Purdue researchers have developed a novel self-cognizant and healing technology for industrial control systems against both internal and external threats. The project is led by Hany Abdel-Khalik (center) with Yeni Li, a nuclear engineering postdoctoral associate (right) leading the anomaly detection work and third-year nuclear engineering Ph.D. student, Arvind Sundaram, the covert cognizance algorithms implementation.
(Purdue University photo/Vincent Walter)
It sounds like a scene from a spy thriller. An attacker gets through the IT defenses of a nuclear power plant and feeds it fake, realistic data, tricking its computer systems and personnel into thinking operations are normal. The attacker then disrupts the function of key plant machinery, causing it to misperform or break down. By the time system operators realize they’ve been duped, it’s too late, with catastrophic results.
The scenario isn’t fictional; it happened in 2010, when the Stuxnet virus was used to damage nuclear centrifuges in Iran. And as ransomware and other cyberattacks around the world increase, system operators worry more about these sophisticated “false data injection” strikes. In the wrong hands, the computer models and data analytics – based on artificial intelligence – that ensure smooth operation of today’s electric grids, manufacturing facilities, and power plants could be turned against themselves.
Purdue University’s Hany Abdel-Khalik has come up with a powerful response: to make the computer models that run these cyberphysical systems both self-aware and self-healing. Using the background noise within these systems’ data streams, Abdel-Khalik and his students embed invisible, ever-changing, one-time-use signals that turn passive components into active watchers. Even if an attacker is armed with a perfect duplicate of a system’s model, any attempt to introduce falsified data will be immediately detected and rejected by the system itself, requiring no human response.
“We call it covert cognizance,” said Abdel-Khalik, an associate professor of nuclear engineering and researcher with Purdue’s Center for Education and Research in Information Assurance and Security (CERIAS). “Imagine having a bunch of bees hovering around you. Once you move a little bit, the whole network of bees responds, so it has that butterfly effect. Here, if someone sticks their finger in the data, the whole system will know that there was an intrusion, and it will be able to correct the modified data.”
Trust through self-awareness
Abdel-Khalik will be the first to say that he is a nuclear engineer, not a computer scientist. But today, critical infrastructure systems in energy, water, and manufacturing all use advanced computational techniques, including machine learning, predictive analytics, and artificial intelligence. Employees use these models to monitor readings from their machinery and verify that they are within normal ranges. From studying the efficiency of reactor systems and how they respond to equipment failures and other disruptions, Abdel-Khalik grew familiar with the “digital twins” employed by these facilities: duplicate simulations of data-monitoring models that help system operators determine when true errors arise.
But gradually he became interested in intentional, rather than accidental, failures, particularly what could happen when a malicious attacker has a digital twin of their own to work with. It’s not a far-fetched situation, as the simulators used to control nuclear reactors and other critical infrastructure can be easily acquired. There’s also the perennial risk that someone inside a system, with access to the control model and its digital twin, could attempt a sneak attack.
“Traditionally, your defense is as good as your knowledge of the model. If they know your model pretty well, then your defense can be breached,” said Yeni Li, a recent graduate from the group, whose Ph.D. research focused on the detection of such attacks using model-based methods.
Abdel-Khalik said, “Any type of system right now that is based on the control looking at information and making a decision is vulnerable to these types of attacks. If you have access to the data, and then you change the information, then whoever’s making the decision is going to be basing their decision on fake data.”
To thwart this strategy, Abdel-Khalik and Arvind Sundaram, a third-year graduate student in nuclear engineering, found a way to hide signals in the unobservable “noise space” of the system. Control models juggle thousands of different data variables, but only a fraction of them are actually used in the core calculations that affect the model’s outputs and predictions. By slightly altering these nonessential variables, their algorithm produces a signal so that individual components of a system can verify the authenticity of the data coming in and react accordingly.
“When you have components that are loosely coupled with each other, the system really isn’t aware of the other components or even of itself,” Sundaram said. “It just responds to its inputs. When you’re making it self-aware, you build an anomaly detection model within itself. If something is wrong, it needs to not just detect that, but also operate in a way that doesn’t respect the malicious input that’s come in.”
For added security, these signals are generated by the random noise of the system hardware, for example, fluctuations in temperature or power consumption. An attacker holding a digital twin of a facility’s model could not anticipate or re-create these perpetually shifting data signatures, and even someone with internal access would not be able to crack the code.
