Sensor Verification for Cyber-Physical Models of Power Systems

This project explores the ways that data from sensors in power systems can be authenticated by enhancing the security of power systems from a cyber-physical point of view. This is a continuation of the work for the NSF project “CPS: Synergy: Collaborative Research: Distributed Just-Ahead-Of-Time Verification of Cyber-Physical Critical Infrastructure.” Adversaries who gain access to a cyber-physical system can cause significant physical damage and financial loss by injecting false data into a sensor node. Identifying adversarial action in a system can mitigate unsafe actions made based off of bad data. The technique presented in this work combines topology analysis with real-time probing to create a measure of trustworthiness of sensors in a system. A previously developed tool called Cyber Physical Security Assessment (CyPSA) gives each node a topology vulnerability score based on the cyber accessibility and potential physical impact should it be compromised. We develop a real-time vulnerability score by simulating attack and non-attack scenarios with PowerWorld. The data from these simulations is processed in MATLAB. Results show improved attack detection over current methods. The measure of trustworthiness developed will improve attack detection in power systems, and it may be used to help prevent a system from entering an unstable state

Sensor Verification for Cyber-Physical Models of Power Systems

This project explores the ways that data from sensors in power systems can be authenticated by enhancing the security of power systems from a cyber-physical point of view. This is a continuation of the work for the NSF project “CPS: Synergy: Collaborative Research: Distributed Just-Ahead-Of-Time Verification of Cyber-Physical Critical Infrastructure.” Adversaries who gain access to a cyber-physical system can cause significant physical damage and financial loss by injecting false data into a sensor node. Identifying adversarial action in a system can mitigate unsafe actions made based off of bad data. The technique presented in this work combines topology analysis with real-time probing to create a measure of trustworthiness of sensors in a system. A previously developed tool called Cyber Physical Security Assessment (CyPSA) gives each node a topology vulnerability score based on the cyber accessibility and potential physical impact should it be compromised. We develop a real-time vulnerability score by simulating attack and non-attack scenarios with PowerWorld. The data from these simulations is processed in MATLAB. Results show improved attack detection over current methods. The measure of trustworthiness developed will improve attack detection in power systems, and it may be used to help prevent a system from entering an unstable state

A sense of self for power side-channel signatures: instruction set disassembly and integrity monitoring of a microcontroller system

Cyber-attacks are on the rise, costing billions of dollars in damages, response, and investment annually. Critical United States National Security and Department of Defense weapons systems are no exception, however, the stakes go well beyond financial. Dependence upon a global supply chain without sufficient insight or control poses a significant issue. Additionally, systems are often designed with a presumption of trust, despite their microelectronics and software-foundations being inherently untrustworthy. Achieving cybersecurity requires coordinated and holistic action across disciplines commensurate with the specific systems, mission, and threat. This dissertation explores an existing gap in low-level cybersecurity while proposing a side-channel based security monitor to support attack detection and the establishment of trusted foundations for critical embedded systems. Background on side-channel origins, the more typical side-channel attacks, and microarchitectural exploits are described. A survey of related side-channel efforts is provided through side-channel organizing principles. The organizing principles enable comparison of dissimilar works across the side-channel spectrum. We find that the maturity of existing side-channel security monitors is insufficient, as key transition to practice considerations are often not accounted for or resolved. We then document the development, maturation, and assessment of a power side-channel disassembler, Time-series Side-channel Disassembler (TSD), and extend it for use as a security monitor, TSD-Integrity Monitor (TSD-IM). We also introduce a prototype microcontroller power side-channel collection fixture, with benefits to experimentation and transition to practice. TSD-IM is finally applied to a notional Point of Sale (PoS) application for proof of concept evaluation. We find that TSD and TSD-IM advance state of the art for side-channel disassembly and security monitoring in open literature. In addition to our TSD and TSD-IM research on microcontroller signals, we explore beneficial side-channel measurement abstractions as well as the characterization of the underlying microelectronic circuits through Impulse Signal Analysis (ISA). While some positive results were obtained, we find that further research in these areas is necessary. Although the need for a non-invasive, on-demand microelectronics-integrity capability is supported, other methods may provide suitable near-term alternatives to ISA