Static Dynamic Analysis of Security Metrics for Cyberphysical Systems

Image removed.

Sayan Mitra, Geir Dullerud, and Swarat Chaudhuri, University of Illinois Urbana- Champaign Lablet

Professor Mitra presented an overview of the UIUC Lablet Science of Security research project targeting security metrics. He described the modeling framework, the approach for modeling adversaries, and security metrics. Then he described two foundational problems related to analysis of metrics: reachability for nonlinear hybrid systems and algorithms and lower-bounds on the cost of privacy in distributed control. Next he presented findings on the application of their reachability-based algorithms in analyzing a parallel landing protocol and a modular cell-pacemaker network. The analysis brings together simulation-based analysis and ideas from input-to-state stability---a composition theorem from control theory. He presented ongoing work on synthesizing controllers for CPS with adversary attacks.

The project goal for the Static-Dynamic Analysis of Security Metrics for Cyber-Physical Systems Research project was to address the hard problems of predictive security metrics and scalability and composability. Objectives were to identify security metrics and adversary models and develop theory, algorithms and tools for analyzing the metrics in the context of those adversary models.

Metrics were developed to address both physical systems to CPS and included safety factors, margin of safety, reserve capacity and their association with availability, the stability envelope, safety margin, and vulnerability level Adversary models looked at access, including actuator intrusion, sensor jamming, and malicious programs, their energy, and whether they were opportunistic, curious, focused, or committed.

Their work confirmed that Static-Dynamic Analysis is a sound and relatively complete algorithm for analysis of nonlinear –nondeterministic models. Symbolic simulation of adversary-free system is an improvement over approximation of leverage. Their method has been effective in enabling them to synthesize controllers and attack strategies and to measure vulnerability of states with regard to attacks.

The presentation with mathematical proofs is available at: http://cps-vo.org/node/15745

The C2E2 tool they used to support their research is available at: http://publish.illinois.edu/c2e2-tool/

Contact information for Prof. Mitra and his team is available at: http://users.crhc.illinois.edu/mitras/

(ID#:14-2632)

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.