secure and trustworthy cyber physical system design a
play

Secure and Trustworthy Cyber-Physical System Design: A Cross-Layer - PowerPoint PPT Presentation

Nov 06, 2022 •358 likes •603 views

Secure and Trustworthy Cyber-Physical System Design: A Cross-Layer Perspective Pierluigi Nuzzo Ming Hsieh Department of Electrical and Computer Engineering University of Southern California, Los Angeles nuzzo@usc.edu In Honor of Alberto

  1. Secure and Trustworthy Cyber-Physical System Design: A Cross-Layer Perspective Pierluigi Nuzzo Ming Hsieh Department of Electrical and Computer Engineering University of Southern California, Los Angeles nuzzo@usc.edu In Honor of Alberto Sangiovanni-Vincentelli International Symposium on Physical Design, San Francisco, April 16, 2019

  2. What is a Cyber-Physical System (CPS)? A system characterized by the tight integration of computation, communication, and control with physical processes via feedback loops where physical processes Controller affect computation and vice versa Networking Embedded system Physical system 2 Pierluigi Nuzzo, USC

  3. CPSs Interconnect the World Around Us and Make It “Smarter” Avionics Autonomous Driving Transportation (Air traffic control) Telecommunications Health care Buildings Factory Military systems: automation Power generation and distribution 3 Pierluigi Nuzzo, USC

  4. Resilient Cyber-Physical System Design: What Can Go Wrong? 4 Pierluigi Nuzzo, USC

  5. Resilient Cyber-Physical System Design: What Can Go Wrong? Highly-dynamical System and components Malicious agents can break unknown environment are susceptible to design assumptions and and the lack of prior faults , both known and trigger unexpected behaviors information unknown Control-theoretic Cryptographic approach: Fault-tolerance approach: Design a Authenticate agents and approach: Build system “robust” to embed trust into redundancies into faults and adversarial components and platforms the system inputs 5 Pierluigi Nuzzo, USC

  6. Resilient Cyber-Physical System Design: Data Injection Attacks Need a cross-layer approach: - Develop algorithms that exploit dynamics and redundancy - Build trust in HW and SW platforms - Co-design algorithms Traditional information security is with platforms ineffective! 6 Pierluigi Nuzzo, USC

  7. Outline Reasoning About Software and Dynamics: Satisfiability Modulo Convex Programming (SMC) Principled System-Level Design of Hardware Obfuscation: Obfuscation Design Space Exploration Engine (ODSEE) Conclusions 7 Pierluigi Nuzzo, USC

  8. Reasoning About Software and Dynamics: Satisfiability Modulo Convex Programming (SMC) Boolean Constraints SAT SAT + Convex Solvers SMT Solvers Mixed Integer Programming Convex Optimization Convex Constraints “ CalCS: SMT Solving for Non- Linear Convex Constraints,” FMCAD 2010 “SMC: Satisfiabiity Modulo Convex Programming,” Proc. IEEE 2018 8 Pierluigi Nuzzo, USC

  9. Example: Secure State Estimation Against Data Injection Attacks 9 Pierluigi Nuzzo, USC

  10. Secure State Estimation: Problem Formulation 10 Pierluigi Nuzzo, USC

  11. “Lazy” Coordination of SAT and Convex Programming for Monotone SMC Step 1 : Solve the Boolean abstraction of the formula Step II : Extract involved convex constraints and check their feasibility Step IV : Generate UNSAT certificate:

  12. Generating Compact UNSAT Certificates Complexity UNSAT Certificate Minimality (number of convex problems) Trivial No Constant Minimum Irreducible Yes Exponential Inconsistent Set (IIS) Minimal IIS Yes* Linear/Logarithmic Sum of Slacks Yes* Linear/Logarithmic Minimum Prefix Yes* Constant * under additional assumptions

  13. Secure State Estimation: Scalability #Boolean variables = 4800 #Boolean variables = 4800 #Real variables = 100 #Boolean constraints = 7000 Under attack - no protection Under attack - with protection 13 Pierluigi Nuzzo, USC

  14. Outline Reasoning About Software and Dynamics: Satisfiability Modulo Convex Programming (SMC) Principled System-Level Design of Hardware Obfuscation: Obfuscation Design Space Exploration Engine (ODSEE) Conclusions 14 Pierluigi Nuzzo, USC

  15. Trusted Platform Via IC Obfuscation Traditional Design Flow Obfuscation ▪ Circuit obfuscation is a Design IP Specifications potentially viable Trust Source Code solution, however External IP • No common metrics exist to Functional Verification evaluate techniques • Camouflaged Gates No design tools exist to Keyed Logic Synthesis Which IP? Where? guide and validate implementation. Placement and Routing ▪ Mirage Project: A tool set which treats Timing Analysis obfuscation as a first class design constraint and relate it to system-level concerns Backend Checks A scientifically based, systematic development What are the metrics? and verification environment for hardware How secure is it? obfuscation security Secure Device? DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited 15

