
NSF Org: |
CNS Division Of Computer and Network Systems |
Recipient: |
|
Initial Amendment Date: | May 7, 2015 |
Latest Amendment Date: | May 26, 2022 |
Award Number: | 1453647 |
Award Instrument: | Continuing Grant |
Program Manager: |
Jeremy Epstein
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
Start Date: | June 1, 2015 |
End Date: | August 31, 2022 (Estimated) |
Total Intended Award Amount: | $480,484.00 |
Total Awarded Amount to Date: | $496,484.00 |
Funds Obligated to Date: |
FY 2016 = $134,018.00 FY 2017 = $81,216.00 FY 2018 = $128,686.00 FY 2019 = $45,146.00 |
History of Investigator: |
|
Recipient Sponsored Research Office: |
11200 SW 8TH ST MIAMI FL US 33199-2516 (305)348-2494 |
Sponsor Congressional District: |
|
Primary Place of Performance: |
10555 W Flagler St Miami FL US 33174-3900 |
Primary Place of
Performance Congressional District: |
|
Unique Entity Identifier (UEI): |
|
Parent UEI: |
|
NSF Program(s): |
Special Projects - CNS, CPS-Cyber-Physical Systems, Secure &Trustworthy Cyberspace |
Primary Program Source: |
01001617DB NSF RESEARCH & RELATED ACTIVIT 01001718DB NSF RESEARCH & RELATED ACTIVIT 01001819DB NSF RESEARCH & RELATED ACTIVIT 01001920DB NSF RESEARCH & RELATED ACTIVIT |
Program Reference Code(s): |
|
Program Element Code(s): |
|
Award Agency Code: | 4900 |
Fund Agency Code: | 4900 |
Assistance Listing Number(s): | 47.070 |
ABSTRACT
Cyber-Physical Systems (CPS) integrate devices that can interact with each other and the physical world around them. With CPS applications, engineers monitor the structural health of highways and bridges, farmers check the health of their crops, and ecologists observe wildlife in their natural habitat. Using sensory side-channels (e.g., light, temperature, infrared, acoustic), an adversary can successfully attack CPS devices and applications by (1) triggering existing malware, (2) transferring malware, (3) combining multiple side-channels to increase the impact of a threat, or (4) leaking sensitive information. This project develops novel security tools and techniques to protect CPS devices and applications against sensory side-channel threats. The project results are released as an open source project, so interested software developers can extend and reuse them in other CPS research. Broader impacts include educational training and tools for the CPS field, and a collaboration with the Miami-Dade County Public Schools (M-DCPS), to expose underrepresented middle school students to state-of-the art technology topics to pique students' interests in cyber-security and cyber-physical systems.
The project investigates the sensory side-channel (e.g., acoustic, seismic, light, temperature) threats to CPS devices and applications and evaluates the feasibility and practicality of the attacks on real CPS equipment. The result is novel sensory side-channel-aware security tools and techniques for the CPS devices. Specifically, the principal investigator (1) analyzes the physical characteristics of the sensory CPS side-channels to understand how the physical world impacts the cyber world of CPS devices; (2) investigates the information leakage through the sensory side-channels on the CPS devices; (3) develops a novel IDS particularly designed to be aware of the sensory CPS side-channels; (4) designs and develops a CPS security testbed for test and experiments on real equipment and simulation tools.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Emerging Cyber-Physical Systems (CPS) and Internet of Things (IoT) devices include numerous sensors onboard such as light, temperature, gyroscope, accelerometer, infrared, acoustic to facilitate our lives and the applications. However, these devices and applications can be hacked via their sensors.
In this project, we first investigated the sensor-based threats to CPS and IoT devices and applications and evaluated the feasibility and practicality of the attacks in real environments. For this, we showed how some existing IoT and smart platforms were vulnerable to sensor-based threats using real data from the devices and apps. Then, we developed novel context-aware security tools and techniques that are configurable and easy-to-deploy utilizing different machine learning (ML) algorithms. We tested the efficacy of the solutions with extensive analysis and data from real environments. In our solutions, we analyzed the trade-offs between security and performance, and found an optimal balance between them. Our formal security models and analysis have been supported by our extensive implementations and user studies.
The project team consisted of one PI and several PhD and undergraduate students from the PI's institute. The team members gained hands-on experience and improved their knowledge basis in the area of cybersecurity. They were also actively involved in paper writing and patent filing processes. Research findings have been disseminated through publishing numerous research papers, PhD dissertations, filing patent applications (2 awarded and 2 pending), presentations and papers at top-tier cybersecurity conferences and journals, doing several demos of the project, and giving numerous invited talks. The project produced one of the first practical novel context-aware security tools and techniques that can be easily used in a wide variety of use-cases in a cost-effective and convenient manner against serious sensor-based cyber threats. Moreover, the PI introduced the different cybersecurity tools developed in this project to thousands of K-12 Miami-Dade County Public Schools (M-DCPS) visiting the PI's lab to expose the students to the state-of-the art technology topics to pique their interests in cyber-security and cyber-physical and IoT systems.
Today, CPS and IoT devices and applications are not solely used by computer engineers and scientists, but also by ecologists for observing wildlife, geophysicists for monitoring seismic activities of volcanoes, farmers for precision agriculture, civil engineers for monitoring the health of deteriorating civil structures like highways and bridges, medical doctors and nurses for monitoring patients, and technology enthusiasts to develop applications. Since a significant number of critical functionalities in the CPS/IoT realm of other disciplines are also realized by interaction with the real world through the sensors, understanding the threats emanating from the sensory equipment on IoT and CPS devices and applications and securing the sensors through the tools that were developed in this project will have a significant impact on other disciplines as well.
Last Modified: 12/30/2022
Modified by: Selcuk Uluagac
Please report errors in award information by writing to: awardsearch@nsf.gov.