General Framework for Vulnerability Analysis of Cyber-Physical Systems

Abstract

Ensuring desired performance of complex Cyber-Physical Systems (CPS) under attack is very challenging. The attack space is significantly increased over what classical cyber security techniques address due to attack vectors that may also exploit the physical environment; e.g., the attacker may affect the system non-invasively using sensor spoofing. A critical first step in securing CPS is vulnerability analysis, capturing potential impacts of the attacks on the main system functionalities. However, the heterogenous nature of system components, and the potential use of legacy as well as modern learning-based components imposes significant limitations tothe use of existing methods to analyze such complex systems in the presence of attacks. Consequently, this project we will develop a vulnerability analysis framework for CPS with varying (including high) levels of autonomy. The proposed framework will enable system designer to identify early the components and sensing attack vectors thatcould significantly degrade system performance as well as endanger its operation. We will address a critical limitation of existing analysis methods by developing techniques for full longitudinal analysis of how the attacks on system sensing may affect the overall system behavior/mission. Specifically, we will provide model- and data-based methods for analysis of low-level CPS components, such as controllers and situational awareness modules, as well as for analysis of the full system design, while considering potential interactions between the modules.Techniques and tools developed in this project will be comprehensively evaluated on several relevant naval systems with varying levels of complexity and autonomy, such as modern vessels and unmanned aerial vehicles (UAVs). Furthermore, we will consider general CPS applications such as autonomous ground vehicles, due to the abundance of existing datasets and high-fidelity simulators. Evaluations will be done using existing open data sets, simulators, and testbeds suitable for security-aware design and analysis of cyber-physical components and systems.This proposal is strongly motivated by the urgent need to provide vulnerability analysis methods for (safety-critical) CPS, and thus the results of this project will directly impact the way these systems are analyzed and designed. The project will be performed by a team from Duke University, led by a recognized expert in the field of CPS, in general, and cyber-physical security, in particular.

Document Details

Document Type

DoD Grant Award

Publication Date

Feb 06, 2023

Source ID

N000142312206

Entities

Tags