  16. Example: Logic Locking (Encryption) Sample Locked Circuit [Yasin TCAD 2015] Attack progression timeline [Rajendran, ECLIPSE, 2018] [Jin, Feb 2019] DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited 16

  17. ODSEE’s Architecture UART SHA256 MD5 RSA RAM RAM Top-level Security & Netlist DES3 Overhead Specs DSP GPS AES Constraints Formalization Obf. 1 Obf. 2 Obf. 3 Optimization-Based Selection Obf. 4 Obfuscation Library UART UART SHA256 SHA256 MD5 MD5 Obfuscated RSA RSA Netlist RAM RAM DES3 DES3 DSP DSP GPS GPS AES AES DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited 17

  18. Security Specifications: Disentangling Functional and Structural Properties of Circuits ODSEE rethinks the taxonomy and Top-level Security Netlist & Overhead Specs metrics for capturing security requirements: • What would we like to protect? Obf. 1 • Constraints Formalization Logic/functional properties Obf. 2 • Output/functional Obf. 3 corruptibility Optimization-Based Selection Obf. 4 • SAT-attack resiliency Obfuscation • Structural properties Library Obfuscated • … Netlist • What is the attack model? • Targets logic properties: e.g., SAT attack, Approximate SAT- based attacks, … • Targets structural properties: e.g., removal attack DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited 18

  19. Obfuscation Library: Disentangling Functional and Structural Properties of Obfuscation Schemes ODSEE rethinks the taxonomy and Top-level Security metrics for modeling obfuscation Netlist & Overhead Specs schemes: • Targeting high error rates • XOR/XNOR based: e.g., Fault-based Obf. 1 analysis Logic Locking (FLL), Constraints Formalization Random Logic Locking (RLL), Strong Obf. 2 Logic Locking, … Obf. 3 • LUT based Optimization-Based Selection • Obf. 4 … Obfuscation Library • Targeting SAT resilience Obfuscated • SARLock Netlist • Anti-SAT • … • Targeting structural attacks • Hybrid schemes targeting a mixture of metrics DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited 19

  20. Obfuscation Library: Accurately Representing Implementation Aspects of Obfuscation Schemes ODSEE incorporates accurate circuit- Top-level Security Netlist & Overhead Specs aware compact models of obfuscation techniques, their effectiveness, and their cost Obf. 1 Constraints Formalization Obf. 2 Obf. 3 Optimization-Based Selection Obf. 4 Relative error is below 30% for most cases Obfuscation Library Obfuscated Netlist 18619 gates 𝑢 𝑇𝐵𝑆𝑀𝑝𝑑𝑙 ≈ 𝛾𝐻 ⋅ 2 2𝐿 + 2 𝛿𝐻 K is the number of key bits G is the gate count DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited 20

  21. Mapping Specifications to Implementations: Constraint-Driven Logic Locking (CDLL) ODSEE captures constraints from Top-level Security Netlist & Overhead Specs different concerns and obfuscation schemes using a uniform language Obf. 1 • Constraints from fault analysis Constraints Formalization Obf. 2 • Conditions on controllability Obf. 3 and observability Optimization-Based Selection Obf. 4 • Conditions involving fan- Obfuscation Library in/fan-out cones Obfuscated Netlist • Can protect specific input patterns Current ODSEE implementation is • Can identify and select specific based on mixed integer linear locations in the netlist constraints and leverages • Enables hybrid obfuscation mathematical programming to select Pareto optimal obfuscation schemes DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited 21

  22. Conclusions Orchestrating billions of devices around our body, transportation systems, critical infrastructures, and the planet presents unprecedented design challenges High-assurance cyber-physical system design will require cross-disciplinary, cross-layer approaches SMC and ODSEE are formal frameworks that enable reasoning across the algorithms/HW/physical boundaries 22 Pierluigi Nuzzo, USC

  23. Thank you. 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Trustworthy Design Architecture: Cyber- Physical System Peter Choi, PhD, CISSP, CSSLP Sandia

Trustworthy Design Architecture: Cyber- Physical System Peter Choi, PhD, CISSP, CSSLP Sandia

d Trustworthy Design Architecture: Cyber- Physical System Peter Choi, PhD, CISSP, CSSLP Sandia National Laboratories Adrian Chavez Sandia National Laboratories Sandia National Laboratories is a multimission laboratory managed and operated

415 views • 19 slides
Presentations Power Grid TCIP: Trustworthy Cyber Infrastructure for Power Secure and Reliable

Presentations Power Grid TCIP: Trustworthy Cyber Infrastructure for Power Secure and Reliable

