Visible to the public Foundations of a CPS Resilience - July 2022Conflict Detection Enabled

Submitted by Xenofon Koutsoukos on Thu, 06/30/2022 - 10:57am

PI: Xenofon Koutsoukos

HARD PROBLEM(S) ADDRESSED

The goals of this project are to develop the principles and methods for designing and analyzing resilient CPS architectures that deliver required service in the face of compromised components. A fundamental challenge is to understand the basic tenets of CPS resilience and how they can be used in developing resilient architectures. The primary hard problem addressed is resilient architectures. In addition, the work addresses scalability and composability as well as metrics and evaluation. 

PUBLICATIONS

[1]    Bradley Potteiger, Abhishek Dubey, Feiyang Cai, Xenofon Koutsoukos, and Zhenkai Zhang. “Moving Target Defense for Security and Resilience of Mixed Time and Event Triggered Cyber-Physical Systems”, Journal of System Architecture. Volume 125, 102420, April 2022.

[2]    Zihao Zhan, Zhenkai Zhang, Sisheng Liang, Fan Yao, and Xenofon Koutsoukos. “Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your Neighbors”, 43rd IEEE Symposium on Security and Privacy (IEEE S&P 2022). San Francisco, CA. May 23-26, 2022.

[3]    Waseem Abbas, Mudassir Shabbir, Yasin Yazicioglu, and Xenofon Koutsoukos. “Leader Selection for Strong Structural Controllability in Networks using Zero Forcing Set”, 2022 American Control Conference. Atlanta, GA, June 8-10, 2022.

[4]    Chandreyee Bhowmick, Mudassir Shabbir, and Xenofon Koutsoukos. “Attack-Resilient Multi-Agent Flocking Control Using Graph Neural Networks”, The 30the Mediterranean Conference on Control and Automation. Athens, Greece. June 28 – July 1, 2022.

[5]    Nicholas Potteiger, Mudassir Shabbir, Scott Eisele, Mark Wutka and Xenofon Koutsoukos. “WiP: Resilient Target Pursuit for Multi-UAV Systems”, HoT Topics in the Science of Security (HoTSoS) Symposium, April 5-7, 2022.

KEY HIGHLIGHTS

This quarterly report presents two key highlights that demonstrate: (1) Moving target defense for cyber-physical systems and (2) Exploiting EM side-channel information of GPUs to eavesdrop on your neighbors. 

Highlight 1: Moving target defense for cyber-physical systems

Memory corruption attacks such as code injection, code reuse, and non-control data attacks have become widely popular for compromising safety-critical Cyber–Physical Systems (CPS). Moving target defense (MTD) techniques such as instruction set randomization (ISR), address space randomization (ASR), and data space randomization (DSR) can be used to protect systems against such attacks. CPS often use time-triggered architectures to guarantee predictable and reliable operation. MTD techniques can cause time delays with unpredictable behavior. To protect CPS against memory corruption attacks, MTD techniques can be implemented in a mixed time and event-triggered architecture that provides capabilities for maintaining safety and availability during an attack. Our work presents a mixed time and event-triggered MTD security approach based on the ARINC 653 architecture that provides predictable and reliable operation during normal operation and rapid detection and reconfiguration upon detection of attacks. We leverage a hardware-in-the-loop testbed and an advanced emergency braking system (AEBS) case study to show the effectiveness of our approach. Our results are presented in [1]. 

[1]    Bradley Potteiger, Abhishek Dubey, Feiyang Cai, Xenofon Koutsoukos, and Zhenkai Zhang. “Moving Target Defense for Security and Resilience of Mixed Time and Event Triggered Cyber-Physical Systems”, Journal of System Architecture. Volume 125, 102420, April 2022.

Highlight 2: Exploiting EM side-channel information of GPUs to eavesdrop on your neighbors

As the popularity of graphics processing units (GPUs) grows rapidly in recent years, it becomes very critical to study and understand the security implications imposed by them. We show that modern GPUs can “broadcast” sensitive information over the air to make a number of attacks practical. Specifically, we present a new electromagnetic (EM) side-channel vulnerability that we have discovered in many GPUs of both NVIDIA and AMD. We show that this vulnerability can be exploited to mount realistic attacks through two case studies, which are website fingerprinting and keystroke timing inference attacks. Our investigation recognizes the commonly used dynamic voltage and frequency scaling (DVFS) feature in GPU as the root cause of this vulnerability. Nevertheless, we also show that simply disabling DVFS may not be an effective countermeasure since it will introduce another highly exploitable EM side-channel vulnerability. To the best of our knowledge, this is the first work that studies realistic physical side-channel attacks on non-shared GPUs at a distance. Our results are presented in [2]. 

[2]    Zihao Zhan, Zhenkai Zhang, Sisheng Liang, Fan Yao, and Xenofon Koutsoukos, “Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your Neighbors”, 43rd IEEE Symposium on Security and Privacy (IEEE S&P 2022). San Francisco, CA. May 23-26, 2022.

COMMUNITY ENGAGEMENTS

  • Our research was presented in the following conference: IEEE Symposium on
  • Security and Privacy (IEEE S&P 2022), American Control Conference (ACC 2022), Mediterranean Conference on Control and Automation (MED 2022), and HoTSoS Symposium 2022.
Groups: