CAREER: System Software Availability Foundations for Real-time Cyber-physical Systems
Washington University, Saint Louis MO
Investigators
Abstract
As computing and communication are ever more embedded in our society, the security and, in particular, the availability (timely access to computational resources) of cyber-physical systems (CPS), such as autonomous vehicles and surgical robots, is essential for our livelihood. The key novelty of the project is a principled approach to tackle the availability challenges of CPS by systematically addressing threats from different vulnerable layers that make up a computer system. The project's broader significance and importance lie in the development of new theories and systems for system availability, building the foundation for security and safety in CPS, which our society now relies on for daily necessities. This project broadens participation not only in the field of CPS security but also in computing, through integrated educational activities for students from all backgrounds in both K-12 and higher education. Threats from different layers of computing against system availability motivate the research thrusts in this project, advancing three lines of defense. The first line of defense tackles the long-standing problem of availability in trusted execution environments to provide computational and input/output (I/O) availability in the presence of an untrusted operating system (OS) while minimizing the trusted computing base by leveraging the unique predictability of real-time CPS. The second line of defense tackles a new dimension (availability) in software protection by leveraging context-sensitive software compartmentalization and rapid recovery to preserve safety-critical process availability at the cost of functionality reduction. The last line of defense formalizes, analyzes, and isolates the performance interference as a security (availability) problem, thwarting attacks from the non-safety-critical processes to the safety-critical processes. The open platform (OP) for CPS security research (OP-CPS) not only allows scientific exploration within the project but also tightly integrates education and research, enabling the connections between the real-time, robotics, control, systems, and security communities. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →