NSF Award: Protecting Against Cyber Attacks
At his office desk computer in Dreese Labs, Gupta points out the problem. He plays a short You Tube video showing what can happen if a hacker takes control over of a power plant. In short, the whole facility is soon enveloped by a cloud of black smoke and shuts down.
“So, it can happen,” Gupta said. “Anyone with internet access can hack in.”
Fortunately, in this case, the video is a staged cyber attack performed by the Department of Homeland Security back in 2007.
As part of his award from the NSF Computer and Network Systems Division, over the next two years Gupta will receive $174,994 from the Computer and Information Science and Engineering (CISE) Research Initiation Initiative (CRII) Program to delve further into his proposal, “CRII: CPS SaTC: Securing Smart Cyberphysical Systems against Man-in-the-Middle Attacks.”
According to his research abstract, Gupta said cyber-physical systems have increasingly become top targets for hackers around the world.
“We are also seeing proliferation of internet-connected critical infrastructures that allow for easy monitoring, visualization, and control,” Gupta writes.
In February 2013, President Obama even signed the executive order, "Improving Critical Infrastructure Cybersecurity," to underscore the urgent need for securing such critical infrastructure against malicious attacks.
As Principal Investigator on the project, Gupta is using the foundational theory of decentralized optimal control, cryptography, network security, and game theory to design encryption-decryption-control strategies for large-scale infrastructures. His winning proposal is centered upon developing mathematical tools and approaches to design secure communication protocol in tandem with smart control algorithms, further protecting cyber-physical systems. He is leveraging research in network security and optimization to devise the algorithms, which optimize system performance and provide immunity against a wide class of cyber-attacks.
Gupta and his students are now creating a testbed on which the designed algorithms are replicated.
“The broader impact of the project is to introduce novel mathematical methods for designing secure systems and forming new collaborations cutting across various disciplines,” he said. “The project is also training a graduate student and two undergraduate students (to assist).”
Gupta said he expects their results will ultimately provide a case study for future undergraduate classes to take part in as well.
Outside of the classroom, the project aims at increasing public awareness about the cybersecurity of critical infrastructures among the next generation of engineers and scientists.
“This is among the first projects to extensively investigate the joint design of encryption-decryption and optimal control strategies,” Gupta said.
Because control systems are inherently ever-changing, Gupta said, the cryptographic key used for encrypting the data is changed to reflect those dynamics and help reduce the possibility of leakage of information to any hackers. Under this research, if a controller senses tampering of data, then the algorithm acts in a manner that guarantees system stability and performance.
He said it also takes into account errors introduced in the channel due to attacks, delays due to encryption-decryption protocol, and real-time communication and computational constraints imposed by real-time operating systems.
“The algorithms … are expected to be resilient to attacks and will be able to adapt to changing system parameters,” he said.
For more information, read the full NSF award abstract: HERE
