Heterogeneous Cluster for Cyber-Physical System Security Analytics

Abstract

The Defense University Research Instrumentation Program (DURIP) is designed to improve the capabilities of U.S. Universities to conduct research and to educate scientists and engineers in selected technical areas of importance to national defense. DURIP funding provides for the acquisition of research equipment and instrumentation for this purpose. This proposal is for the purchase of a heterogeneous computer cluster (with CPU/MIC co-processor/FPGA) The PI, Professor John Hale of the University of Tulsa, will use the equipment to augment and enhance research capabilities in the area of Cyber-Physical System Security Analytics. Objectives: This project is developing a novel computational resource in the form of a heterogeneous computer cluster as a platform for research and innovation in cyber physical system (CPS) security analytics. Three lines of research of direct interest to the Army Research Office will be supported by this cluster: 1) CPS attack analysis using hybrid attack graphs, 2) SCADA network security intelligence, and 3) acceleration strategies for open source security analysis tools. These initiatives build on research supported by AFOSR and underpin research efforts described in recent proposals to National Science Foundation, the Department of Energy and the Department of Homeland Security. Methods: The cluster architecture comprises 12 nodes, each equipped with a CPU, 2 MiC co-processors, and a FPGA. The differential capabilities resident in each node offer compelling opportunities to use advanced parallel programming technologies such as OpenCL to fully exploit the heterogeneous nature of solutions spaces for complex analytical challenges. The cluster will be installed in The University of TulsaÕs Development Network (DevNet) Ð an environment designed for computing research and experimentation. It will be co-resident and connected to an existing cluster (Anvi1 Ð a 36 node dual quad core 2.7 GHz Xeon system with 32 GB of RAM per node) and application and storage servers. This new cluster is anticipated to have an optimal performance lifespan of 3-4 years, establishing a sustainable HPC ecosystem for research in security analytics. Significance: Security analytic solutions confront challenges of big data and demands for instant intelligence. Sensors and monitors create terabytes of traffic, logs and security event data, overwhelming analysts. At the same time, the evolution of threat and adversary forces a shift from periodic risk assessment and mitigation to continuous monitoring and real-time response, creating computational challenges. Cyber physical systems (CPSs) comprise critical infrastructures, operating in discrete and continuous domains. Effective CPS security management requires awareness of blended attack vectors exploiting vulnerabilities in networks and hazards in physical processes. Attack surfaces for CPSs are orders of magnitude more complex than those of traditional networks. As a consequence, CPS security analytics must be driven by high performance computing (HPC).

Document Details

Document Type

DoD Grant Award

Publication Date

Jan 12, 2017

Source ID

W911NF1510509

Entities

Tags