Team Members: Sibin Mohan, Chien-Ying Chen, Monowar Hasan
Collaborators: Fardin Abdi, Marco Caccamo
Physical plants that form the core of the Cyber-Physical Systems (CPS) often have stringent safety requirements. Recent attacks have shown that cyber intrusions can result in the safety of such plants being compromised - thus leading to physical damage. In this paper, we demonstrate how to ensure safety of the plant even when the system gets compromised. We leverage the fact that due to inertia, an adversary cannot destabilize the physical system (even with complete control of the software) in an instantaneous manner; in fact, it often takes finite (even considerable time). This property, coupled with system-wide restarts is used to enforce a secure (and safe) operational window for the system. A hardware root-of-trust, further decreases the ability for attackers to compromise our mechanisms. We demonstrate our approach using two realistic systems - a 3 degree of freedom (3-DoF) helicopter and a simulated warehouse temperature control unit. We also show that our system is robust against multiple emulated attacks - essentially the attackers are not able to compromise the safety of the CPS.