directly exposed to attacks. Our goal is to build an effective intrusion detection system that can proactively detect anomalous actions generated by malicious devices from inside or outside networks. Xbee Arduino RF RF USB/Serial Output Controller PC Controller Xbee PRO DNP3 Operator Workstation Observer & Intrusion Detection System Attacker BACnet-IP To MSTP Router BACnet- Controller BACnet Sensors BACnet Field Devices Ethernet RS-485 To automate any software module or resource, we add two software modules: Observer and Controller • The Observer is used for sensing and analyzing the current state of managed system and predict its behavior. • The controller executes recommended actions to keep the managed system operating normally (self- manage). Utility AMI Network AMI Meter IN OUT BACnet