High-assurance software for autonomous ground systems
|
|
- Joan Taylor
- 5 years ago
- Views:
Transcription
1 High-assurance software for autonomous ground systems Aleksey Nogin HRL Laboratories, LLC December 15, 2016 Acknowledgment: This material is based upon work supported by the United States Air Force and DARPA, under contract number FA C Disclaimer: The views, opinions, and/or findings expressed are those of the author(s) and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government.
2 HACMS Goal: High-Assurance Cyber-Physical Systems The HACMS program is creating technology for the construction of high-assurance cyber-physical systems HACMS utilizes formal methods to create mathematical proofs about properties of software = 5 2 Testing shows the presence, not the absence of bugs -Edsger Dijkstra 1969 Software that does what it is supposed to and nothing else Being able to trust the math rather than needing to trust programmers and testers
3 HACMS Performers are Utilizing a Variety of Techniques Code Synthesis Domain Specific Languages (DSLs) Interactive Theorem Prover as PL CMU, Galois, Kestrel, NICTA, SRI, UPenn Performers CMU, Galois, Kestrel, UPenn Kestrel, NICTA, Princeton, UPenn, HRL s Mixed Assurance Software Toolchain (MAST) for Integration of HACMS Components
4 Applying HACMS to Ground Vehicles Proof-of-Concept Integration and Testing of HACMS Software Components Integration of HACMS Tools and Techniques HACMS implementation of a proof-ofconcept cruise controller Autonomous Mobility Appliqué System
5 Resilient Software for Cyber-Physical Systems Resilience against malicious digital interference WMA file with malformed metadata Get into victim s hands through social engineering Buffer overflow in the media player metadata parser Propagate over CAN buses through other vulnerable ECUs Attacker has the full control of the car. Resilience against malicious physical interference Front Wheels Rear Wheels GPS Images courtesy: WMA Free icon CC BY from CAN bus image CC BY-SA 3.0 from CARTOON DEVIL HEAD by luyzit0 CC BY-ND 3.0 from Engine RPM Engine Noise Gear
6 Control Algorithms Synthesizing High-Assurance Control with KeYmaera X and Spiral KeYmaera X (CMU) + Spiral (SpiralGen) Toolchain The dynamcis + control algorithms yield a hybrid automaton Vehicle Dynamics KeYmaeraX Safety properties of hybrid automata are verified in the KeYmaeraX prover Spiral.c Control and monitoring algorithms are then sent to the Spiral tool, which, via a verified procedure, transforms these into high performance C code We used KeYmaeraX to verify safety properties (e.g., role-over prevention) of control algorithms for autonomous vehicle functionality We integrated Spiral generated C code (e.g., obstacle avoidance) on a car Formally verified high-performance control code is being synthesized from high-level specifications
7 Protecting High-Assurance Control Code with Microkernel / Micro-Hypervisor Microkernel requires a very small trusted code base Most of the services / drivers / etc are in user space Provides provable isolation between partitions Partitions can only affect each other through pre-defined communication channels Only the Gateway can access the CAN hardware Hypervisor capabilities provides virtualization for the legacy OS We are collaborating with two teams that are developing such solutions: Yale CertiKOS (used in passenger car integration, ) CSIRO (formerly NICTA) (Australia) sel4 (using in truck integration, 2015-)
8 Integrating High-Assurance Control Code with other High-Assurance Modules Gateway makes sure only legitimate traffic makes it to and off the box Definition of legitimate may change depending on the state of the vehicle Safety Monitor would alarm if / when vehicle approaches the boundary of its safety envelope Including when it detects that sensor inconsistency or actuator/sensor inconsistency indicates an attack or failure. Control arbiter would transfer control from default controller to highassurance limp home emergency controller when it gets an alarm High-assurance modules make sure the safety requirements would remain satisfied even if the Legacy OS is completely under attacker s control
9 High-Assurance Message Handling Goal: Tool that allows users to automatically generate high-assurance message (de)serializers source code directly from the message definitions, with specifications and proofs auto-generated as well. CAN node specification Points to a.dbc file Compiles with HRL CAN Tool (1) Yes (3) Analyzable Artifacts in the Coq Theorem Prover (2) No Generated C/assembly code + Proofs Fail We are creating similar tools for other protocols (e.g. JAUS used for TCP/IP teleop on AMAS)
