Restart-based Cyber-physical System Design (ReSecure)

Team Members: Sibin Mohan, Chien-Ying Chen, Monowar Hasan

Collaborators: Fardin Abdi, Marco Caccamo

---

Physical plants that form the core of the Cyber-Physical Systems (CPS) often have stringent safety requirements. Recent attacks have shown that cyber intrusions can result in the safety of such plants being compromised - thus leading to physical damage. In this paper, we demonstrate how to ensure safety of the plant even when the system gets compromised. We leverage the fact that due to inertia, an adversary cannot destabilize the physical system (even with complete control of the software) in an instantaneous manner; in fact, it often takes finite (even considerable time). This property, coupled with system-wide restarts is used to enforce a secure (and safe) operational window for the system. A hardware root-of-trust, further decreases the ability for attackers to compromise our mechanisms. We demonstrate our approach using two realistic systems - a 3 degree of freedom (3-DoF) helicopter and a simulated warehouse temperature control unit. We also show that our system is robust against multiple emulated attacks - essentially the attackers are not able to compromise the safety of the CPS.

Related Publications:

• Abdi, F., Chen, C.Y., Hasan, M., Liu, S., Mohan, S. and Caccamo, M., “Guaranteed physical security with restart-based design for cyber-physical systems.” Proceedings of the 9th ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS). IEEE Press, 2018.
• Abdi, F., Hasan, M., Mohan, S., Agarwal, D. and Caccamo, M., “ReSecure: A restart-based security protocol for tightly actuated hard real-time systems.” IEEE CERTS (2016): 47-54.