An official website of the United States government
The adoption of digital technology in industrial control systems (ICS) enables improved control over operation, ease of system diagnostics and reduction in cost of maintenance of cyber physical systems (CPS). However, digital systems expose CPS to cyber-attacks. The problem is grave since these cyber-attacks can lead to cascading failures affecting safety in CPS. Unfortunately, the relationship between safety events and cyber-attacks in ICS is ill-understood and how cyber-attacks can lead to cascading failures affecting safety. Consequently, CPS operators are ill-prepared to handle cyber-attacks on their systems. In this work, we envision adopting Explainable AI to assist CPS oper-ators in analyzing how a cyber-attack can trigger safety events in CPS and then interactively determining potential approaches to mitigate those threats. We outline the design of a formal framework, which is based on the notion of transition systems, and the associated toolsets for this purpose. The transition system is represented as an AI Planning problem and adopts the causal formalism of human reasoning to asssit CPS operators in their analyses. We discuss some of the research challenges that need to be addressed to bring this vision to fruition.
more »
« less
Understanding Digital-Safety Experiences of Youth in the U.S.
The seamless integration of technology into the lives of youth has raised concerns about their digital safety. While prior work has explored youth experiences with physical, sexual, and emotional threats—such as bullying and trafficking—a comprehensive and in-depth understanding of the myriad threats that youth experience is needed. By synthesizing the perspectives of 36 youth and 65 adult participants from the U.S., we provide an overview of today’s complex digital-safety landscape. We describe attacks youth experienced, how these moved across platforms and into the physical world, and the resulting harms. We also describe protective practices the youth and the adults who support them took to prevent, mitigate, and recover from attacks and key barriers to doing this effectively. Our findings provide a broad perspective to help improve digital safety for youth and set directions for future work.
more »
« less
- Award ID(s):
- 2006588
- PAR ID:
- 10416813
- Date Published:
- Journal Name:
- Proceedings of the 2023 CHI Conference on Human Factors and Computing Systems
- Page Range / eLocation ID:
- 1 to 15
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Prevention of integrated circuit counterfeiting through logic locking faces the fundamental challenge of securing an obfuscation key against both physical and algorithmic threats. Previous work has focused on strengthening the logic encryption to protect the key against algorithmic attacks, but failed to provide adequate physical security. In this work, we propose a logic locking scheme that leverages the non-volatility of the nanomagnet logic (NML) family to achieve both physical and algorithmic security. Polymorphic NML minority gates protect the obfuscation key against algorithmic attacks, while a strain-inducing shield surrounding the nanomagnets provides physical security via a self-destruction mechanism.more » « less
-
In this work, a high-fidelity virtual testbed modeling a networked diesel generator, similar to those used commercially and by the military, is described. This testbed consists of a physical system model of a generator, a digital control system, a remote monitoring system, and physical and networked connections. The virtual testbed allows researchers to emulate a cyber-physical system and perform cyber attacks against the system without the monetary and safety risks associated with a testbed created from physical components. The testbed was used to feasibly simulate network, hardware Trojan, and software Trojan attacks against the diesel generator, and to observe the cyber and physical outcomes.more » « less
-
With advances in sensing, networking, and computing, smart medical devices have been widely deployed in various clinical settings. However, cyber attacks on hospital networks and critical medical devices are serious threats to patient safety, security, and privacy. This paper studies the cyber-security attacks that target hospital networks and other interconnected clinical environments. Our goal is to characterize threat models in such environments by studying the public data from vulnerability databases on medical devices and reports on real attacks targeted at hospital networks. We use a keyword-based approach to identify security reports on medical devices. We summarize our observations from the analysis of the vulnerability reports and provide insights into the types and impacts of vulnerabilities.more » « less
-
Zero-day vulnerabilities pose a significant challenge to robot cyber-physical systems (CPS). Attackers can exploit software vulnerabilities in widely-used robotics software, such as the Robot Operating System (ROS), to manipulate robot behavior, compromising both safety and operational effectiveness. The hidden nature of these vulnerabilities requires strong defense mechanisms to guarantee the safety and dependability of robotic systems. In this paper, we introduce ROBOCOP, a cyber-physical attack detection framework designed to protect robots from zero-day threats. ROBOCOP leverages static software features in the pre-execution analysis along with runtime state monitoring to identify attack patterns and deviations that signal attacks, thus ensuring the robot’s operational integrity. We evaluated ROBOCOP on the F1-tenth autonomous car platform. It achieves a 93% detection accuracy against a variety of zero-day attacks targeting sensors, actuators, and controller logic. Importantly, in on-robot deployments, it identifies attacks in less than 7 seconds with a 12% computational overhead.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1145/3544548.3581128
