Invited talks
Date: July 28, 2016 (Thurs)
Time: 0930 – 1200
Venue: Lecture Theater 3, 2.403

Experts in the area of cyber security will be invited to deliver talks focusing on challenges in defending Cyber Physical Systems. These are publicly advertised talks. Participants include members of academia, industry, and the government.

Detecting and Mitigating Security Threats in Cyber-Physical Systems

Bruce McMillin

Speaker: Dr. Bruce McMillin, Missouri University of Science and Technology

Abstract: A Cyber-Physical System (CPS) is an engineered physical system with a significant cyber component and consists of many interacting distributed cyber and physical components. CPSs are deployed in critical applications such as such as advanced power electronics in a green electric power system, vehicles in an automated highway system, distributed aircraft navigation systems, chemical process plants, and consumer components of a smart house in which correct operation is paramount. Unintended or misunderstood interactions among the components of a CPS cause unpredictable behavior leading to serious errors. While each component may independently function correctly, their composition may yield incorrectness due to Interference. Interference that violates correctness or security is well-understood in the purely software (cyber) domain. In the CPS domain, interference is much less understood. Security and confidentiality problems are particularly vexing. Attacks such as Stuxnet show how formal security properties can be violated through physical interference with the cyber components. To add to the difficulty, CPS security is difficult to specify in terms of traditional “high” and “low” security.

This talk presents an interpretation of formal information flow properties and interference within the context of a cyber-physical system blending both physical and cyber information flow properties across multiple security domains using examples from the electric smart grid. This poses the deep scientific question: how to make such systems secure and correct?

Biography: Dr. Bruce McMillin is currently a Professor of Computer Science, Associate Dean of Engineering and Computing, director of the center for information assurance, and a senior research investigator in the Intelligent Systems Center at the Missouri University of Science and Technology. He leads and participates in interdisciplinary teams in formal methods for fault tolerance and security in distributed embedded systems with an eye towards critical infrastructure protection. His current work focuses on protection for advanced power grid control. His research has been supported by the United States NSF, AFOSR, DOE, NIST and several Missouri Industries. Dr. McMillin has authored over 100 refereed papers in international conferences and journals. He is leading the distributed grid intelligence project of the Future Renewables Engineering Research Center, and advanced smart grid architecture. He is a senior member of the IEEE and member of the IFIP WG 11.0 on Critical Infrastructure Protection, and member and contributor to the SGIP Smart Grid Interoperability Panel. He currently serves in the IEEE Computer Society’s Board of Governors and as the Vice Chair of Membership and Geographic Activities for the Special Technical Communities.

Trustworthy Critical Infrastructures via Physics-Aware Just-Ahead-Of-Time Verification


Speaker: Assistant Professor Saman Zonouz, Rutgers University

Abstract: Critical cyber-physical infrastructures, such as the power grid, integrate networks of computational and physical processes to provide the people across the globe with essential functionalities and services. Protecting these critical infrastructures is a vital necessity because the failure of these systems would have a debilitating impact on economic security and public health and safety. Our research and development projects aim at provision of real-world solutions to facilitate the secure and reliable operation of next-generation critical infrastructures and require interdisciplinary research efforts across adaptive systems and network security, cyber-physical systems, and trustworthy real-time detection and response mechanisms. In this talk, I will focus on real past and potential future threats against critical infrastructures and embedded devices, and discuss the challenges in design, implementation, and analysis of security solutions to protect cyber-physical platforms. I will introduce novel classes of working systems that we have developed to overcome these challenges in practice, and finally conclude with several concrete directions for future research. Additionally, I will briefly go over our other projects on x86 malware/memory analysis and embedded systems security solutions to support access control applications in cyber-physical settings.

Biography: Saman Zonouz is an Assistant Professor in the Electrical and Computer Engineering Department at Rutgers University since September 2014 and the Director of the 4N6 Cyber Security and Forensics Laboratory. His research has been awarded NSF CAREER Award in 2015, Google Security Award in 2015, Top-3 Demo at IEEE SmartGridComm 2015, the Faculty Fellowship Award by AFOSR in 2013, the Best Student Paper Award at IEEE SmartGridComm 2013, the University EARLY CAREER Research award in 2012 as well as the Provost Research Award in 2011.

The 4N6 research is currently supported by National Science Foundation (NSF), Department of Homeland Security (DHS), Office of Naval Research (ONR), Department of Energy (DOE), Advanced Research Projects Agency Energy (ARPA-E), Department of Education (DOE), Siemens Research, WinRiver, GrammaTech, Google, ETAP, and Fortinet Corporation including tech-to-market initiatives.