10 Proof-of-Concept Demonstration (Aug 15): See HACMS Software Controlling a Car CertiKOS HA Microkernel High-assurance code makes sure: The vehicle speed is known even when some of the sensors are under attack The vehicle can remain within the prescribed safety boundary (the distance to an obstacle related to speed is sufficient to be able to stop) The control is switch to the emergency stop module when the state of the vehicle is too close to the safety boundary
11 Putting it all Together Consistently: Mixed-Assurance Software Toolchain MAST goal enable non-experts to produce mixed assurance software Protect the high-assurance components from being undermined by low- /medium-assurance components Synthesize high-assurance components, particularly glue code Manage the architecture between components, avoid inconsistencies Replace individual components with higher-assurance versions without having to tweak unrelated components manually On track to allow non-experts to have confidence in software they produce
12 Current Focus: Transition We seek to demonstrate by April 2017: It s possible to apply HACMS technology to develop high-assurance software for real vehicles In a reasonable amount of time Without prohibitive performance overhead People other than tool developers themselves can use HACMS tools effectively We are focusing on using other performers tools, rather than just getting high-assurance components created by other people Once experts (e.g., at HRL) have configured and used the tools to create a particular codebase, non-experts (e.g., at TARDEC) can make (small?) changes to high-assurance components while maintaining the assurance level. We can get this technology into TARDEC s hands Both high-assurance software for specific vehicle, and reusable general-purpose components In a way that they can continue building upon without further help from us Full end-to-end functional correctness proofs for the most critical control components are within reach We want to have a clear path for getting there; but not necessarily walk it all the way right now.
13 Questions?
Using Formal Methods Tools to Improve Security in an Autonomous Military Truck
U.S. ARMY TANK AUTOMOTIVE RESEARCH, DEVELOPMENT AND ENGINEERING CENTER Using Formal Methods Tools to Improve Security in an Autonomous Military Truck Dariusz Mikulski, Ph.D. SANS Automotive Cybersecurity
More informationHigh Assurance Cyber Military Systems (HACMS)
High Assurance Cyber Military Systems (HACMS) Ray Richards, I2O Program Manager November 19, 2018 11/19/2018 Distribution Statement A - Approved for Public Release, Distribution Unlimited 1 Many Remote
More informationHigh-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity
Distribution A: SSC17-V-01 High-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity Daria C. Lane, Enrique S. Leon, Francisco C. Tacliad, Dexter H. Solio, Ian L. Rodney, Dmitriy
More informationAttack Resilient State Estimation for Vehicular Systems
December 15 th 2013. T-SET Final Report Attack Resilient State Estimation for Vehicular Systems Nicola Bezzo (nicbezzo@seas.upenn.edu) Prof. Insup Lee (lee@cis.upenn.edu) PRECISE Center University of Pennsylvania
More informationSecuring the future of mobility
Kaspersky Transportation System Security AVL Software and Functions Securing the future of mobility www.kaspersky.com #truecybersecurity Securing the future of mobility Connected car benefits The need
More informationAutomotive Anomaly Monitors and Threat Analysis in the Cloud
Automotive Anomaly Monitors and Threat Analysis in the Cloud Dr. André Weimerskirch Vector Automotive Cyber Security Symposium October 12, 2017 Cybersecurity Components Secure Internal & External Communications
More informationProgramming Languages for High-Assurance Autonomous Vehicles
Programming Languages for High-Assurance Autonomous Vehicles Lee Pike (speaker), Pat Hickey, James Bielman, Trevor Elliott, John Launchbury, Erlend Hamberg, Thomas DuBuisson S5 June 2014 Embedded Security:
More informationBuilding Assurance Cases with the Evidential Tool Bus 1
1 Supported by NASA Cooperative Agreement NNA10DE73C, NSF Grant CSR-EHCS(CPS)-0834810, DARPA. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily
