12:54 p.m., Sept. 2, 2015–Haining Wang, professor in the Department of Electrical and Computer Engineering at the University of Delaware, has received a three-year, $2-million grant from the Department of Homeland Security to investigate energy and power safety in data centers. Ohio State University and IBM Research will partner on the project.

Power and thermal management has become a critical priority in data centers, which can use as much electricity as a small town, Wang says.

In addition to the incurred high electric bills, rapid server deployment has caused the power distribution and cooling systems in data centers to approach peak capacities, while upgrades of these systems lag behind because of prohibitive costs.

To make matters worse, the power infrastructure is often oversubscribed to reduce capital and operational expenses. When power limits are violated, overloading of electrical circuits can cause branch circuit breakers to trip, leading to outages. Similarly, overheating due to high server density may cause hardware systems to shut down for self-protection.

“All of these energy and power vulnerabilities pose serious security threats to data centers, but little has been done to address these issues,” Wang says.

New types of attacks

Wang explains that energy, power, and thermal attacks are very different from conventional DDoS (distributed denial of service) attacks in terms of their purpose, methodology and effects.

In a DDoS attack, numerous compromised systems attack a single target with a flood of incoming messages, thereby denying service to legitimate users.

In contrast, with these new types of threats, traffic behaviors look similar to those of normal users, but their consequences can actually be more serious, as they aim to generate energy, power and thermal emergencies.

“Current power management and security mechanisms provide virtually no defense against these novel and dangerous attacks,” Wang says.

The researchers plan to develop a series of innovative techniques to proactively defend against these attacks, including the introduction of metrics such as average energy consumption per client, server power consumption, and server temperature increase.

Targeted solutions

To cope with power and thermal attacks, the plan is to implement online power estimation and measurement for incoming service requests, server temperature modeling and prediction, and power and thermal balancing in data centers.

Accurate power and thermal estimation and prediction will enable the timely detection of any power and thermal anomalies, so that proactive defense strategies can be activated to prevent power outages, server overheating, and server shutdowns.

“The success of this project will provide enhanced energy and power safeguards to assure operability of data centers,” says Starnes Walker, founding director of UD’s Cybersecurity Initiative.

“The result should be a significant increase in the availability and reliability of the entrusted data services the centers provide to support critical information flow and decision making.”

Article by Diane Kukich | Photo by Kathy F. Atkinson