P11_22: Risk-aware Detection, Prediction, and Mitigation in CPS under Cyber-Attack
Topic Areas: Integrity Monitoring, Security Attacks, Side Channel Attacks, Tamper Resistance/Anti-tamper, Risk Mitigation
Principal investigator: Dr. Nicola Bezzo, University of Virginia
Co-Principal investigator(s): Dr. James H. Lambert, Virginia
Modern cyber-physical systems (CPS) such as manned and unmanned vehicles, robots, power plants,industrial systems, and medical and smart and connected devices feature a tight integration between communication, computation, and actuation. While this interaction enables more and more automated and intelligent systems, it also introduces vulnerabilities to cyber-attacks which can manipulate the system’s integrity compromising safety (= something bad will never happen) and liveness (= something good will eventually happen) properties. This proposal targets this problem by designing a general runtime monitoring framework to detect cyber-attacks on sensors, actuators, on-board computer, and the communication infrastructure of a CPS while assessing risk and mitigations based on the context and environment in which the CPS is operating. Our proposed monitor builds on the following observation that given an input action there is an expected output. An attack, even if stealthy, will have to violate this assumption in order to hijack the system. The proposed framework computes residuals defined as the difference between the received and the expected measurement and uses statistical tests to check for consistencies. A reachability analysis technique is also proposed to predict the outcome of the system and identify and minimize risk of reaching unsafe states.