| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | July 13, 2015 |
| Latest Amendment Date: | May 11, 2016 |
| Award Number: | 1505610 |
| Award Instrument: | Standard Grant |
| Program Manager: |
David Corman
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | July 15, 2015 |
| End Date: | June 30, 2019 (Estimated) |
| Total Intended Award Amount: | $333,298.00 |
| Total Awarded Amount to Date: | $349,298.00 |
| Funds Obligated to Date: |
FY 2016 = $16,000.00 |
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
300 W. 12TH STREET ROLLA MO US 65409-1330 (573)341-4134 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
301 W. 16th St. Rolla MO US 65409-6506 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): |
Special Projects - CNS, CPS-Cyber-Physical Systems, Secure &Trustworthy Cyberspace |
| Primary Program Source: |
01001617DB NSF RESEARCH & RELATED ACTIVIT |
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
Modern systems such as the electric smart grid consist of both cyber and physical components that must work together; these are called cyber-physical systems, or CPS. Securing such systems goes beyond just cyber security or physical security into cyber-physical security. While the threats multiply within a CPS, physical aspects also can reduce the threat space. Unlike purely cyber systems, such as the internet, CPS are grounded in physical reality. In this project, this physical reality is used to limit an attacker's ability to disrupt the system by limiting his/her ability to lie about his/her actions; if an attacker is inconsistent with physical reality, his/her actions are detectable and damage his/her reputation for future interactions with the system. The impacts of this work are far-reaching, as it creates a basis for developing inherently security CPS for not only the electric smart grid, but also advanced transportation and building environmental systems. A new generation of interdisciplinary scientists and engineers are being trained through this research.
This project formulates a novel methodology that incorporates knowledge from both the cyber and physical domains into a distributed algorithm and ensures the trustworthiness, thus security, of the composed system. Metrics for security are also derived and rest on logical invariants that express correctness. The invariants either check the validity of a local action or the accuracy of remote data. They may be used as guards against an action, or may be incorporated into a dynamic reputation-based algorithm.
As a testbed, a multilateral energy system on an electrical network will be studied. Preliminary studies of this system have resulted in algorithms that isolate malicious nodes within the context of a single algorithm, using a reputation metric that compares cyber information flows to physically measurable signals. The work will be extended to other algorithms and other related power systems, a generalizable framework will be developed, and more complete metrics will be derived.
The project has important broader impact. It develops new approaches for securing critical infrastructure based on both and cyber and physical system aspects. The project also includes graduate and undergraduate involvement in cyber-physical systems research and design through involvement with testbeds and the Missouri Science and Technology Solar House team which designs and constructs houses for competition in the US Department of Energy Solar Decathlon.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
The objective of this project was to formulate a novel methodology for creating secure algorithms in cyber-physical systems and to develop metrics for evaluating the security of composed systems. Because a cyber-physical system comprises many interconnected devices, which exchange information both through cyber networks and physical interactions, additional security vulnerabilities arise. Secure communications on the cyber network is insufficient to maintain system security.
The approach relies on the additional information available from the physical system to secure that all information exchanges are trustworthy. Each device in the system takes actions that may be physically observed by other devices. For example, in a smart grid, a device generates a certain amount of power, and also communicates its generation value via the cyber network. Other devices are able to observe the impact of the actual power generation—changes in voltage and current, for example—and use that observation to validate the communicated information.
The foundation of the approach is a set of invariants, which are logical statements that must be true. For example, the law of the conservation of energy, when applied to a smart grid, produces a set of restrictions on the power flows. These invariants are used to check the validity of information, guard against actions, and evaluate the reputation of each communicating device.
Multiple security domain non-deducibility (MSDND) is an essential concept that identifies whether a system is security, or may be made secure. If subsystem A is MSDND secure with respect to subsystem B, then a device in B cannot know if devices in A are trustworthy or not. That is, if information is MSDND secure, then its integrity cannot be evaluated. Integrity may sometimes be restored with information from a physical invariant. The MSDND concept provides an invaluable tool for evaluating system architecture decisions.
Physical switched-system stability was also analyzed using Lyapunov functions. A Lyapunov function represents the incremental stored energy in the system. Restrictions on switch timing were derived so that stability is ensured. These restrictions may be encoded as invariants and used as guards on cyber actions.
The intellectual merit of this project was the application of invariants and MSDND to smart grids and other cyber-physical systems. These design and analysis tools may be used to prevent malicious devices in the CPS from disrupting both cyber and physical behavior of the system. Invariants provide an essential tool for communicating across disciplinary boundaries by encapsulating information from any domain into logical statements that may be evaluated in a cyber system. Additionally, dynamics of a generic switched system were analyzed and restrictions were identified that guarantee practical stability.
The broader impacts of this project include more secure cyber-physical systems in many applications. While the analysis was primarily applied to a smart grid, similar methods were also applied to water treatment and aircraft control systems, demonstrating the universality of MSDND and the invariant concept. Through this project, students and researchers learned how to translate their work across disciplinary boundaries, an essential skill for the future of CPS research.
Last Modified: 11/15/2019
Modified by: Jonathan Kimball
Please report errors in award information by writing to: awardsearch@nsf.gov.
