Showing 1–6 of 6 results for author: Koley, I

Enhancing Attack Resilience in Real-Time Systems through Variable Control Task Sampling Rates

Authors: Arkaprava Sain, Sunandan Adhikary, Ipsita Koley, Soumyajit Dey

Abstract: Cyber-physical systems (CPSs) in modern real-time applications integrate numerous control units linked through communication networks, each responsible for executing a mix of real-time safety-critical and non-critical tasks. To ensure predictable timing behaviour, most safety-critical tasks are scheduled with fixed sampling periods, which supports rigorous safety and performance analyses. However,… ▽ More Cyber-physical systems (CPSs) in modern real-time applications integrate numerous control units linked through communication networks, each responsible for executing a mix of real-time safety-critical and non-critical tasks. To ensure predictable timing behaviour, most safety-critical tasks are scheduled with fixed sampling periods, which supports rigorous safety and performance analyses. However, this deterministic execution can be exploited by attackers to launch inference-based attacks on safety-critical tasks. This paper addresses the challenge of preventing such timing inference or schedule-based attacks by dynamically adjusting the execution rates of safety-critical tasks while maintaining their performance. We propose a novel schedule vulnerability analysis methodology, enabling runtime switching between valid schedules for various control task sampling rates. Leveraging this approach, we present the Multi-Rate Attack-Aware Randomized Scheduling (MAARS) framework for preemptive fixed-priority schedulers, designed to reduce the success rate of timing inference attacks on real-time systems. To our knowledge, this is the first method that combines attack-aware schedule randomization with preserved control and scheduling integrity. The framework's efficacy in attack prevention is evaluated on automotive benchmarks using a Hardware-in-the-Loop (HiL) setup. △ Less

Submitted 14 November, 2024; v1 submitted 1 August, 2024; originally announced August 2024.

Comments: 12 pages including references, Total 10 figures (with 3 having subfigures)

Concealing CAN Message Sequences to Prevent Schedule-based Bus-off Attacks

Authors: Sunandan Adhikary, Ipsita Koley, Arkaprava Sain, Soumyadeep das, Shuvam Saha, Soumyajit Dey

Abstract: This work focuses on eliminating timing-side channels in real-time safety-critical cyber-physical network protocols like Controller Area Networks (CAN). Automotive Electronic Control Units (ECUs) implement predictable scheduling decisions based on task level response time estimation. Such levels of determinism exposes timing information about task executions and therefore corresponding message tra… ▽ More This work focuses on eliminating timing-side channels in real-time safety-critical cyber-physical network protocols like Controller Area Networks (CAN). Automotive Electronic Control Units (ECUs) implement predictable scheduling decisions based on task level response time estimation. Such levels of determinism exposes timing information about task executions and therefore corresponding message transmissions via the network buses (that connect the ECUs and actuators). With proper analysis, such timing side channels can be utilized to launch several schedule-based attacks that can lead to eventual denial-of-service or man-in-the-middle-type attacks. To eliminate this determinism, we propose a novel schedule obfuscation strategy by skipping certain control task executions and related data transmissions along with random shifting of the victim task instance. While doing this, our strategy contemplates the performance of the control task as well by bounding the number of control execution skips. We analytically demonstrate how the attack success probability (ASP) is reduced under this proposed attack-aware skipping and randomization. We also demonstrate the efficacy and real-time applicability of our attack-aware schedule obfuscation strategy Hide-n-Seek by applying it to synthesized automotive task sets in a real-time Hardware-in-loop (HIL) setup. △ Less

Submitted 15 June, 2023; originally announced June 2023.

Exploring The Resilience of Control Execution Skips against False Data Injection Attacks

Authors: Ipsita Koley, Sunandan Adhikary, Soumyajit Dey

Abstract: Modern Cyber-Physical Systems (CPSs) are often designed as networked, software-based controller implementations which have been found to be vulnerable to network-level and physical level attacks. A number of research works have proposed CPS-specific attack detection schemes as well as techniques for attack resilient controller design. However, such schemes also incur platform-level overheads. In t… ▽ More Modern Cyber-Physical Systems (CPSs) are often designed as networked, software-based controller implementations which have been found to be vulnerable to network-level and physical level attacks. A number of research works have proposed CPS-specific attack detection schemes as well as techniques for attack resilient controller design. However, such schemes also incur platform-level overheads. In this regard, some recent works have leveraged the use of skips in control execution to enhance the resilience of a CPS against false data injection (FDI) attacks. In this paper, we provide an analytical discussion on when and how skipping a control execution can improve the resilience of the system against FDI attacks while maintaining the control performance requirement. We also propose a methodology to synthesize such optimal control execution patterns. To the best of our knowledge, no previous work has provided any quantitative analysis about the trade-off between attack resilience and control performance for such aperiodic control execution. Finally, we evaluate the proposed method on several safety-critical CPS benchmarks. △ Less

Submitted 16 July, 2022; originally announced July 2022.

