Award Abstract # 1901728
CPS: Synergy: Collaborative Research: Foundations of Secure Cyber-Physical Systems of Systems

NSF Org: CNS
Division Of Computer and Network Systems
Recipient: OBERLIN COLLEGE
Initial Amendment Date: October 23, 2018
Latest Amendment Date: October 23, 2018
Award Number: 1901728
Award Instrument: Standard Grant
Program Manager: David Corman
CNS
 Division Of Computer and Network Systems
CSE
 Directorate for Computer and Information Science and Engineering
Start Date: August 16, 2018
End Date: September 30, 2021 (Estimated)
Total Intended Award Amount: $174,135.00
Total Awarded Amount to Date: $174,135.00
Funds Obligated to Date: FY 2016 = $174,135.00
History of Investigator:
  • Stephen Checkoway (Principal Investigator)
    stephen.checkoway@oberlin.edu
Recipient Sponsored Research Office: Oberlin College
173 W LORAIN ST
OBERLIN
OH  US  44074-1057
(440)775-8461
Sponsor Congressional District: 05
Primary Place of Performance: Oberlin College
Oberlin
OH  US  44074-1090
Primary Place of Performance
Congressional District:
05
Unique Entity Identifier (UEI): ZY4LY6PDKLM1
Parent UEI:
NSF Program(s): CPS-Cyber-Physical Systems
Primary Program Source: 01001617DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 7918
Program Element Code(s): 791800
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

Factories, chemical plants, automobiles, and aircraft have come to be described today as cyber-physical systems of systems--distinct systems connected to form a larger and more complex system. For many such systems, correct operation is critical to safety, making their security of paramount importance. Unfortunately, because of their heterogeneous nature and special purpose, it is very difficult to determine whether a malicious attacker can make them behave in a manner that causes harm. This type of security analysis is an essential step in building and certifying secure systems.

Unfortunately, today's state of the art security analysis tools are tailored to the analysis of server, desktop, and mobile software. We currently lack the tools for analyzing the security of cyber physical systems of systems. The proposed work will develop new techniques for testing and analyzing security properties of such systems. These techniques will be used to build a new generation of tools that can handle the complexity of modern cyber-physical systems and thus make these critical systems more secure.The technical approach taken by the investigators is to applying proven dynamic analysis techniques, including dynamic information flow tracking and symbolic execution, to this problem. Existing tools, while powerful, are monolithic, designed to apply a single technique to a single system. Scaling them to multiple heterogeneous systems is the main contribution of the proposed work. To do so, the investigators will develop a common platform for cross-system dynamic analysis supporting arbitrary combinations of component execution modes (physical, simulated, and emulated), requiring new coordination mechanisms. Second, building on the platform above, they will implement cross-system dynamic information flow tracking, allowing dynamic information flow tracking across simulated, emulated, and potentially physical components. Third, they will extend existing symbolic/concrete execution techniques to execution across multiple heterogeneous systems. Fourth, they will introduce new ways of handling special-purpose hardware, a problem faced by dynamic analysis tools in general.

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

One of things that makes cyber-physical systems difficult to test for vulnerabilities is that the software is designed to operate in a specific environment, where it "talks" to sensors, actuators, and other information systems. To test how such systems might behave under attack, researchers need to be able to simulate the target system's operating environment. This project has developed two kinds of techniques to make this possible.

First, the project developed a physical testbed and a set of software tools for testing aircraft systems for security vulnerabilities, which the team uses to test commercial aircraft systems. The testbed simulates a realistic aircraft environment (from the point of view of a particular system under test) and allows researchers to test what-if cyber-attack scenarios and understand how aircraft systems would respond to potential cyber-attacks. The testbed works by connecting physical and simulated aircraft computers in a reconfigurable network.

Second, the project also developed new analysis techniques for testing complex cyber-physical systems for security vulnerabilities, which are being used on systems ranging from aircraft to power grid components. These techniques use information implicitly present in the software of a system to infer how the hardware of the system needs to behave for the software to work correctly. This allows researchers to automatically create a hardware environment that behaves the way the software expects. This makes it possible to use advanced testing and analysis techniques on the software to check for security vulnerabilities.

Third, project personnel participated in the first two Aviation Villages at DEFCON 2019 and 2020, the premier industry security conference. By participating in both industry venues as well as academic venues, we introduced some of the challenges in aviation security to a broader set of researchers than if we had focused exclusively on traditional academic conferences.

Fourth, the project has provided training to a large group of undergraduate, masters, and doctoral students at UC San Diego, the University of Illinois, the University of Illinois at Chicago, and Oberlin College. The project has led to an exchange of students where undergraduates at the University of Illinois and UC San Diego have graduated and are now pursuing Ph.D.s at the other institution while continuing to work on the project.

Finally, project personnel have provided technical guidance to Boeing, Pacific Northwest National Laboratories, and the Department of Homeland Security on matters of aviation cyber-security.


Last Modified: 01/31/2022
Modified by: Stephen F Checkoway

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page