More informationVehicle Trust Management for Connected Vehicles
Vehicle Trust Management for Connected Vehicles FINAL RESEARCH REPORT Insup Lee (PI), Nicola Bezzo, Jian Chang Contract No. DTRT12GUTG11 DISCLAIMER The contents of this report reflect the views of the
More informationSafety Assurance in Software Systems From Airplanes to Atoms
Safety Assurance in Software Systems From Airplanes to Atoms MDEP Conference on New Reactor Design Activities Session Digital I&C: Current & Emerging Technical Challenges September 07 Dr. Darren Cofer
More informationCommunication Patterns in Safety Critical Systems for ADAS & Autonomous Vehicles Thorsten Wilmer Tech AD Berlin, 5. March 2018
Communication Patterns in Safety Critical Systems for ADAS & Autonomous Vehicles Thorsten Wilmer Tech AD Berlin, 5. March 2018 Agenda Motivation Introduction of Safety Components Introduction to ARMv8
More informationUsing Formal Methods to Enable More Secure Vehicles: DARPA's HACMS Program
Using Formal Methods to Enable More Secure Vehicles: DARPA's HACMS Program Kathleen Fisher Tufts University 16 April 2015 (Slides based on original DARPA HACMS slides) Pervasive Vulnerability to Cyber
More informationSECURIFY: A COMPOSITIONAL APPROACH OF BUILDING SECURITY VERIFIED SYSTEM
1 SRIFY: A COMPOSITIONAL APPROACH OF BUILDING SRITY VERIFIED SYSTEM Liu Yang, Associate Professor, NTU SG-CRC 2018 28 March 2018 2 Securify Approach Compositional Security Reasoning with Untrusted Components
More informationArchitecture-driven development of Climate Control Software LMS Imagine.Lab Embedded Software Designer Siemens DF PL
Architecture-driven development of Climate Control Software LMS Imagine.Lab Embedded Software Designer Siemens DF PL Restricted Siemens AG 2017 Realize innovation. Content 1 Overview 3 2 LMS Imagine.Lab
More information정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석
정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석 Develop high quality embedded software 이영준 Principal Application Engineer 2015 The MathWorks, Inc. 1 Agendas Unit-proving of AUTOSAR Component and Runtime error Secure Coding
More informationHigh Assurance Spiral
DARPA HACMS High Assurance Spiral 18-847E Spiral: Formal Approaches to Hardware & Software Design & Algorithm Verification Franz Franchetti University www.ece.cmu.edu/~franzf Lecture based on joint work
More informationSecurity Concerns in Automotive Systems. James Martin
Security Concerns in Automotive Systems James Martin Main Questions 1. What sort of security vulnerabilities do modern cars face today? 2. To what extent are external attacks possible and practical? Background
More informationBehavioral Equivalence
Behavioral Equivalence Prof. Clarkson Fall 2016 Today s music: Soul Bossa Nova by Quincy Jones Review Previously in 3110: Functional programming Modular programming & software engineering Interpreters
More informationIntroduction to Cyber Security Issues for Transportation
Introduction to Cyber Security Issues for Transportation T3 Webinar December 7, 2011 Michael G. Dinning Cyber Security is One of the Most Serious Potential Risks in Transportation Increasing dependence
More informationto Address Cyber Physical Systems Security (CPSSEC)
Combating Threats: S&T is Building a Resilient Cyber Ecosystem to Address Cyber Physical Systems Security (CPSSEC) Follow us at dhsscitech CPS Security is Critical Smart cars, grids, medical devices, manufacturing,
More informationPractical Formal Verification of Domain-Specific Language Applications
Practical Formal Verification of Domain-Specific Language Applications Greg Eakman 1, Howard Reubenstein 1, Tom Hawkins 1, Mitesh Jain 2, and Panagiotis Manolios 2 1 BAE Systems, Burlington MA 01803, USA
More informationBehavioral Equivalence
Behavioral Equivalence Prof. Clarkson Fall 2015 Today s music: Soul Bossa Nova by Quincy Jones Review Previously in 3110: Functional programming Modular programming Interpreters Imperative and concurrent
More informationCertification Requirements for High Assurance Systems
for High Assurance Systems Gordon M. Uchenick Senior Mentor/Principal Engineer Objective Interface Systems, Inc. and W. Mark Vanfleet Senior Cryptologic Mathematician/ Senior INFOSEC Analyst National Security
More informationBlockchains: new home for proven-correct software. Paris, Yoichi Hirai formal verification engineer, the Ethereum Foundation
