Visible to the public CPS: Synergy: Collaborative Research: Foundations of Secure Cyber-Physical Systems of SystemsConflict Detection Enabled

Project Details
Lead PI:Stephen Checkoway
Performance Period:08/16/18 - 09/30/19
Institution(s):Oberlin College
Sponsor(s):National Science Foundation
Award Number:1901728
27 Reads. Placed 520 out of 803 NSF CPS Projects based on total reads on all related artifacts.
Abstract: Factories, chemical plants, automobiles, and aircraft have come to be described today as cyber-physical systems of systems--distinct systems connected to form a larger and more complex system. For many such systems, correct operation is critical to safety, making their security of paramount importance. Unfortunately, because of their heterogeneous nature and special purpose, it is very difficult to determine whether a malicious attacker can make them behave in a manner that causes harm. This type of security analysis is an essential step in building and certifying secure systems. Unfortunately, today's state of the art security analysis tools are tailored to the analysis of server, desktop, and mobile software. We currently lack the tools for analyzing the security of cyber physical systems of systems. The proposed work will develop new techniques for testing and analyzing security properties of such systems. These techniques will be used to build a new generation of tools that can handle the complexity of modern cyber-physical systems and thus make these critical systems more secure.The technical approach taken by the investigators is to applying proven dynamic analysis techniques, including dynamic information flow tracking and symbolic execution, to this problem. Existing tools, while powerful, are monolithic, designed to apply a single technique to a single system. Scaling them to multiple heterogeneous systems is the main contribution of the proposed work. To do so, the investigators will develop a common platform for cross-system dynamic analysis supporting arbitrary combinations of component execution modes (physical, simulated, and emulated), requiring new coordination mechanisms. Second, building on the platform above, they will implement cross-system dynamic information flow tracking, allowing dynamic information flow tracking across simulated, emulated, and potentially physical components. Third, they will extend existing symbolic/concrete execution techniques to execution across multiple heterogeneous systems. Fourth, they will introduce new ways of handling special-purpose hardware, a problem faced by dynamic analysis tools in general.