Trustworthy Cyber Infrastructure for the Presentations Power Grid TCIP: Trustworthy Cyber Infrastructure for Power Secure and Reliable Computing Base Presenters: Sean Smith, Ravi Iyer, and Carl Gunter TCIP Year 1 Review, December 11, 2006

346 views • 17 slides
Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical

Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical systems Intermediate talk for the Masters

740 views • 25 slides
Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele

Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele

PhD Thesis Defense 2019 @ SUTD Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele Antonioli Singapore University of Technology and Design (SUTD) Daniele Antonioli Design, Implementation, and Evaluation

1.12k views • 77 slides
Cyber-Physical System Design Automation: A Tale of Platforms and Contracts Pierluigi Nuzzo Ming

Cyber-Physical System Design Automation: A Tale of Platforms and Contracts Pierluigi Nuzzo Ming

From Electronic Design Automation to Cyber-Physical System Design Automation: A Tale of Platforms and Contracts Pierluigi Nuzzo Ming Hsieh Department of Electrical and Computer Engineering University of Southern California, Los Angeles

549 views • 21 slides
Responding To and Managing Cyber (and Physical) Events Bill Sanders Number of Activities: 6

Responding To and Managing Cyber (and Physical) Events Bill Sanders Number of Activities: 6

Responding To and Managing Cyber (and Physical) Events Bill Sanders Number of Activities: 6 2012 Industry Workshop October 30, 2012 | 1 TCIPG Technical Clusters and Threads Trustworthy Technologies Trustworthy Technologies Responding To and

396 views • 11 slides
Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models, Fundamental Limitations, and Monitor Design Fabio Pasqualetti Florian D orfler Francesco Bullo Center for Control, Dynamical systems and Computation

994 views • 11 slides
Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and

Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and

Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and CSP Semantics Zhou Lu and Jan Broenink Robotics and Mechatronics, University of Twente 22 Aug, 2017 Introduction - Context Cyber-Physical

784 views • 31 slides
Cyber-Physical Systems 07/24/2019 Heechul Yun University of Kansas 1 Modern Cyber-Physical

Cyber-Physical Systems 07/24/2019 Heechul Yun University of Kansas 1 Modern Cyber-Physical

Micro-Architectural Attacks on Cyber-Physical Systems 07/24/2019 Heechul Yun University of Kansas 1 Modern Cyber-Physical Systems Cyber Physical Systems (CPS) Cyber (Computer) + Physical (Plant) Real-time Control physical

310 views • 29 slides
ARTINALI: Dynamic Invariant Detec4on for Cyber-Physical System Security Maryam Raiyat Aliabadi,

ARTINALI: Dynamic Invariant Detec4on for Cyber-Physical System Security Maryam Raiyat Aliabadi,

ARTINALI: Dynamic Invariant Detec4on for Cyber-Physical System Security Maryam Raiyat Aliabadi, Amita Kamath, Julien Gascon-Samson, Karthik Pa8abiraman Cyber-Physical Systems Distributed Controllers C2 C3 C1 Network a1 s2 s1 a2 Physical

482 views • 19 slides
Versioning in Cyber-Physical Production System Engineering Best-Practice and Research Agenda

Versioning in Cyber-Physical Production System Engineering Best-Practice and Research Agenda

International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS) Versioning in Cyber-Physical Production System Engineering Best-Practice and Research Agenda Richard Mordinyi and Stefan Biffl Christian- Doppler

190 views • 7 slides
Presentations TCIP: Trustworthy Cyber Infrastructure for Power y y Overview Presented by:

Presentations TCIP: Trustworthy Cyber Infrastructure for Power y y Overview Presented by:

Trustworthy Cyber Infrastructure for the Power Grid Presentations TCIP: Trustworthy Cyber Infrastructure for Power y y Overview Presented by: William H. Sanders TCIP Industry Workshop, October 17, 2007 University of Illinois

303 views • 9 slides
Presentations Power Grid TCIP: Trustworthy Cyber Infrastructure for Power Quantitative &

Presentations Power Grid TCIP: Trustworthy Cyber Infrastructure for Power Quantitative &

Trustworthy Cyber Infrastructure for the Presentations Power Grid TCIP: Trustworthy Cyber Infrastructure for Power Quantitative & Qualitative Evaluation Presented by David Nicol TCIP Year 1 Review, December 11, 2006 University of

274 views • 13 slides
Reconfiguration in Cyber-Physical Systems Sebastian Wtzoldt System Analysis and Modeling Group

Reconfiguration in Cyber-Physical Systems Sebastian Wtzoldt System Analysis and Modeling Group

Reconfiguration in Cyber-Physical Systems Sebastian Wtzoldt System Analysis and Modeling Group Prof. Holger Giese Motivation: Reconfiguration in Cyber-Physical Systems 2 Cyber-Physical Systems (CPS) are integrations of computation

