CT-ISG: Collaborative Research: Non-bypassable Kernel Services for Execution Security
Project Award Date: 07-27-2007
Description
Society is increasingly dependent on complex engineered systems such as supervisory control and data access systems for power grid management, industrial control systems for automated manufacturing, and medical device systems for patient monitoring and treatment. Recent trends toward teleoperation and monitoring of these critical systems, and toward connecting them with noncritical systems that can be accessed through public networks, have increased their vulnerability to cyber-attack. To protect safety, health, and economic concerns of national interest, it is critical that these systems maintain survivable operation even in the face of malicious attacks. ITTC research addresses the fundamental problem of how to isolate interactions among computations in these systems according to specific execution constraints. Computations cannot interfere with one other’s specified constraints even when some computations are used to mount adversarial attacks on others.
Although there are many ways attackers could interfere with system computations, the set of services needed to support non-bypassable isolation of interference between computations is in fact small. ITTC researchers are developing a set of kernel services to provide non-bypass able isolation of computations’ access to and use of resources and system components from interference with other computations’ specified execution constraints. This approach differs from other approaches in that it does not depend on segregating the computations themselves into resource partitions, but instead focuses on isolating the effects of different computations’ execution on their ability to meet their specified execution constraints, based on formal models of the computations and the system components they use.
In Collaboration with Washington University
Investigators
Faculty Investigator(s): Douglas Niehaus (PI)
Student Investigator(s): Andrew Boie, Michael Jantz, Michael Cribbs, Noah Watkins, Matthew Beattie, Tyrian Phagan
Project Sponsors
Primary Sponsor(s): NSF
