Foundations of a CPS Resilience - April 2020
PI: Xenofon Koutsoukos
HARD PROBLEM(S) ADDRESSED
The goals of this project are to develop the principles and methods for designing and analyzing resilient CPS architectures that deliver required service in the face of compromised components. A fundamental challenge is to understand the basic tenets of CPS resilience and how they can be used in developing resilient architectures. The primary hard problem addressed is resilient architectures. In addition, the work addresses scalability and composability as well as metrics and evaluation.
PUBLICATIONS
[1] Aron Laszka, Waseem Abbas, Yevgeniy Vorobeychik, and Xenofon Koutsoukos. “Integrating redundancy, diversity, and hardening to improve security of industrial internet of things”, Cyber-Physical Systems, 6:1, 1-32, 2020.
[2] Saqib Hasan, Abhishek Dubey, Gabor Karsai, and Xenofon Koutsoukos. “A game-theoretic approach for power systems defense against dynamic cyber-attacks”, International Journal of Electrical Power & Energy Systems, Volume 115, 2020.
[3] Bradley Potteiger, Zhenkai Zhang, and Xenofon Koutsoukos. “Integrated moving target defense and control reconfiguration for securing Cyber-Physical systems”, Microprocessors and Microsystems, Volume 73, 2020.
[4] Xenofon Koutsoukos. “Systems Science of Secure and Resilient Cyber-physical Systems,” Computer, vol. 53, no. 3, pp. 57-61, March 2020.
KEY HIGHLIGHTS
This quarterly report presents two key highlights that demonstrate (1) an integrated moving target defense and control reconfiguration for securing CPS and (2) a game-theoretic approach for power systems defense against dynamic cyber-attacks.
Highlight 1: Integrated moving target defense and control reconfiguration for securing CPS
With the increasingly connected nature of Cyber-Physical Systems (CPS), new attack vectors are emerging that were previously not considered in the design process. Specifically, autonomous vehicles are one of the most at risk CPS applications, including challenges such as a large amount of legacy software, non-trusted third party applications, and remote communication interfaces. With zero day vulnerabilities constantly being discovered, an attacker can exploit such vulnerabilities to inject malicious code or even leverage existing legitimate code to take over the cyber part of a CPS. Due to the tightly coupled nature of CPS, this can lead to altering physical behavior in an undesirable or devastating manner. Therefore, it is no longer effective to reactively harden systems, but a more proactive approach must be taken. Moving target defense (MTD) techniques such as instruction set randomization (ISR), and address space randomization (ASR) have been shown to be effective against code injection and code reuse attacks. However, these MTD techniques can result in control system crashing which is unacceptable in CPS applications since such crashing may cause catastrophic consequences. Therefore, it is crucial for MTD techniques to be complemented by control reconfiguration to maintain system availability in the event of a cyber-attack. This work addresses the problem of maintaining system and security properties of a CPS under attack by integrating moving target defense techniques, as well as detection, and recovery mechanisms to ensure safe, reliable, and predictable system operation. Specifically, we consider the problem of detecting code injection as well as code reuse attacks, and reconfiguring fast enough to ensure the safety and stability of autonomous vehicle controllers are maintained. By using MTD such as ISR, and ASR, our approach provides the advantage of preventing attackers from obtaining the reconnaissance knowledge necessary to perform code injection and code reuse attacks, making sure attackers can’t find vulnerabilities in the first place. Our system implementation includes a combination of runtime MTD utilizing AES 256 ISR and fine-grained ASR, as well as control management that utilizes attack detection, and reconfiguration capabilities. We evaluate the developed security architecture in an autonomous vehicle case study, utilizing a custom developed hardware-in-the-loop testbed. Our results are reported in [1].
[1] Bradley Potteiger, Zhenkai Zhang, and Xenofon Koutsoukos. “Integrated moving target defense and control reconfiguration for securing Cyber-Physical systems”, Microprocessors and Microsystems, Volume 73, 2020.
Highlight 2: A game-theoretic approach for power systems defense against dynamic cyber-attacks
Technological advancements in today’s electrical grids give rise to new vulnerabilities and increase the potential attack surface for cyber-attacks that can severely affect the resilience of the grid. Cyber-attacks are increasing both in number as well as sophistication and these attacks can be strategically organized in chronological order (dynamic attacks), where they can be instantiated at different time instants. The chronological order of attacks enables us to uncover those attack combinations that can cause severe system damage but this concept remained unexplored due to the lack of dynamic attack models. Motivated by the idea, we consider a game-theoretic approach to design a new attacker-defender model for power systems. Here, the attacker can strategically identify the chronological order in which the critical substations and their protection assemblies can be attacked in order to maximize the overall system damage. However, the defender can intelligently identify the critical substations to protect such that the system damage can be minimized. We apply the developed algorithms to the IEEE-39 and 57 bus systems with finite attacker/defender budgets. Our results show the effectiveness of these models in improving the system resilience under dynamic attacks. Our results are reported in [2].
[2] Saqib Hasan, Abhishek Dubey, Gabor Karsai, and Xenofon Koutsoukos. “A game-theoretic approach for power systems defense against dynamic cyber-attacks”, International Journal of Electrical Power & Energy Systems, Volume 115, 2020
COMMUNITY ENGAGEMENTS
- Presented our research in the “Anomaly Detection of Cyber-Physical Systems (ADCPS)” team meeting, USNA, January 29-30, 2020.
- Keynote talk, Systems Science of Secure and Resilient Cyber-physical Systems, International Conference on Contemporary Computing and Applications, (IC3A 2020), Lucknow, India, February 5-7, 2020