The increasing complexity of cyber threats targeting critical infrastructure has made securing power grids and distributed systems more urgent than ever. As cyber-physical systems become increasingly integrated into essential services, the need for resilient, adaptable security solutions is paramount. At the forefront of this effort is Sahiti Bommareddy, a Ph.D. candidate in Computer Science at Johns Hopkins University, whose work in Byzantine-resilient systems is transforming how critical infrastructure withstands cyberattacks and operational failures.
Sahiti has played a key role in the development of Spire and Prime, two groundbreaking open-source tools designed to fortify power grid security. These tools leverage Byzantine-resilient architecture to ensure continuous operation, even in the face of advanced cyber threats. "The inspiration was to remove barriers with open-source software," Sahiti explains. "By making these tools open-source, we ensure rigorous evaluation and deployment without vendor lock-in."
Her work champions transparency and accessibility, allowing institutions, researchers, and industry leaders to collaboratively test, refine, and deploy robust cybersecurity solutions. Through her contributions, Spire and Prime are not only securing power grids but also shaping the future of open-source innovation in critical infrastructure protection.
The Inspiration Behind Spire and Prime
Sahiti's motivation for developing open-source tools like Spire and Prime stemmed from a belief that critical infrastructure security should not be confined by proprietary restrictions. "Open-source solutions foster transparency, collaboration, and widespread adoption," she explains, making them particularly effective for securing essential systems like the power grid. By offering these tools without vendor lock-in, her work ensures that researchers, industry professionals, and government agencies can independently evaluate, improve, and deploy Byzantine-resilient solutions.
Another driving factor was the high cost of specialized equipment used in power grid infrastructure, such as protective relays that can cost tens of thousands of dollars each. Sahiti's research demonstrated that real-time, open-source software running on commercial off-the-shelf (COTS) hardware could deliver equivalent security and resilience at a fraction of the cost. This affordability lowers the barrier to adoption, enabling utilities to protect their systems without relying on vendor-specific hardware.
Ultimately, her goal with Spire and Prime was to bridge the gap between cutting-edge research and practical deployment, ensuring Byzantine resilience is accessible, adaptable, and cost-effective for critical infrastructure worldwide.
Securing Power Grids with Open-Source Tools
Spire and Prime address power grid vulnerabilities by embracing a proactive, Byzantine-resilient approach that assumes parts of the system will inevitably be compromised. Unlike traditional cybersecurity models that focus on detecting and responding to known threats, these tools ensure that attackers cannot gain full control or disrupt operations, even if they breach certain components.
"My research takes a Byzantine-resilient approach, ensuring that even if attackers infiltrate some components, they cannot gain full control or disrupt critical operations," Sahiti explains. This broad threat model accounts for both existing vulnerabilities and future threats, including zero-day exploits.
A key advantage of Spire and Prime is their ability to future-proof grid infrastructure. They achieve this through Byzantine fault-tolerant (BFT) replication and proactive recovery, which includes automatic system resets and cryptographic key rotations. This design forces attackers into a continuous cycle of re-infiltration, making persistent attacks impractical. Moreover, the tools are designed for seamless deployment on existing grid infrastructure, running efficiently on commercial off-the-shelf (COTS) hardware.
"They are compatible with existing SCADA systems, allowing utilities to incrementally enhance security without disrupting operations," Sahiti adds. This combination of resilience, affordability, and compatibility makes Spire and Prime uniquely suited for real-world deployment in critical infrastructure environments.
Collaborating with Industry Leaders
Collaborating with industry leaders like General Electric, Siemens, and Hitachi Energy played a crucial role in transforming Spire and Prime from theoretical advancements into practical, deployable solutions for real-world power grid infrastructure. From the outset, these industry partners were actively involved, with their hardware and SCADA systems integrated into testbeds that closely mirrored actual grid operations. "We onboarded General Electric (GE), Siemens, and Hitachi Energy as industry partners to ensure that our solutions were practical, deployable, and compatible with real-world power grid infrastructure," Sahiti explains.
