Executive Summary – Overview
The Internet-of-Things revolution has opened doors to security vulnerabilities in cyber-physical systems like smart homes, smart vehicles, and smart grids that affect our daily existence. Whether it is malicious access to the controller area network on a vehicle or firmware modifications to ECUs controlling critical components of a vehicular system, security vulnerabilities can manifest themselves at various layers of a complex cyber-physical system. Therefore, it is extremely critical to build access control models that govern who, under what circumstances, can access what sensed data or actuate a physical system. The project will specifically explore the feasibility of a system that builds upon existing work in attribute-based access control, model and correlate physical context collected from sensed data, and reason dynamically over attribute and context driven policies to control access. The project will design, prototype, and evaluate a framework and underlying technologies to create end-to-end scalable context-aware systems to defend cyber-physical infrastructure. As a specific instantiation of the general approach, we will analyze the attack surface in a vehicle and develop a prototype system for defending vehicles against various cyber-attacks.
Technical Challenge/Activities
This project lays the foundation for building cyber-physical systems that use and maintain rich and accurate context models to mitigate attacks using a variety of external and internal sensors. The research will make significant contributions to concepts and techniques securing Internet of Things systems by reasoning over large volumes of streaming knowledge and data. Specifically, the proposed project presents several novel research contributions. These include the development of new access control models derived from Attribute Based Access Control, and corresponding representations in OWL/RDF of content dependent access control policies grounded in these models.
Potential Impact
This project lays the foundation for building systems that can use and maintain rich and accurate context models for cyber-physical systems in support of mitigating attacks by making context dependent access control decisions. The research will make significant contributions to concepts and techniques securing Internet of Things (IoT) systems by reasoning over large volumes of streaming knowledge and data. The fundamental research done in the project has a key application in creating the next generation of systems to defend our cyber-physical infrastructure from attacks.
Resources
The project will have substantial impact on the education of both graduate and undergraduate computer science students, including women and underrepresented minorities. UMBC is a minority serving institution. The PI is the Director of UMBC’s Cyberscholars Program, which is over 50% women and another 15% minorities. The project will draw URAs from this program, as well as UMBC’s Center for Women in IT and The Meyerhoff Program which is dedicated to increasing the number of STEM PhDs among African Americans. This provides a great opportunity to recruit, involve, and train minority students at both the undergraduate and graduate levels through the proposed research activities.
Project Members
PI: Dr. Anupam Joshi