Biblio

Filters: Author is Mooney, Vincent J.  [Clear All Filters]
2023-06-09
Keller, Joseph, Paul, Shuva, Grijalva, Santiago, Mooney, Vincent J..  2022.  Experimental Setup for Grid Control Device Software Updates in Supply Chain Cyber-Security. 2022 North American Power Symposium (NAPS). :1—6.
Supply chain cyberattacks that exploit insecure third-party software are a growing concern for the security of the electric power grid. These attacks seek to deploy malicious software in grid control devices during the fabrication, shipment, installation, and maintenance stages, or as part of routine software updates. Malicious software on grid control devices may inject bad data or execute bad commands, which can cause blackouts and damage power equipment. This paper describes an experimental setup to simulate the software update process of a commercial power relay as part of a hardware-in-the-loop simulation for grid supply chain cyber-security assessment. The laboratory setup was successfully utilized to study three supply chain cyber-security use cases.
2022-09-30
Hutto, Kevin, Mooney, Vincent J..  2021.  Sensing with Random Encoding for Enhanced Security in Embedded Systems. 2021 10th Mediterranean Conference on Embedded Computing (MECO). :1–6.
Embedded systems in physically insecure environments are subject to additional security risk via capture by an adversary. A captured microchip device can be reverse engineered to recover internal buffer data that would otherwise be inaccessible through standard IO mechanisms. We consider an adversary who has sufficient ability to gain all internal bits and logic from a device at the time of capture as an unsolved threat. In this paper we present a novel sensing architecture that enhances embedded system security by randomly encoding sensed values. We randomly encode data at the time of sensing to minimize the amount of plaintext data present on a device in buffer memory. We encode using techniques that are unintelligible to an adversary even with full internal bit knowledge. The encoding is decipherable by a trusted home server, and we have provided an architecture to perform this decoding. Our experimental results show the proposed architecture meets timing requirements needed to perform communications with a satellite utilizing short-burst data, such as in remote sensing telemetry and tracking applications.
2018-09-28
Wehbe, Taimour, Mooney, Vincent J., Keezer, David, Inan, Omer T., Javaid, Abdul Qadir.  2017.  Use of Analog Signatures for Hardware Trojan Detection. Proceedings of the 14th FPGAworld Conference. :15–22.
Malicious Hardware Trojans can corrupt data which if undetected may cause serious harm. We propose a technique where characteristics of the data itself are used to detect Hardware Trojan (HT) attacks. In particular, we use a two-chip approach where we generate a data "signature" in analog and test for the signature in a partially reconfigurable digital microchip where the HT may attack. This paper presents an overall signature-based HT detection architecture and case study for cardiovascular signals used in medical device technology. Our results show that with minimal performance and area overhead, the proposed architecture is able to detect HT attacks on primary data inputs as well as on multiple modules of the design.