|
Cyber Resiliency for Critical Cyber Physical Systems
Navy STTR FY2015.A
| Sol No.: |
Navy STTR FY2015.A |
| Topic No.: |
N15A-T022 |
| Topic Title: |
Cyber Resiliency for Critical Cyber Physical Systems |
| Proposal No.: |
N15A-022-0015 |
| Firm: |
GrammaTech, Inc
531 Esty Street
Ithaca, New York 14850 |
| Contact: |
Zak Fry |
| Phone: |
(607) 273-7340 |
| Abstract: |
Cyber physical systems are ubiquitous in the modern world; they control transportation, energy, military, medical, and manufacturing infrastructures. Cyber resiliency remains a problem in these systems that rely on both functional and real-time specifications to meet physical, and often safety-critical, goals. We propose a system that integrates existing software strengthening tools (e.g., automated program repair and software hardening) with practical static real-time specification checking to enhance the functional robustness of the target systems while ensuring continued schedulability and real-time specification adherence. The underlying techniques will benefit in a dual fashion: we propose enhancements to the scalability and extensibility of static runtime calculation and consequently will improve upon state-of-the-art software strengthening techniques (in terms of program validation and performance), thus expanding their applicability to operate on the targeted cyber physical systems. The resulting framework will help to guard against both known and unknown vulnerabilities in these critical systems while accounting for schedulability, thus enhancing their cyber resiliency in practice. |
| Benefits: |
The proposed work will result in a software strengthening framework that remediates known and unknown vulnerabilities in cyber physical systems. This brings known-effective program repair and hardening techniques into the sphere of real-time applications to ensure both functional and runtime specifications are met. As the size and complexity of systems increase, so does the software maintenance burden; the proposed framework will reduce the human burden associated with finding and patching vulnerabilities in systems with real-time and physical goals. We expect that the immediate beneficiaries will be numerous, including, for instance, government agencies (especially the Department of Defense), automotive and aerospace manufacturers, and tele-communications and energy providers. As cyber physical systems become even more common, we anticipate that the associated software strengthening techniques will spread to a wider commercial base of consumers for whom cyber resiliency is important. |
Return
|