Platform-Level Services for Security of Naval Cyber-Physical Systems

Abstract

Providing security guarantees against cyber-physical attacks on Naval Cyber-Physical Systems (NCPS) is very challenging. The attack space is significantly increased over what classical cyber security techniques address due to attack vectors that may also exploit the physical-environment. Attacks on an NCPS may affect all parts of the system, as computational components and communicationnetworks may be subject to attacker~s interference, as well as the physical environment which may be maliciously altered to introduce non-invasive physical attacks (e.g., sensor spoofing). Furthermore, long lifetime of most NCPS and inherent resource-constraints effectively prevent heavy-duty cyber securitymechanisms from being continuously employed. Consequently, in this project we will focus on the techniques to design and retrofit these safety- and mission-critical naval systems to ensure their resilience to attacks. Specifically, this project will result in design and analysis techniques that provide strong performance guarantees for NCPS with varying levels of autonomy, even in the presence of attacks. To achieve this, we will develop a mix of platform awaresecurity services based on resource-aware attack-detection and identification, automatic synthesis of dynamic runtime safety enforcers (i.e., shields), platform-aware system checkpointing and safe recovery techniques, as well as scalable verification methods to provide strong security assurancewhen such services are deployed. Techniques and tools developed in this project will be comprehensively evaluated on several relevant NCPS case studies. Specifically, we will focus on design of platform-level security services for modern vessels and unmanned aerial vehicles, addressing threats on system components with increasing scale and complexity, such as autonomous navigation and vessels command-and-control systems (e.g., propulsion and ancillary systems). Evaluation will be done on open-source testbeds for security-aware design of naval cyber-physical components. This project is strongly motivated by the need to provide high-assurance for safety-critical NCPS, andthus the results of this project will directly impact the way naval systems are designed. The proposed research will significantly improve the state of the art design methods, which have unclear security guarantees. The project will be performed by a team from Duke University, led by a recognized expert in the field of cyber-physical systems, in general, and cyber-physical security and safety-critical cyberphysical systems design, in particular.

Document Details

Document Type

DoD Grant Award

Publication Date

Dec 16, 2019

Source ID

N000142012745

Entities

Tags