CPS Security and Privacy

When we started working on Cyber-Physical Systems (CPS) Security in 2007, the field was very different to what it is now: the urgency for protecting control systems was not a priority in a pre-Stuxnet world. Several security researchers argued that there was nothing new about SCADA security because we only needed to apply best IT security practices to this field. Control theory researchers argued that injecting faults into systems was an old problem. We decided to brainstorm what was new and fundamentally different about CPS security when compared to IT security and to control theory, and published two workshop papers in 2008. The first one identifying how CPS security was different from previous work in control theory, and the second paper on how CPS security was different from traditional IT security best practices (and why the problem was important):

Secure Control: Towards Survivable Cyber-Physical Systems First International Workshop on Cyber-Physical Systems, 2008.

Research Challenges for the Security of Control Systems. 3rd Workshop on Hot Topics in Security (HotSec), 2008.

Detecting Attacks in Cyber-Physical Systems

One of our main lines of work is to use physics-based anomaly detection in CPS. We have developed parsers for a variety of industrial control protocols to do deep-packet inspection and capture the physical evoluation of the state of the system in order to identify anomalies and potential false-data injection attacks. We are also looking into novel ways to detect attacks in other cyber-physical systems, like our proposal on visual challenges to verify the integrity of remote surveillance cameras.

Limiting the Impact of Stealthy Attacks on Industrial Control Systems 23rd ACM Conference on Computer and Communications Security (CCS) 2016.

Survey and New Directions for Physics-Based Attack Detection in Control Systems> NIST GCR 16-010 2016.

Attacks Against Process Control Systems: Risk Assessment, Detection, and Response ACM Symposium on InformAtion, Computer, and Communications Security (ASIACCS) 2011.

Evaluating Electricity Theft Detectors in Smart Grid Networks Research in Attacks Intrusions and Defenses Symposium (RAID) 2012.

Using Visual Challenges to Verify the Integrity of Security Cameras 31st Annual Computer Security Applications Conference (ACSAC) 2015.

Attack-Resilient Cyber-Physical Systems

Resilient Cyber-Physical Systems need to operate safely and reliably, even when they have been partially compromised and are under active attacks. One way we have approached this problem, is to design a system conservatively so that it is able to withstand attacks (at the cost of increased operational costs). Another approach is to dynamically reconfigure the system when an attack is detected.

Safe and Secure Networked Control Systems Under Denial-Of-Service Attacks Hybrid Systems, Computation and Control (HSCC) 2009.

Controllability of Dynamical Systems: Threat Models and Reactive Security International Conference on Decision and Game Theory for Security (GameSec) 2013.

Integrity Attacks on Real-Time Pricing in Smart Grids: Impact and Countermeasures IEEE Transactions on Smart Grid 2016.

Incentives and Game Theory to Improve CPS Security

The protection of cyber-physical critical infrastructures against computer attacks is a matter of national security, public safety, and economic stability; however, most of our critical assets are owned and operated by private companies with pressing operational requirements, tight security budgets, and aversion to regulatory oversight. For most of these companies, creating a business case for improving computer security and for supporting long-term security research is a difficult task, partly because cybersecurity risk is almost impossible to measure, and partly because most companies managing critical infrastructures have not (yet) been subject to a major computer-based disruption. This has left our critical infrastructures fairly vulnerable to computer attacks and with technology that is decades behind the current security best practices used in other information technology domains. This line of research studies how to improve security investments by focusing on the design of incentives for investing in protecting our critical infrastructures.

Perverse Incentives in Security Contracts: A Case Study in the Colombian Power Grid Workshop on the Economics of Information Security (WEIS) 2016.

CPS: Market Analysis of Attacks Against Demand Response in the Smart grid 30th Annual Computer Security Applications Conference (ACSAC) 2014.

Game Theoretic Models of Electricity Theft Detection in Smart Utility Networks IEEE Control Systems V 35 Issue 1. 2015.

Privacy in Cyber-Physical Systems and IoT Devices

The ability of CPS and IoT to passively sense surrounding activity makes the privacy issues they raise distinct from the privacy issues raised by traditional computing systems. As they collect physical data of diverse human activities such as electricity consumption, location information, driving habits, and biosensor data at unprecedented levels of granularity, their passive manner of collection leaves people generally unaware of how much information about them is being gathered. We are studying new privacy enhancing technologies to allow CPS and IoT systems to fulfill their operational goals, while minimizing privacy risks to users of these technologies. We are also studying the advantages and disadvantages of differential privacy in control systems.

A Game Theory Model for Electricity Theft Detection and Privacy-Aware Control in AMI Systems 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton), 2012.

Delay and sampling independence of a consensus algorithm and its application to smart grid privacy 53rd IEEE Conference on Decision and Control (CDC) 2014.

Privacy and Customer Segmentation in the Smart Grid 53rd IEEE Conference on Decision and Control (CDC) 2014.

Work Outside of CPS Security

Network Security, Machine Learning, IoT, and Wireless Networks

Our lab is interested in network security monitoring and intrusion detection, and more recently, in the security of Software Defined Networks (SDN) and Network Function Virtualization (NFV). We also work on Machine Learning, big data analytics, and alert correlation in ways that improve ROC curves. Finally, we also work on wireless networking with lossy and unreliable links, which are frequent in embedded systems and IoT devices. We have been working on flexible data forwarding mechanisms (within the IETF) that can work within 6LoWPAN, or on IPv6 networks. We have also worked on MAC-layer anomaly detection, which can help identify networking cards that have not implemented correctly the backoff mechanisms to prevent nodes from getting unfair share of the spectrum.

A Framework for the Evaluation of Intrusion Detection Systems. IEEE Symposium on Security and Privacy, 2006.

Big Data Analytics for Security IEEE security & privacy, 11(6) 2013.

Optimal ROC Curve for a Combination of Classifiers Advances in Neural Information Processing Systems (NIPS) 2008.

Semantic middleware for the Internet of Things Internet of Things (IOT) 2010.

Depth-First Forwarding (DFF) in Unreliable Networks. IETF Experimental Standard. RFC6971. 2013

Performance Comparison of Detection Schemes for MAC Layer Misbehavior IEEE INFOCOM 2007.