P9_22: Security Audit Dashboard for Embedded Hardware Devices of Industrial Facilities
Topic Areas: Risk Mitigation; Supply Chain Integrity
Principal investigator: Dr. James H. Lambert, University of Virginia
Co-Principal investigator(s): Dr. Zachary A. Collier, Virginia
Security of embedded IC hardware devices is essential to the business and mission success of many organizations. Security audits of these devices should be a key function of asset management and risk management, and help to prioritize deployment of CHEST technologies. A particular challenge is to identify the top sources of risk and the associated IC hardware assets for facilities and installations. The proposed CHEST project will develop practical guidelines and a dashboard for facility owners to conduct periodic device security audits, for tracking and managing risks of a portfolio of embedded devices and components. The resulting audit tool will allow facility/installation owners to monitor risk-related data of key hardware assets along dimensions of threat, vulnerability, consequences, and potential for effective countermeasures. An IC security and risk dashboard will allow users to visualize key risks to support asset management decision making. The dashboard will be demonstrated and refined on-demand across multiple CHEST IAB testbeds such as critical infrastructure systems of the US Army Corps of Engineers, Fermata, LLC, (electric-vehicle chargers), Port of Virginia, and Virginia Department of Transportation. which include sensors and other IC hardware devices.