A CAD Framework for Simulation of Network Level Attack on Platoons

Authors: Ipsita Koley, Sunandan Adhikary, Rohit Rohit, Soumyajit Dey

Abstract: Recent developments in the smart mobility domain have transformed automobiles into networked transportation agents helping realize new age, large-scale intelligent transportation systems (ITS). The motivation behind such networked transportation is to improve road safety as well as traffic efficiency. In this setup, vehicles can share information about their speed and/or acceleration values among… ▽ More Recent developments in the smart mobility domain have transformed automobiles into networked transportation agents helping realize new age, large-scale intelligent transportation systems (ITS). The motivation behind such networked transportation is to improve road safety as well as traffic efficiency. In this setup, vehicles can share information about their speed and/or acceleration values among themselves and infrastructures can share traffic signal data with them. This enables the connected vehicles (CVs) to stay informed about their surroundings while moving. However, the inter-vehicle communication channels significantly broaden the attack surface. The inter-vehicle network enables an attacker to remotely launch attacks. An attacker can create collision as well as hamper performance by reducing the traffic efficiency. Thus, security vulnerabilities must be taken into consideration in the early phase of the development cycle of CVs. To the best of our knowledge, there exists no such automated simulation tool using which engineers can verify the performance of CV prototypes in the presence of an attacker. In this work, we present an automated tool flow that facilitates false data injection attack synthesis and simulation on customizable platoon structure and vehicle dynamics. This tool can be used to simulate as well as design and verify control-theoretic light-weight attack detection and mitigation algorithms for CVs. △ Less

Submitted 2 May, 2022; originally announced May 2022.

Skip to Secure: Securing Cyber-physical Control Loops with Intentionally Skipped Executions

Authors: Sunandan Adhikary, Ipsita Koley, Sumana Ghosh, Saurav Kumar Ghosh, Soumyajit Dey, Debdeep Mukhopadhyay

Abstract: We consider the problem of provably securing a given control loop implementation in the presence of adversarial interventions on data exchange between plant and controller. Such interventions can be thwarted using continuously operating monitoring systems and also cryptographic techniques, both of which consume network and computational resources. We provide a principled approach for intentional s… ▽ More We consider the problem of provably securing a given control loop implementation in the presence of adversarial interventions on data exchange between plant and controller. Such interventions can be thwarted using continuously operating monitoring systems and also cryptographic techniques, both of which consume network and computational resources. We provide a principled approach for intentional skipping of control loop executions which may qualify as a useful control theoretic countermeasure against stealthy attacks which violate message integrity and authenticity. As is evident from our experiments, such a control theoretic counter-measure helps in lowering the cryptographic security measure overhead and resulting resource consumption in Control Area Network (CAN) based automotive CPS without compromising performance and safety. △ Less

Submitted 16 July, 2020; originally announced July 2020.

Comments: 9 pages

Formal Synthesis of Monitoring and Detection Systems for Secure CPS Implementations

Authors: Ipsita Koley, Saurav Kumar Ghosh, Soumyajit Dey, Debdeep Mukhopadhyay, Amogh Kashyap K N, Sachin Kumar Singh, Lavanya Lokesh, Jithin Nalu Purakkal, Nishant Sinha

Abstract: We consider the problem of securing a given control loop implementation of a cyber-physical system (CPS) in the presence of Man-in-the-Middle attacks on data exchange between plant and controller over a compromised network. To this end, there exist various detection schemes that provide mathematical guarantees against such attacks for the theoretical control model. However, such guarantees may not… ▽ More We consider the problem of securing a given control loop implementation of a cyber-physical system (CPS) in the presence of Man-in-the-Middle attacks on data exchange between plant and controller over a compromised network. To this end, there exist various detection schemes that provide mathematical guarantees against such attacks for the theoretical control model. However, such guarantees may not hold for the actual control software implementation. In this article, we propose a formal approach towards synthesizing attack detectors with varying thresholds which can prevent performance degrading stealthy attacks while minimizing false alarms. △ Less

Submitted 27 February, 2020; originally announced February 2020.

Comments: 4 Pages, Date 2019 Poster Presentation