Indelible Security for Cyber-Physical Systems

Abstract

Overview: Massive numbers of smart cloud-connected devices, also dubbed as the Internet of Things (IoT), arepermeating our physical"" world (homes, hospitals, bodies (wearable devices), factories, and transportation to name a few) to gather/analyze data and act on" the insight derived. The complex IoT ecosystem and the abundance of interfaces via multiple small devices renders it vulnerable to" a host of nefarious security and privacy attacks: the edge devices sense the physical entities, accumulate private data, or activat"e/control tangible equipment with the potential of causing damages to the real-world. The available methodologies for conventional cloud security do not scale well tothe edge devices.Intellectual Merits: This proposal suggests a multi-pronged approach to compre"hensively address the IoT security vulnerabilities. More specifically, the proposal is focused on three separate but interrelated th"rusts. The first thrust is centered on security primitives that are rooted in the physical nature of the IoTs. These primitives prov"ide a solid basis for securing small devices (e.g., key generation, transient key exchange, and fast authentication) by attesting to"" thechip physical properties, as well as leveraging the properties of the communication and sensing channels. The second thrust is" centered on secure and private gathering of data and matching of content on the distributed nodes. More specifically we research multi-party secure computations of various complexity and privacy guarantees. The third thrust is concerned with performing more sophisticated data analytics on distributed devices such as nearest neighbor searchand machine learning. The physical nature of the netw"ork extends the vulnerabilities to the physical world suggesting threats to human lives, transportation systems, and other critical" infrastructure. The stringent performance and security requirements of IoTsmakes them an immediate example of a physical-digital e"cosystems where innovations are critical to keep pace with the growing amounts of complex data, real-time monitoring of the space. W""e shall provide methods for authenticating data, software, and firmware on the devices and among the transiently communicating devic""es, as well as secure and private gathering and analysis of data. In particular, we consider methodologies that have the potential t""o scale tolarger IoTs. Broader Impact: The results of this project will enable effective, scalable, practical and fundamental solut"ions for design and optimization of secure IoTs that directly translate to stronger cryptography and security for a myriads of modern tasks with sensitive data on constrained devices. The project has wide reaching applications from military to civilian usage. They" include secure processing of medical, sensor, and monitoring data, as well as personal, industrial, government, and military cloud" computing/data analytics. The research program is interdisciplinary and integratesknowledge not only across the fields of hardware design and security but also from optimization and machine learning. The resulting software tools andhardware modules will contribute to a lively and interactive education in security and will be relevant to a broad set of developers outside academia who design secure algorithms and applications. The PI plans to embark on an ambitious educational program that targets both undergraduate/ gra"duate students, and also addresses issues related to outreach. The PI has a track record for mentoring women and continues to play a" major role in engaging graduate women in ECE as well as outreaching to younger generations of women and minority students.

Document Details

Document Type

DoD Grant Award

Publication Date

May 05, 2017

Source ID

N000141712500

Entities

Tags