Blockchains: new home for proven-correct software Paris, 2017-2-17 Yoichi Hirai formal verification engineer, the Ethereum Foundation Lyon: 2014 January Have you heard of a web site where you can get Bitcoin
More informationWHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development
WHITE PAPER 10 Reasons to Use Static Analysis for Embedded Software Development Overview Software is in everything. And in many embedded systems like flight control, medical devices, and powertrains, quality
More informationMILS Multiple Independent Levels of Security. Carol Taylor & Jim Alves-Foss University of Idaho Moscow, Idaho
MILS Multiple Independent Levels of Security Carol Taylor & Jim Alves-Foss University of Idaho Moscow, Idaho United states December 8, 2005 Taylor, ACSAC Presentation 2 Outline Introduction and Motivation
More informationAdvanced Threat Defense Certification Testing Report. Trend Micro Incorporated Trend Micro Deep Discovery Inspector
Advanced Threat Defense Certification Testing Report Trend Micro Deep Discovery Inspector ICSA Labs Advanced Threat Defense July 12, 2016 Prepared by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg,
More informationExamining future priorities for cyber security management
Examining future priorities for cyber security management Cybersecurity Focus Day Insurance Telematics 16 Andrew Miller Chief Technical Officer Thatcham Research Owned by the major UK Motor Insurers with
More informationInformation Flow Analysis and Type Systems for Secure C Language (VITC Project) Jun FURUSE. The University of Tokyo
Information Flow Analysis and Type Systems for Secure C Language (VITC Project) Jun FURUSE The University of Tokyo furuse@yl.is.s.u-tokyo.ac.jp e-society MEXT project toward secure and reliable software
More informationFunctional Programming in Coq. Nate Foster Spring 2018
Functional Programming in Coq Nate Foster Spring 2018 Review Previously in 3110: Functional programming Modular programming Data structures Interpreters Next unit of course: formal methods Today: Proof
More informationSpecification and Analysis of Contracts Tutorial
Specification and Analysis of Contracts Tutorial Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo Gerardo Schneider (UiO) Specification and
More informationHigh-Assurance Cyber-Physical Systems 1
1 The talk covers work done in collaboration with Robin Larrieu, Léonard Gerard, Wenchao Li, and Sam Owre, and several other team members in the HACMS project. Supported by NASA NRA NNA13AC55C, NSF Grant
More informationTurning proof assistants into programming assistants
Turning proof assistants into programming assistants ST Winter Meeting, 3 Feb 2015 Magnus Myréen Why? Why combine proof- and programming assistants? Why proofs? Testing cannot show absence of bugs. Some
More informationPREEvision Technical Article
PREEvision Technical Article AUTOSAR-Conformant Vehicle Diagnostics over : Developing Diagnostic Communications for E/E Systems The electronically controlled systems of modern vehicles are networked with
More informationTest and Evaluation of Autonomous Systems in a Model Based Engineering Context
Test and Evaluation of Autonomous Systems in a Model Based Engineering Context Raytheon Michael Nolan USAF AFRL Aaron Fifarek Jonathan Hoffman 3 March 2016 Copyright 2016. Unpublished Work. Raytheon Company.
More informationCombining program verification with component-based architectures. Alexander Senier BOB 2018 Berlin, February 23rd, 2018
Combining program verification with component-based architectures Alexander Senier BOB 2018 Berlin, February 23rd, 2018 About Componolit 2 What happens when we use what's best? 3 What s Best? Mid-90ies:
More informationPENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017
PENETRATION TESTING OF AUTOMOTIVE DEVICES Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017 Imagine your dream car 2 Image: 2017 ESCRYPT. Exemplary attack demonstration only. This is NOT
More informationThe CertiKOS Project
The CertiKOS Project Zhong Shao Yale University April 21, 2017 http://flint.cs.yale.edu Acknowledgement: Ronghui Gu, Newman Wu, Hao Chen, Jieung Kim, Jeremie Koenig, Vilhelm Sjoberg, Mengqi Liu, Lionel
More informationIntroduction to CS 270 Math Foundations of CS
Introduction to CS 270 Math Foundations of CS Verification of Computer Systems Jeremy Johnson Drexel University Course Description Emphasizes analytic problem-solving and introduction of mathematical material
More informationHeavy Vehicle Cybersecurity Update. National Motor Freight Traffic Association, Inc.