1.16k views • 30 slides
Presentations Trustworthy Cyber Infrastructure for Power (TCIP) Protection Detection and

Presentations Trustworthy Cyber Infrastructure for Power (TCIP) Protection Detection and

Trustworthy Cyber Infrastructure for the Power Grid Presentations Trustworthy Cyber Infrastructure for Power (TCIP) Protection Detection and Response Mechanisms Klara Nahrstedt , Illinois , Zbigniew Kalbarczyk , Illinois University of

256 views • 15 slides
Presentations TCIP: Trustworthy Cyber Infrastructure for Power Focus Area: Quantitative &

Presentations TCIP: Trustworthy Cyber Infrastructure for Power Focus Area: Quantitative &

Trustworthy Cyber Infrastructure for the Power Grid Presentations TCIP: Trustworthy Cyber Infrastructure for Power Focus Area: Quantitative & Qualitative Evaluation Presented by: David M. Nicol TCIP Industry Meeting, October 17, 2007

407 views • 12 slides
An Overview of the AI Safety Landscape Workshop on Reliable Artificial Intelligence 2017, ETH

An Overview of the AI Safety Landscape Workshop on Reliable Artificial Intelligence 2017, ETH

http://ea-foundation.org An Overview of the AI Safety Landscape Workshop on Reliable Artificial Intelligence 2017, ETH Zurich Max Daniel Research Project Manager, Effective Altruism Foundation https://blog.openai.com/faulty-reward-functions/

576 views • 15 slides
Improved read/write cost tradeoff in DNA-based data storage using LDPC codes Shubham Chandak

Improved read/write cost tradeoff in DNA-based data storage using LDPC codes Shubham Chandak

Improved read/write cost tradeoff in DNA-based data storage using LDPC codes Shubham Chandak Stanford University Allerton 2019 Outline Motivation DNA storage setup Theoretical analysis Proposed framework Results

835 views • 49 slides
Optimal Control and Estimation, Chapters 1 and 2 H Brendan McMahan Carnegie Mellon University

Optimal Control and Estimation, Chapters 1 and 2 H Brendan McMahan Carnegie Mellon University

Optimal Control and Estimation, Chapters 1 and 2 H Brendan McMahan Carnegie Mellon University www.cs.cmu.edu/mcmahan October 17, 2002 Outline 1. The optimal control problem: Modeling dynamic Systems 2. Introduction to Laplace Transforms

769 views • 20 slides
zfso.TT General p spin model Hulot the centered Gaussian with yN EE l I ELHnlolH.de f Ngc

zfso.TT General p spin model Hulot the centered Gaussian with yN EE l I ELHnlolH.de f Ngc

Sherrington Kirkpatrick model Hn Ily R 6 Wo Wn GOEIN HN 161 21 j W La G 1Gt o N 10,1 Gigi N centered Hw 16 Gaussian process oey yw ELHnldthd D zfso.TT General p spin model Hulot the centered Gaussian with yN EE l I ELHnlolH.de f

514 views • 5 slides
Computable Lower Bounds for Capacities of Input-Driven Finite-State Channels V. Arvind Rameshwar

Computable Lower Bounds for Capacities of Input-Driven Finite-State Channels V. Arvind Rameshwar

Background Ideas and Directions Single-Letter Lower Bound Applications Future Work Computable Lower Bounds for Capacities of Input-Driven Finite-State Channels V. Arvind Rameshwar Navin Kashyap Department of Electrical Communication

768 views • 72 slides
sr s t r P

sr s t r P

sr s t r P t rs s

781 views • 59 slides
AlphaGo, etc. Lab 4 Due Feb. 29 (you have two weeks 1.5 remaining) new game0.py

AlphaGo, etc. Lab 4 Due Feb. 29 (you have two weeks 1.5 remaining) new game0.py

AlphaGo, etc. Lab 4 Due Feb. 29 (you have two weeks 1.5 remaining) new game0.py with show_values for debugging Exam on Tuesday in lab I sent out a topics list last night. On Monday in lecture, well be doing review

699 views • 15 slides
Semi-leptonic and Dileptonic Top-Quark Decays at ATLAS Raphael Mameghani IMPRS/GK Young

Semi-leptonic and Dileptonic Top-Quark Decays at ATLAS Raphael Mameghani IMPRS/GK Young

Semi-leptonic and Dileptonic Top-Quark Decays at ATLAS Raphael Mameghani IMPRS/GK Young Scientist Workshop at Ringberg 23rd July 2007 1/ 25 Outline 1 Top pair production at LHC & ATLAS 2 Ratio of semileptonic and fully leptonic decays

593 views • 25 slides

More recommend