Formal Security Analysis of Industrial IoT (IIoT) Systems

Project (6): Formal Security Analysis of Industrial IoT (IIoT) Systems

A typical control loop of Industrial IoT (IIoT) system involves acquiring measurement data from the sensors/ physical devices and applying it to the controllers, while delivering commands from the controllers to the actuators/physical devices. Cyberattacks like denial of service, false data injection, or accidental/ technical failures may cause failed or altered data transmission, leading to an incorrect estimation of the system as well as incorrect control commands toward physical devices, leading the system into a non-optimal or malicious state. The empirical analysis of these security attacks are overwhelming. Formal analysis of security properties has been proven to be efficient to proactively and provably identify potential threats. In this project, the REU students will model and develop a formal analyzer to assess the resiliency of an IIoT network. The smart additive manufacturing (3D printing) system will be used as the case study.

False Data Injection (FDI) Attack Analysis on the Controller. The sensor data can be altered to control the corrective measures of the QA controller maliciously to reach an attack objective, e.g., creating a specific distorted object. In this year, the REU student will learn the relation between the sensor data (the changes), the corrective measures, and the attack goal. The student will study if a formal framework can be produced through this relation.

Qualifications: High motivation in research with programming skill, especially in C/C++, C#, or Python.

Mentor: TBD (TBD)