Heavy Vehicle Cybersecurity Update National Motor Freight Traffic Association, Inc. National Motor Freight Traffic Association, Inc. (NMFTA) Industry non-profit representing more than 600 companies operating
More informationChapter 9. Firewalls
Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled link however
More informationCHERI A Hybrid Capability-System Architecture for Scalable Software Compartmentalization
CHERI A Hybrid Capability-System Architecture for Scalable Software Compartmentalization Robert N.M. Watson *, Jonathan Woodruff *, Peter G. Neumann, Simon W. Moore *, Jonathan Anderson, David Chisnall
More informationAdvanced Threat Defense Certification Testing Report. Symantec Corporation Symantec Advanced Threat Protection
Advanced Threat Defense Certification Testing Report Symantec Advanced Threat Protection ICSA Labs Advanced Threat Defense December 8, 2015 Prepared by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg,
More informationUsing a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles
Safety & Security for the Connected World Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles 16 th June 2015 Mark Pitchford, Technical Manager, EMEA Today
More informationCreating a Practical Security Architecture Based on sel4
Creating a Practical Security Architecture Based on sel4 Xinming (Simon) Ou University of South Florida (many slides borrowed/adapted from my student Daniel Wang) 1 Questions for sel4 Community Is there
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (9 th Week) 9. Firewalls and Intrusion Prevention Systems 9.Outline The Need for Firewalls Firewall Characterictics and Access Policy Type of Firewalls
More informationBeyond the PDP-11: Architectural support for a memory-safe C abstract machine
Trustworthy Systems Research and CTSRDCRASH-worthy Development Beyond the PDP-11: Architectural support for a memory-safe C abstract machine David Chisnall, Colin Rothwell, Brooks Davis, Robert N.M. Watson,
More informationNGN: Carriers and Vendors Must Take Security Seriously
Research Brief NGN: Carriers and Vendors Must Take Security Seriously Abstract: The next-generation network will need to provide security on many levels. A comprehensive set of standards should be in place
More informationThe Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA
The Remote Exploitation of Unaltered Passenger Vehicles Revisited 20 th October 2016 Mark Pitchford, Technical Manager, EMEA Today s hot topic A few years ago, Lynx presentations at events such as this
More informationPrinciples of Software Construction: Objects, Design, and Concurrency (Part 2: Designing (Sub )Systems)
Principles of Software Construction: Objects, Design, and Concurrency (Part 2: Designing (Sub )Systems) More Analysis for Functional Correctness Jonathan Aldrich Charlie Garrod School of Computer Science
More informationUsing a Certified Hypervisor to Secure V2X communication
SYSGO AG PUBLIC 1 Using a Certified Hypervisor to Secure V2X communication Author(s): Date: Version Chris Berg 08/05/2017 v1.1 SYSGO AG PUBLIC 2 Protecting Assets People started protecting their assets
More informationCatalog of Control Systems Security: Recommendations for Standards Developers. September 2009
Catalog of Control Systems Security: Recommendations for Standards Developers September 2009 2.7.11.2 Supplemental Guidance Electronic signatures are acceptable for use in acknowledging rules of behavior
More informationACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems
ACS-3921/4921-001 Computer Security And Privacy Chapter 9 Firewalls and Intrusion Prevention Systems ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been
More informationChallenges and Possibilities for Safe and Secure ASN.1 Encoders and Decoders
Challenges and Possibilities for Safe and Secure ASN.1 Encoders and Decoders Mark Tullsen Galois, Inc. LangSec, May 2018 Mark Tullsen (Galois, Inc.) ASN.1 Challenges and Possibilities LangSec, May 2018
More informationMixing formal methods to increase robustness against cyber-attacks
Mixing formal methods to increase robustness against cyber-attacks Laurent Voisin 29/06/2018 Systerel in a nutshell Critical systems engineering System Expertise Safety Cyber-security Critical Systems
More informationSecurity Architecture
Security Architecture We ve been looking at how particular applications are secured We need to secure not just a few particular applications, but many applications, running on separate machines We need
More informationCOMPOSABILITY, PROVABILITY, REUSABILITY (CPR) FOR SURVIVABILITY