A pivotal part of the testing process was the purple team exercise conducted at Pacific Northwest National Laboratory (PNNL), where cybersecurity experts from Sandia National Laboratories (SNL) collaborated to identify vulnerabilities and strengthen defenses. Unlike traditional red and blue team exercises, this approach involved continuous, real-time collaboration between attackers and defenders. Over 140 attack scenarios were tested, including root-level system compromises, denial-of-service (DoS) attacks, and man-in-the-middle (MITM) exploits.
According to Sahiti, "GE, Siemens, and Hitachi Energy were actively involved, ensuring they understood how Spire withstands real-world threats." This rigorous, collaborative process not only refined the tools but also ensured that Spire and Prime transitioned smoothly into industry environments, demonstrating how cutting-edge research can successfully bridge into critical infrastructure deployment.
Bridging Research and Real-World Solutions
Sahiti emphasizes that open-source contributions like Spire and Prime are crucial in transforming academic innovations into practical, industry-level solutions for critical infrastructure security. While academic research often generates cutting-edge advancements, many of these breakthroughs remain confined to lab settings. "By making Spire and Prime open-source, we ensure that they are accessible, testable, and adaptable for industry partners, enabling them to move beyond research papers and into actual grid deployments," she explains.
This open-access approach fosters transparency, allowing industry professionals to inspect, test, and refine security mechanisms without depending on proprietary solutions. Spire and Prime are designed to integrate seamlessly with existing infrastructure, running on commercial off-the-shelf (COTS) hardware and compatible with current SCADA systems. This ensures that utilities can adopt these tools without costly system overhauls. Sahiti highlights how early collaboration with GE, Siemens, and Hitachi Energy was essential, as their involvement ensured the solutions were not just theoretically sound but also operationally viable.
By offering cost-effective, open-source tools, her work has lowered the barrier to adoption, enabling even smaller operators to secure their critical systems and turning Byzantine resilience from a research concept into a real-world defense against evolving cyber threats.
Industry Feedback and Real-World Impact
Industry feedback on the implementation of Spire and Prime has been overwhelmingly positive, validating their effectiveness in real-world deployments and shaping ongoing research efforts. Sahiti highlights how collaboration with partners like GE, Siemens, and Hitachi Energy was instrumental in refining the tools to meet industry standards. "Their insights have played a crucial role in refining and evolving our research, ensuring that Spire and Prime are not just academically rigorous but also operationally effective in real-world deployments," she explains.
Extensive testing, including purple team exercises at Pacific Northwest National Laboratory (PNNL) and Sandia National Laboratories (SNL), demonstrated Spire's resilience against over 140 sophisticated attack scenarios, such as system compromises, network breaches, and zero-day exploits. Industry partners were particularly impressed by the system's ability to withstand attacks while maintaining real-time performance.
Moreover, the seamless integration of Spire and Prime with existing SCADA systems and commercial off-the-shelf (COTS) hardware addressed concerns about costly infrastructure overhauls. This adaptability has sparked interest beyond the power sector, with growing momentum to expand Byzantine resilience into other critical domains, such as water treatment, oil and gas, and financial networks. This broader industry interest continues to guide Sahiti's research as she works to adapt Spire's architecture for diverse critical infrastructure environments.
Academic Adoption and Wider Influence
Spire and Prime have gained significant traction in academic circles, extending their impact far beyond industry applications. Sahiti highlights how these open-source tools have empowered research groups and institutions to advance intrusion-tolerant SCADA systems, Byzantine resilience, and real-time cybersecurity for critical infrastructure. "Several research groups and institutions have leveraged these tools to advance intrusion-tolerant SCADA systems, Byzantine resilience, and real-time cybersecurity solutions for critical infrastructure," she explains. For instance, Spire has become a benchmark for evaluating Byzantine fault-tolerant models, particularly in multi-site replication and resilience against network attacks.
