*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Stratified Inference of Information in Cyber-Physical Systems based on Physics
Committee:
Dr. Raheem Beyah, ECE, Chair , Advisor
Dr. Brendan Saltaformaggio, ECE
Dr. Eric Feron, AE
Dr. Lee Lerner, ECE
Dr. Nagi Gebraeel, ISyE
Abstract: The field of CPSs is growing rapidly. In recent years, a variety of CPS applications in different domains have flourished. Meanwhile, there have also been more frequent attacks on CPSs. The problem becomes more aggravated as the number of attacks against critical infrastructures increases rapidly. Thus, it is important to develop novel solutions to secure these critical CPSs. This research studies different techniques to infer the critical information of a Cyber-Physical System (CPS) at different levels, leveraging the physics of the CPS. One way of verifying the authenticity and integrity of an operating CPS is to check the fingerprints generated by the static structure and the dynamic operation of the CPS in the “cyber” domain, e.g., network traffic and control programs, or in a side channel, e.g., vibration and sound. A CPS can be physically characterized at three layers, namely, device model and configuration (device), process model (process), and process parameters (parameter) from the lowest to the highest layer. In this research, the correlation between the physics attributes of each layer and its fingerprints in the cyber domains and side channels is studied. Then methodologies to infer critical information of the CPSs from such correlation are studied and evaluated. The outcome from this research can be interpreted as both offensive and defensive techniques. On the one hand, attackers may leverage the device/process/parameter inference techniques to obtain sensitive information about critical infrastructures. Understanding the effectiveness of the inference techniques is a crucial step in discovering the vulnerabilities in these critical infrastructures. On the other hand, for defenders, such inference techniques can also be used to verify the correct operation of the CPS by checking the observed fingerprints against the expected values. These techniques can be used as a basis to develop novel solutions to secure the CPSs.