AFRL-IF-RS-TR-2002-61 Final Technical Report April 2002 COMPOSABILITY, PROVABILITY, REUSABILITY (CPR) FOR SURVIVABILITY Kestrel Institute Sponsored by Defense Advanced Research Projects Agency DARPA Order
More informationHybrid Verification in SPARK 2014: Combining Formal Methods with Testing
IEEE Software Technology Conference 2015 Hybrid Verification in SPARK 2014: Combining Formal Methods with Testing Steve Baird Senior Software Engineer Copyright 2014 AdaCore Slide: 1 procedure Array_Indexing_Bug
More informationIdentifier Binding Attacks and Defenses in Software-Defined Networks
Identifier Binding Attacks and Defenses in Software-Defined Networks Samuel Jero 1, William Koch 2, Richard Skowyra 3, Hamed Okhravi 3, Cristina Nita-Rotaru 4, and David Bigelow 3 1 Purdue University,
More informationGeneral Framework for Secure IoT Systems
General Framework for Secure IoT Systems National center of Incident readiness and Strategy for Cybersecurity (NISC) Government of Japan August 26, 2016 1. General Framework Objective Internet of Things
More informationSoftware Architecture for Immersipresence
Software Architecture for Immersipresence Alexandre R.J. François Computer Science Department alexandre.francois@usc.edu ARJF 2006 Software Architecture Design, analysis and implementation of software
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationHow to Introduce Virtualization in AGL? Objectives, Plans and Targets for AGL EG-VIRT
How to Introduce Virtualization in AGL? Objectives, Plans and Targets for AGL EG-VIRT Michele Paolino m.paolino@virtualopensystems.com Automotive Grade Linux Summit 2017 2017-06-01, Tokyo, Japan http://www.tapps-project.eu/
More informationLast time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control
Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating
More informationCS Paul Krzyzanowski
Question 1 Explain why hypervisor rootkits are more difficult to detect than user-mode or kernel-mode rootkits. Computer Security 2018 Exam 2 Review Paul Krzyzanowski Rutgers University Spring 2018 The
More informationComputer Security Exam 2 Review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 2018 Exam 2 Review Paul Krzyzanowski Rutgers University Spring 2018 April 16, 2018 CS 419 2018 Paul Krzyzanowski 1 Question 1 Explain why hypervisor rootkits are more difficult to detect
More informationOBJECT ORIENTED SYSTEM DEVELOPMENT Software Development Dynamic System Development Information system solution Steps in System Development Analysis
UNIT I INTRODUCTION OBJECT ORIENTED SYSTEM DEVELOPMENT Software Development Dynamic System Development Information system solution Steps in System Development Analysis Design Implementation Testing Maintenance
More informationModeling, Verifying, and Generating Software for Distributed Cyber- Physical Systems using DMPL and AADL
Modeling, Verifying, and Generating Software for Distributed Cyber- Physical Systems using DMPL and AADL Sagar Chaki, Dionisio de Niz, Joseph Seibel Software Engineering Institute Carnegie Mellon University
More informationOutline. Proof Carrying Code. Hardware Trojan Threat. Why Compromise HDL Code?
Outline Proof Carrying Code Mohammad Tehranipoor ECE6095: Hardware Security & Trust University of Connecticut ECE Department Hardware IP Verification Hardware PCC Background Software PCC Description Software
More informationAchieving a Secure and Resilient Cyber Ecosystem: A Way Ahead
Achieving a Secure and Resilient Cyber Ecosystem: A Way Ahead January 2016 Continuing to strengthen the security and resilience of our nation s critical infrastructure in partnership with you Our Responsibilities
More informationPL in the Broader Research Community
PL in the Broader Research Community EECS 590: Advanced Programming Languages 27. November 2017 Kevin Angstadt angstadt@umich.edu 1 Who am I? Fourth-year PhD student (I did my first three years at UVA)
More informationAUTOMATIC FUNCTIONALITY ASSIGNMENT TO AUTOSAR MULTICORE DISTRIBUTED ARCHITECTURES
AUTOMATIC FUNCTIONALITY ASSIGNMENT TO AUTOSAR MULTICORE DISTRIBUTED ARCHITECTURES Florin Maticu, Paul Pop Technical University of Denmark (DTU) Axbrink Christian, Islam Mafijul Volvo Group Trucks Technology,
More informationIEEE-SA Internet of Things - Security & Standards
IEEE-SA Internet of Things - Security & Standards Srikanth Chandrasekaran IEEE Standards Association MOBILE WORLD CONGRESS, SHANGHAI JUNE 2018 What does the IEEE Standards Association (IEEE-SA) do? Vision:
More informationMONIKA HEINER.