Academic teams have also built upon Spire's machine learning-based anomaly detection to enhance cybersecurity awareness in SCADA systems. Notably, Sahiti's award-winning paper, *Tolerating Compound Threats in Critical Infrastructure Control Systems*, introduced Reconfigurable Spire, a novel mechanism for mitigating compound threats where cyberattacks coincide with natural disasters. This work earned the Best Paper award at SRDS 2024, further encouraging exploration into reconfiguration-based Byzantine resilience.
"By making Spire and Prime open-source, my research has lowered the barrier to entry for studying Byzantine resilience," Sahiti notes, adding that this accessibility has fostered collaborations between academia, industry, and national labs. As a result, Spire and Prime continue to shape the next generation of secure, intrusion-tolerant critical infrastructure while driving advancements in cloud computing, industrial control systems, and IoT security.
Driving Innovation Through Open-Source
Sahiti views open-source tools like Spire and Prime as powerful drivers of innovation, transforming critical infrastructure security by making Byzantine resilience accessible, adaptable, and scalable. "By removing proprietary barriers, these tools enable researchers, industry leaders, and national security agencies to collaboratively test, refine, and deploy cutting-edge intrusion-tolerant architectures," she explains. This collaborative approach not only accelerates advancements in cybersecurity but also ensures that solutions are continuously improved and adapted to real-world challenges.
The open nature of Spire and Prime has sparked cross-sector innovation, leading to breakthroughs in machine learning-based intrusion detection, reconfigurable security for compound threats, and adaptive SCADA resilience. By allowing contributions from the global research community, these tools are shaping the future of cybersecurity for critical infrastructure. "Just as open-source software revolutionized computing, Spire and Prime are laying the foundation for a more secure, resilient, and future-proof critical infrastructure ecosystem," Sahiti notes, emphasizing the role of collaboration in driving sustainable advancements.
The Future of Critical Infrastructure Security
Sahiti envisions Spire and Prime playing a crucial role in securing not just power grids but a broader range of critical infrastructure sectors, including water treatment, oil and gas, and transportation networks. As cyber threats grow more sophisticated, she anticipates a shift toward security models that assume systems will be compromised and focus on ensuring continuous operation despite attacks. "Industries will seek intrinsically resilient security models that assume compromise is inevitable and ensure continuous operation despite attacks," she explains, emphasizing the need for proactive defense strategies.
Looking ahead, Sahiti sees the integration of AI with Byzantine resilience as a key driver of future advancements. She anticipates developments such as AI-powered anomaly detection that evolves with emerging threats, automated security orchestration for real-time response, and predictive resilience models that can identify vulnerabilities before they are exploited.
"This fusion of AI, real-time Byzantine resilient systems, and intrusion-tolerant networks will reshape how critical infrastructure is secured," she notes, highlighting a future where autonomous, self-healing cybersecurity architectures enable industries to maintain uninterrupted operations while proactively defending against cyberattacks.
The rise of open-source solutions marks a pivotal shift in cybersecurity, and Sahiti stands at the forefront of this movement with her contributions to Spire and Prime. These tools, developed through collaboration between academia and industry, have already strengthened the resilience of critical infrastructure and will continue to evolve to meet emerging threats. Sahiti's work exemplifies the power of transparency and innovation in cybersecurity, fostering a future where open-source platforms drive real-world security solutions.
As industries face increasingly sophisticated cyber threats, her vision extends beyond power grids, advocating for resilient, self-adaptive models that ensure operational continuity across various sectors. With advancements in AI further shaping intrusion-tolerant architectures, her research paves the way for a future where critical infrastructure remains secure, adaptable, and resistant to ever-changing cyber risks.
ⓒ 2025 TECHTIMES.com All rights reserved. Do not reproduce without permission.