Saman’s current research focuses on systems security and privacy, trustworthy cyber-physical critical infrastructures, binary/malware analysis and reverse engineering, as well as adaptive intrusion tolerance architectures. Saman has served as the chair, program committee member, guest editor and a reviewer for top international conferences and journals. Saman serves on Editorial Board for IEEE Transactions on Smart Grid. He obtained his Ph.D. in Computer Science, specifically, intrusion tolerance architectures for the cyber-physical infrastructures, from the University of Illinois at Urbana-Champaign in 2011.

Invited talks
Date: July 29, 2016 (Fri)
Time: 0930 – 1200
Venue: Lecture Theater 3, 2.403

Achieving ICS Resilience and Security through granular Data Flow Management


Speaker: Ms Marina Krotofil, Honeywell Cyber Security Lab

Abstract: The most essential ingredient in automation is information, and the key to handling it was the establishment of a transparent information flow with strict subdivision of the information processing into a hierarchical model known as automation pyramid. In many cases the controller and operator can only observe the process through the process data and must have faith that it describes the true state of the process. This talk will address topics of data processing, end-to-end data flow configuration requirements and explains risks derived from external threats and internal errors.

This presentation will not only announce a novel attack vector on ICS and reveal exploitation scenario (with demo), but also present a conceptual tool which aids discovery of the attack surface at the early stage of risk assessment. This approach was developed through analysis of several real-world use-cases and a case study involving a European utility. Through identification of critical data addressing/processing points, and highlighting system-system and system-user relationships, it will be shown how granular end-to-end mapping of data pathways can reveal critical resilience (OT) and security (IT) weaknesses.

Biography: Marina Krotofil is a Cyber Security Researcher at the Honeywell Industrial Cyber Security Lab in Atlanta, USA. Her previous experience includes working as a Senior Security Consultant at the European Network for Cyber Security, Netherlands and as a Research Assistant at Hamburg University of Technology, Germany. Her research over the last few years has been focused on discovering novel attack vectors, engineering practical cyber-physical attacks and on the design of process-aware defensive solutions and risk assessment approaches.

Marina is the author of more than 15 academic papers and several whitepapers on cyber-physical security. She is also the author of the Damn Vulnerable Chemical Process framework – an open-source platform for cyber-physical security experimentation based on the realistic models of chemical plants. Marina teaches workshops on cyber-physical exploitation and is a frequent speaker at the leading security stages around the world. She holds a MBA in Technology Management, MSc in Telecommunication and MSc in Information and Communication Systems.

Alpha-Beta Privacy


Speaker: Professor Dr. Luca Viganò

Abstract: Formally specifying privacy goals is not trivial. The most widely used approach in formal methods is based on the static equivalence of frames in the applied pi-calculus, basically asking whether or not the intruder is able to distinguish two given worlds. A subtle question is how we can be sure that we have specified all pairs of worlds to properly reflect our intuitive privacy goal. To address this problem, we introduce a novel and declarative way to specify privacy goals, called “alpha-beta privacy”, and relate it to static equivalence. This new approach is based on specifying two formulae alpha and beta in first-order logic with Herbrand universes, where alpha reflects the intentionally released information and beta includes the actual cryptographic (“technical”) messages the intruder can see.

Then alpha-beta privacy means that the intruder cannot derive any “non-technical” statement from beta that he cannot derive from alpha already. We describe by a variety of examples how this notion can be used in practice. Even though alpha-beta privacy does not directly contain a notion of distinguishing between worlds, there is a close relationship to static equivalence of frames that we investigate formally. This allows us to justify (and criticize) the specifications that are currently used in verification tools, and obtain partial tool support for alpha-beta privacy.

Bio: Luca Viganò graduated in Electronic Engineering at the University of his Hometown, Genova, Italy, in 1994 and received his PhD in Computer Science from Saarland University, Germany, in 1997.

He held a senior research scientist position at the University Of Freiburg, Germany, from October 1997 to December 2002, and one at ETH Zurich, Switzerland, from January 2003 to September 2006, when he was appointed Associate Professor of Computer Science at the University of Verona, Italy. He joined King’s College London in October 2013 as a Professor of Computer Science, Software Modelling and Applied Logic.

His research focuses on formal methods and tools for the specification, verification, testing and construction of secure systems, and on the theory and applications of non-classical and security logics. On these topics, he has published extensively, coordinated and participated in a large number of international research and industrial projects, and taught several courses, tutorials and industrial courses.