"Designing Security In" to Cyber Physical Systems

Chair: Dan Massey

Abstract:

The overall goal of the DHS S&T Cyber Physical System Security (CPSSEC) project is to add necessary security enhancements to the design and implementation of cyber physical systems [1]. Cyber physical systems are smart networked systems that combine both cyber and physical technologies. Cyber physical systems play an integral role in the nation’s critical infrastructure. Our transportation systems, emergency response systems, energy systems, and medical devices are rapidly adding cyber components to these existing physical systems.

Cyber physical systems represent a core opportunity area and source of competitive advantage for the innovation economy in the 21st century, but also represent an area where the consequences of cyber attacks could have severe impact on human lives and the environment. Executive Order 13636 [2] and Presidential Policy Directive 21 [3] state that proactive and coordinated efforts are necessary to strengthen and maintain secure, functioning, and resilient critical infrastructure and include interdependent functions and systems in both the physical space and cyberspace.

This is a critical time in the design and deployment of cyber physical systems. Advances in networking, computing, sensing, and control systems have enabled a broad range of new devices. These systems are being designed and deployed now, but unfortunately security is often left as an additional feature that will be bolted on later. Industry is driven by functional requirements and fast moving markets. Cyber physical system designs are evolving rapidly and in most cases design standards are only now beginning to emerge. Many of the devices being deployed today have lifespans measured in decades. The design choices being made today will directly impact next several decades in transportation, emergency response, energy, medical devices, and so forth. This project aims to change the approach to cyber physical system design and ensure that we build security into the design of these critical systems.

In this session, the DHS S&T Program Manager will describe the overall CPSSEC challenges and program and two of the performers will describe their research projects.

Designing Security Into Cyber Physical Systems (Dan Massey) Presentation

ISOSCELES (Todd Carpenter) Presentation

Side-Channel Causal Analysis for Design of Cyber-Physical Security (David Payton) Presentation

About the Speakers:

Dr. Dan Massey is a Program Manager in the Cyber Security Division, Science and Technology Directorate, US Department of Homeland Security. At DHS, his portfolio includes Distributed Denial of Service Defense (DDoSD), security for Cyber Physical Systems (CPSSEC), Secure Protocols for Routing Infrastructure (SPRI), and Homeland Open Security Technology (HOST). Prior to joining DHS, Dr. Massey was a tenured associate professor at Colorado State University and served as a PI on research funded by DHS, DARPA, and NSF. Some of his projects have included the Named Data Networking project that is developing a new information centric architecture, editor for the DNS Security Extensions (DNSSEC), internet BGP monitoring and analysis, and infrastructure security enhancements such as the Route Origin Verifier. He earned his bachelor’s degree in mathematics and computer science and master’s degree in applied mathematics all from the University of California, San Diego and his doctorate in computer science from the University of California, Los Angeles.

Todd Carpenter, Adventium. For over 25 years, Mr. Carpenter has been engineering systems for high-value and life-critical, real-time, fault-tolerant, and secure applications in domains including medical, defense and commercial avionics, space, and petrochemicals. His focus has covered detailed hardware and software design, architecture development, systems design and specification, and tools, standards, and processes for enhancing the design flow. Earlier work included technology transfer programs to productize innovations, including critical infrastructure protection for industrial applications, automating task-specific, user and device interactions, and commercial integrated, highly reliable avionics systems for defense and space markets. While at Adventium, Mr. Carpenter has developed technology for life- and mission-critical applications, including real-time, trusted computing, mixed criticality systems, risk assessment, verification and validation techniques, and highly scalable systems. He has also supported critical programs in the manufacturing and defense industrial base, including red-teaming, proposal development, and identifying critical issues in next-generation avionics data and control networks. He is engaged in systems, architecture, dependability, and security developments in the medical device industry.

David Payton, HRL Laboratories. David Payton is Principal Research Scientist in the Information and Systems Sciences Lab at HRL Laboratories in Malibu, California.  Mr. Payton holds an MS degree in EE & CS from MIT and a BS degree in Electrical Engineering from UCLA.  He has previously served as lead scientist for the DARPA Physical Intelligence project, and has been principal investigator for the DARPA Pheromone Robotics project, and the DARPA Neuro-robotic Perception and Control program. He is currently involved in research related to autonomous robots, machine learning, complex systems, and resilience, and is participating in the DARPA UPSIDE program for development of a high-performance image processing pipeline using novel emerging devices.  After joining HRL Laboratories in 1982, Mr. Payton has been involved in numerous projects for the development of intelligent autonomous agents. This includes work on the DARPA Autonomous Land Vehicle project, the Unmanned Ground Vehicle, the development of behavior-based robot control.  More recently, he has led the development of imitation learning in humanoid robots for General Motors.  Mr. Payton has over 30 publications and holds 26 patents.

References:

1]    2014 NITRD Cyber Physical Systems Vision Statement; http://www.nitrd.gov/nitrdgroups/images/6/6a/Cyber_Physical_Systems_%28CPS%29_Vision_Statement.pdf

[2]   Executive Order 13636, Improving Critical Infrastructure Cyber Security; http://www.gpo.gov/fdsys/pkg/FR-2013-02-19/pdf/2013-03915.pdf

[3]   Presidential Policy Directive 21, Critical Infrastructure Security and Resilience; http://www.whitehouse.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil