Cybersecurity is becoming more important than ever as the amount of information and technology foreign attackers can access grows each day. Despite rapid changes in system technology, many of the same security methods are used as protection mechanisms and may border on becoming obsolete relative to advancing attack strategies. Now, University researchers have found a new way to even more securely protect systems that have the potential to impact millions of people’s lives.
Cyber-physical system security is often treated similarly to information technology security despite their vast differences in structure, use and risk. Both systems use perimeter-based security, like firewalls and encrypted communication, as a foundational level of defense to make it harder for attackers to penetrate the systems. However, while perimeter-based security is well suited for IT systems, which house pure information that can be instantaneously compromised when breached, this security is not nearly as effective for CPS, as breaches in CPS can be life-threatening as these systems are found in cars and hospitals, among other places.
Because cyber-physical systems are real-world machines and systems that people rely on, attacks against them are more dangerous as they could range from changing readings and data to taking control of entire vehicles. The effects of what follows breaches like these can be disastrous, which inspired University professors to create the project Mission Aware — which aims to make the identification of attacks and reestablishment of CPS faster to limit the harmful effects of attacks.
Peter Beling, professor and associate chair for research in the Engineering Systems and Environment Department, explained the difference between IT and CPS security by comparing an attack on a database to an attack on an automated car. In a database, a successful attacker could instantly have access to things like financial records or social security numbers, depending on the information stored. In contrast, an attack on CPS within an automated car can negatively impact steering, car speeds, braking and the safety of any passengers.
“With a cyber-physical system, you also have the possibility of a physical event happening — I can take your car and drive it straight off the road … with all the consequences that come from that,” Beling said.
Over 10 years ago, Engineering Prof. Barry Horowitz started to develop a systems-oriented approach to cyber-physical security — security measures that are designed to complement the overall mission of a cyber-physical system. This idea has since evolved into the Mission Aware project.
According to the 2020 paper Cyber-Physical Security Through Resiliency: A Systems-centric Approach — which Beiling and Horowtiz co-wrote with several other scholars — Mission Aware “is based on a holistic understanding of mission goals, system dynamics, and risk” of CPS. Taking the general mission as an abstract goal and slowly adding additional layers of detail and meaning builds a complex view of the overall goals and what needs to happen for the system to achieve them. Because these CPSs often incorporate multiple aspects into one project, having this top-down approach better suits the tangible aspect of CPS as unwanted outcomes are traced back to root causes that make the identification of threats easier.
An unmanned aerial vehicle identifying areas with potential uncontrollable fires exhibits this chain of security starting at the most basic level of the mission, according to the paper. “UAV-based reconnaissance is a familiar scenario in many domains,” but when adding additional complexities like the workings of the vehicle, sensors and data, maintaining acceptable performance levels in the face of adversarial attack complicates the mission. By using historical vulnerability databases, Mission Aware software can identify the attacks and work to negate them to prevent unwanted outcomes like inaccurate location data, which would impact the UAV’s ability to properly identify the location of the fires.
Beling explained that Mission Aware accounts for the inevitability of attacks.
Conventional cybersecurity attempts to build an impenetrable "wall" around cyber-physical systems to protect against adversarial penetration, aptly referred to as perimeter security. This defense often fails as attackers can identify the weakest access points, leading to an immediate breach of data that cannot be mitigated as security within the system itself is sparse to nonexistent. In contrast to this traditional security approach, Mission Aware acknowledges that attacks will succeed in breaking past the perimeter security so it works to mitigate negative effects of attacks on CPS sooner.
The limitations of conventional cybersecurity are especially critical in CPS, where adversarial entry can occur anywhere — from supply chains, like parts coming from foreign countries, to insider attacks. However, by assuming attacks will happen, Mission Aware aims to counteract negative outcomes by stepping in before critical harm can be caused and tracing the source of the attack to specific conditions.
Codifying the outcomes, what dictates a successful or unsuccessful result depending on the mission of the CPS, and conditions that lead to those outcomes allows for more precise and faster identification of threats. This top-down approach allows operators to quickly step in when signs of an attack are present and take back control to minimize potential harm.
Horowitz described the future testing capabilities involving Mission Aware as a bottomless pit.
“Every time we go to another organization … a new subject ... tends to emerge, because each organization has its own view of risk and uncertainty and consequence," Horowitz said.
On top of projects like finding security breaches in Virginia State police cars and training CPS operators in the new cybersecurity measures, Beling and Horowitz are currently working with the Department of Defense to help engineers design systems with capabilities similar to those in Mission Aware.
Both University engineers and MITRE — a non-profit research and development organization — worked on the development of cybersecurity systems to protect CPS through the University Innovation Exchange, a program that brings together research teams from both institutions. The project hinged upon uniting people of different skill sets.
"We're talking about bringing together ... people who know a lot about cybersecurity and attacks and people who know a lot about physical systems," Beling said.