| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | August 15, 2016 |
| Latest Amendment Date: | August 15, 2016 |
| Award Number: | 1646493 |
| Award Instrument: | Standard Grant |
| Program Manager: |
David Corman
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | October 1, 2016 |
| End Date: | March 31, 2020 (Estimated) |
| Total Intended Award Amount: | $560,000.00 |
| Total Awarded Amount to Date: | $560,000.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
9500 GILMAN DR LA JOLLA CA US 92093-0021 (858)534-4896 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
La Jolla CA US 92093-0934 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | CPS-Cyber-Physical Systems |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
Factories, chemical plants, automobiles, and aircraft have come to be described today as cyber-physical systems of systems--distinct systems connected to form a larger and more complex system. For many such systems, correct operation is critical to safety, making their security of paramount importance. Unfortunately, because of their heterogeneous nature and special purpose, it is very difficult to determine whether a malicious attacker can make them behave in a manner that causes harm. This type of security analysis is an essential step in building and certifying secure systems.
Unfortunately, today's state of the art security analysis tools are tailored to the analysis of server, desktop, and mobile software. We currently lack the tools for analyzing the security of cyber physical systems of systems. The proposed work will develop new techniques for testing and analyzing security properties of such systems. These techniques will be used to build a new generation of tools that can handle the complexity of modern cyber-physical systems and thus make these critical systems more secure.The technical approach taken by the investigators is to applying proven dynamic analysis techniques, including dynamic information flow tracking and symbolic execution, to this problem. Existing tools, while powerful, are monolithic, designed to apply a single technique to a single system. Scaling them to multiple heterogeneous systems is the main contribution of the proposed work. To do so, the investigators will develop a common platform for cross-system dynamic analysis supporting arbitrary combinations of component execution modes (physical, simulated, and emulated), requiring new coordination mechanisms. Second, building on the platform above, they will implement cross-system dynamic information flow tracking, allowing dynamic information flow tracking across simulated, emulated, and potentially physical components. Third, they will extend existing symbolic/concrete execution techniques to execution across multiple heterogeneous systems. Fourth, they will introduce new ways of handling special-purpose hardware, a problem faced by dynamic analysis tools in general.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
This project developed new techniques to analyze the security of complex cyber-physical systems, with a special focus on automobile and aircraft systems. Project researchers used these techniques to expose the software mechanism used by Volkswagen and Fiat to evade diesel emissions tests, making their vehicle appear to produce fewer harmful emissions that they do in real-world driving conditions. Project researchers produced the first public technical description of the defeat devices used in these two makes of vehicles. Results of this work were used to regulators in the US and other jurisdictions to understand how these defeat devices worked, how to identify them, and what effect they have on emissions.
One of things that makes cyber-physical systems difficult to test for vulnerabilities is that the software is designed to operate in a specific environment, where it "talks" to sensors, actuators, and other information systems. To test how such systems might behave under attack, researchers need to be able to simulate the target system's operating environment. This project has developed two kinds of techniques to make this possible.
First, the project developed a physical testbed and a set of software tools for testing aircraft systems for security vulnerabilities, which the team uses to test commercial aircraft systems. The testbed simulates a realistic aircraft environment (from the point of view of a particular system under test) and allows researchers to test what-if cyber-attack scenarios and understand how aircraft systems would respond to potential cyber-attacks.
Second, the project also developed new analysis techniques for testing complex cyber-physical systems for security vulnerabilities, which are being used on systems ranging from aircraft to power grid components. These techniques use information implicitly present in the software of a system to infer how the hardware of the system needs to behave for the software to work correctly. This allows researchers to automatically create a hardware environment that behaves the way the software expects, and this makes it possible to use certain advanced testing and analysis techniques on the software to check for security vulnerabilities.
Third, project personnel participated in the first Aviation Village at DEFCON 2019, the premier industry security conference. By participating in both industry venues as well as academic venues, we introduced some of the challenges in aviation security to a broader set of researchers than if we had focused exclusively on traditional academic conferences. We plan to continue our participation in 2020.
Fourth, the project has provided training to a large group of undergraduate, masters, and doctoral students at UC San Diego, the University of Illinois, the University of Illinois at Chicago, and Oberlin College. The project has led to an exchange of students where undergraduates at the University of Illinois and UC San Diego have graduated and are now pursuing Ph.D.s at the other institution while continuing to work on the project.
Finally, project personnel have provided technical guidance to Boeing, Pacific Northwest National Laboratories, and the Department of Homeland Security on matters of aviation cyber-security.
Last Modified: 05/25/2020
Modified by: Kirill Levchenko
Please report errors in award information by writing to: awardsearch@nsf.gov.