LESSON 1 testing, intro 1 / 25 SOFTWARE TESTING - STATE OF THE ART, METHODS, AND LIMITATIONS MONIKA HEINER monika.heiner@b-tu.de http://www.informatik.tu-cottbus.de PRELIMINARIES testing, intro 2 / 25
More informationStatic Analysis Techniques
oftware Design (F28SD2): Static Analysis Techniques 1 Software Design (F28SD2) Static Analysis Techniques Andrew Ireland School of Mathematical and Computer Science Heriot-Watt University Edinburgh oftware
More informationModel-Based Techniques in the Development of Net-Centric Applications. Timothy A. Anderson Basil C. Krikeles. June 20, 2007
Model-Based Techniques in the Development of Net-Centric Applications June 20, 2007 Timothy A. Anderson Basil C. Krikeles BAE-Systems Advanced Information Technologies 6 New England Executive Park Burlington,
More informationAn Experimental Analysis of the SAE J1939 Standard
Truck Hacking: An Experimental Analysis of the SAE J1939 Standard 10th USENIX Workshop On Offensive Technologies (WOOT 16) Liza Burakova, Bill Hass, Leif Millar & Andre Weimerskirch Are trucks more secure
More informationOffense & Defense in IoT World. Samuel Lv Keen Security Lab, Tencent
Offense & Defense in IoT World Samuel Lv Keen Security Lab, Tencent Keen Security Lab of Tencent Wide coverage of software and hardware security research Mainstream PC & Mobile Operating Systems Mainstream
More informationFormal methods for software security
Formal methods for software security Thomas Jensen, INRIA Forum "Méthodes formelles" Toulouse, 31 January 2017 Formal methods for software security Formal methods for software security Confidentiality
More informationDan Henderlong July 27, 2017
Smart User Interfaces for Connected Cars Dan Henderlong July 27, 2017 Agenda User interfaces - Challenges EB s Complete UI Package The In-Car User Platform (ICUP) EB GUIDE Tool Augmented Reality Creator
More informationConstructing and Verifying Cyber Physical Systems
Constructing and Verifying Cyber Physical Systems Mixed Criticality Scheduling and Real-Time Operating Systems Marcus Völp Overview Introduction Mathematical Foundations (Differential Equations and Laplace
More informationExperience Report: Constraint-Based Modeling of Autonomous Vehicle Trajectories
Experience Report: Constraint-Based Modeling of Autonomous Vehicle Trajectories Kennon McKeever University of Arizona kennonmckeever@email.arizona.edu Yegeta Zeleke UC Santa Cruz yzeleke@ucsc.edu Matt
More informationSupervisory Control Synthesis the Focus in Model-Based Systems Engineering
Supervisory Control Synthesis the Focus in Model-Based Systems Engineering Jos Baeten and Asia van de Mortel-Fronczak Systems Engineering Group Department of Mechanical Engineering November 23, 2011 What
More informationAutomotive Cybersecurity: A steep learning curve
Automotive Cybersecurity: A steep learning curve Vector Congress 2018 V1.0 2018-11-07 Motivation Attack Surface and Attack History Automotive megatrends Attacks with safety-critical effects Connectivity
More informationGerwin Klein Kevin Elphinstone Gernot Heiser June Andronick David Cock Philip Derrin Dhammika Elkaduwe Kai Engelhardt Rafal Kolanski Michael Norrish
Gerwin Klein Kevin Elphinstone Gernot Heiser June Andronick David Cock Philip Derrin Dhammika Elkaduwe Kai Engelhardt Rafal Kolanski Michael Norrish Thomas Sewell Harvey Tuch Simon Winwood 1 microkernel
More informationEmergency Services Mobile Communications Programme. Ambulance Leadership Forum 8 th Feb 17
Emergency Services Mobile Communications Programme Ambulance Leadership Forum 8 th Feb 17 1 Emergency Services Network (ESN) Airwave: Is used by all Emergency Services and agencies and is a private network
More informationOutline. SLD challenges Platform Based Design (PBD) Leveraging state of the art CAD Metropolis. Case study: Wireless Sensor Network
