TTP

Connected and Automated Vehicle (CAV) technologies enable real-time information sharing and driving automation, with the potential of significantly improving safety and efficiency of the transportation system. However, cyber-security threats may compromise the efficiency of infrastructure operations and the safety of passengers, posing a significant challenge for CAV deployment. This collaborative project develops a novel CAV testing platform to address the critical needs for assessing the security and safety concerns of the CAV system in an effective and realistic manner.

Vulnerabilities in cryptographic implementations seriously reduce the security guarantees of algorithms in practice and lead to attacks. An effective fix to the vulnerable code problem is automatic code checking. However, existing code verification tools cannot adequately cover cryptographic properties due to deficiencies in both accuracy, in terms of missed detection and false alarms, and scalability, in terms of complexity and runtime. The technology in this transition-to-practice project is to help secure cryptographic implementations, which are the foundation of many advanced systems.

Modern cybersecurity attacks are often carried out through automated "bots" or agents that systematically attack networks, at scale and in a matter of minutes. This has left organizations scrambling to respond with defenses that must first be validated or enacted by humans, and so take time to mount. Institutions can no longer afford to combat these powerful and rapid digital attacks with our slower and sometimes error-prone analog (human-based) responses.

Making modern software involves tools such as a source code management system, a verify/build/package system, and a repository for distributing software and updates. The security of this software chain is dramatically overlooked today, as many recent incidents demonstrate. Existing defenses provide piecemeal solutions to individual problems and, when combined, do not provide end-to-end guarantees.

Cloud computing is growing at exponential rates due to its great benefits to virtually all companies relying on IT systems. The biggest concern preventing further cloud adoption is data security and privacy. The main security principle in the design of cloud servers has been virtual isolation which ignores information leakage through subtle channels shared by the processes running on the same physical hardware.