CPS: Synergy: Information Flow Analysis for Cyber-Physical System Security

Abstract: This project develops a theory of accountability that encompasses both control and computing systems. A unified theory of accountability in Cyber-Physical Systems (CPS) can be built on a foundation of causal information flow analysis, a well-established set of methods for computer security. Information flow properties model how inputs of a system affect its outputs. Causal information flow notions provide a useful foundation for accountability since they support traceability, that is, not just detection of violations but also responsibility-assignment, which then can be used to adopt corrective measures. The intellectual merit of the proposed project lies in developing a unified foundation for CPS security based on theories of accountability, which build on causal information flow analysis. Broader impacts include the design of resilient and secure CPS, a key to sustaining reliable operation of a wide range of critical infrastructure applications for societal benefit, such as transportation and smart-grid systems. The project is organized into three major thrusts. With regards to attack detection the project develops information flow analyses to support passive and active detection against realistic adversaries. First, a general framework of information flows to recover existing results related to detection in a unified manner is proposed. Second, information flows are used as an analysis tool, with the goal of producing new results on active detection and stealthy attack characterization. The proposed project will employ this framework to formally study a set of general questions about detection. With respect to responsibility assignment and identification, the project seeks to develop theory and methodologies for identifying nodes responsible for an attack by a novel combination of methods from cryptography and control theory. In particular, it will leverage tools from traitor tracing in cryptography to efficiently search for subsets of nodes that contain malicious or faulty entities. It will employ methods from control theory to evaluate if given subsets of nodes are misbehaving or normal and it will investigate control and design policies to directly attribute information flows to distinct entities. The final task seeks to develop corrective measures via resilient system design and control. This task seeks to develop algorithms to support resilient offline (resource allocation) and online (architectures and algorithms that enable resilient online control) design of CPS and analysis tools to evaluate the security of CPS under composition.