By Alberto Puggelli Outline SLD challenges Platform Based Design (PBD) Case study: Wireless Sensor Network Leveraging state of the art CAD Metropolis Case study: JPEG Encoder SLD Challenge Establish a
More informationChallenges and Opportunities for Statistics in Digital Forensics
Challenges and Opportunities for Statistics in Digital Forensics Turing Gateway to Mathematics Isaac Newton Institute 1 st December 2016 Dr. James Luck (james.luck@met.police.uk) TOTAL POLICING Date Arial
More informationTRUSTWORTHY CYBER INFRASTRUCTURE FOR THE POWER GRID TCIPG.ORG
FROM SECURITY TO RESILIENCY: OPPORTUNITIES AND CHALLENGES FOR THE SMART GRID S CYBER INFRASTRUCTURE APRIL 20, 2015 BILL SANDERS UNIVERSITY OF ILLINOIS DARTMOUTH COLLEGE UC DAVIS WASHINGTON STATE UNIVERSITY
More informationConvergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations
Convergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations Agenda Nexus of Safety and Cybersecurity Separation and Connectivity Trends in Aerospace Cybersecurity Isn t Security
More informationIntroduction to Assurance
Introduction to Assurance Overview Why assurance? Trust and assurance Life cycle and assurance April 1, 2015 Slide #1 Overview Trust Problems from lack of assurance Types of assurance Life cycle and assurance
More informationOverview of Akamai s Personal Data Processing Activities and Role
Overview of Akamai s Personal Data Processing Activities and Role Last Updated: April 2018 This document is maintained by the Akamai Global Data Protection Office 1 Introduction Akamai is a global leader
More informationRiccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist
Riccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist Internet of Things Group 2 Internet of Things Group 3 Autonomous systems: computing platform Intelligent eyes Vision. Intelligent
More informationComplexity-Reducing Design Patterns for Cyber-Physical Systems. DARPA META Project. AADL Standards Meeting January 2011 Steven P.
Complexity-Reducing Design Patterns for Cyber-Physical Systems DARPA META Project AADL Standards Meeting 24-27 January 2011 Steven P. Miller Delivered to the Government in Accordance with Contract FA8650-10-C-7081
More informationUNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)
UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update) Koji NAKAO, NICT, Japan (Expert of UNECE WP29/TFCS) General Flow of works in WP29/TFCS and OTA Data protection
More informationMILS Middleware: High Assurance Security for Real-time, Distributed Systems
2001 Objective Interface Systems, Inc. MILS Middleware: High Assurance Security for Real-time, Distributed Systems Bill Beckwith bill.beckwith@ois.com Objective Interface Systems, Inc. 13873 Park Center
More informationGREEN HILLS SOFTWARE: EAL6+ SECURITY FOR MISSION CRITICAL APPLICATIONS
GREEN HILLS SOFTWARE: EAL6+ SECURITY FOR MISSION CRITICAL APPLICATIONS 15 December 2008: EAL6+ Security for Mission Critical Applications INTERVIEWEE. DAVID KLEIDERMACHER CHIEF TECHNOLOGY OFFICER TEL.
More informationProject 2020: Preparing Your Organization for Future Threats Today
Project 2020: Preparing Your Organization for Future Threats Today SESSION ID: STU-W01B Rik Ferguson Vice President Security Research Trend Micro @rik_ferguson PROJECT 2020 An initiative of the International
More informationCybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute
Cybersecurity Challenges for Connected and Automated Vehicles Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute Cars are becoming complex (and CAV is only part of it) 1965: No
More informationClick ISO to edit Master title style Update on development of the standard
Click ISO 26262 to edit Master title style Update on development of the standard Dr David Ward Head of Functional Safety January 2016 Agenda Why update ISO 26262? What is the process for updating the standard?
More information