“Anytime you develop a security solution, you can trust it, but you still have to give somebody the keys,” Abdel-Khalik said. “If that person turns on you, then all bets are off. Here, we’re saying that the added perturbations are based on the noise of the system itself. So there’s no way I would know what the noise of the system is, even as an insider. It’s being recorded automatically and added to the signal.”
Though the papers published by the team members so far have focused on using their paradigm in nuclear reactors, the researchers see potential for applications across industries — any system that uses a control loop and sensors, Sundaram said. The same methods could be used also for objectives beyond cybersecurity, such as self-healing anomaly detection that could prevent costly shutdowns, and a new form of cryptography that would enable the secure sharing of data from critical systems with outside researchers.
Cyber gets physical
As nuclear engineers, Abdel-Khalik and Sundaram benefit from the expertise and resources of CERIAS to find entry points into the worlds of cybersecurity and computer science. Abdel-Khalik credits Elisa Bertino, the Samuel D. Conte Professor of Computer Science and CERIAS research director, with the original spark that led to creating the covert cognizance algorithm, and thanks the center for exposing him to new partnerships and opportunities.
Founded in 1998, CERIAS is one of the oldest and largest research centers in the world concentrating on cybersecurity. Its mission, says managing director Joel Rasmus, has always been interdisciplinary, and today the center works with researchers from 18 departments and eight colleges at Purdue. Abdel-Khalik’s research is a perfect example of this diverse network.
“When most people think about cybersecurity, they only think about computer science,” Rasmus said. “Here’s a nuclear engineering faculty member who’s doing unbelievably great cyber and cyberphysical security work. We’ve been able to link him with computer scientists at Purdue who understand this problem, but yet don’t understand anything about nuclear engineering or the power grid, so they’re able to collaborate with him.”
Abdel-Khalik and Sundaram have begun to explore the commercial possibilities of covert cognizance through a startup company. That startup, Covert Defenses LLC, has recently engaged with Entanglement Inc., an early-stage deep tech company, to develop a go-to-market strategy.
In parallel, the team will be working to develop a software toolkit that can be integrated with the cyberphysical test beds at CERIAS and the Pacific Northwest National Laboratory, where sensors and actuators coupled to software provide a simulation of large-scale industrial systems.
“We can provide additional applications for the technologies that he’s developing, since this is an idea that can help nearly every cyberphysical domain, such as advanced manufacturing or transportation,” Rasmus said. “We want to make sure that the research that we’re doing actually helps move the world forward, that it helps solve actual real-world problems.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- 5 innovative campaigns that raise awareness regarding Human Traffickingon July 30, 2022 at 8:48 am
Today is the International Day against human trafficking. In India, an average of 1827 women are trafficked every hour.
- 5 innovative campaigns that raise awareness about human traffickingon July 29, 2022 at 11:05 am
Can Machine Learning and Artificial Intelligence be used to fight Human Trafficking? The Lincoln Lab of MIT is developing machine learning algorithms that automatically analyze thousands of online ...
- Enhancing the safety of autonomous vehicles in critical scenarioson July 26, 2022 at 6:30 am
Researchers at Ulm University in Germany have recently developed a new framework that could help to make self-driving cars safer in urban and highly dynamic environments. This framework, presented in ...
- What We Can All Learn From How Jewish Law Defines Personhood in AI, Animals, and Alienson July 25, 2022 at 12:07 pm
Earlier this year, Google engineer named Blake Lemoine made headlines for a particularly outlandish claim: After engaging in conversation with a highly sophisticated algorithm named LaMDA, he decided ...
- Google fires software engineer that claimed that its AI chatbot is self awareon July 25, 2022 at 2:51 am
Google announced that it has just fired a senior software engineer after he began claiming that the company’s AI (artificial intelligence) chatbot was a sentient being (became self aware). According ...
Go deeper with Google Headlines on:
Go deeper with Bing News on:
- Man gets life term for wife’s murder after daughters testify against himon July 29, 2022 at 8:41 am
Judge Vivek Kumar of the upper sessions court in Bulandshahr awarded life imprisonment to accused Manoj Bansal and also slapped a fine of ₹20,000 on him. Bansal’s daughters Latika, 16, and Tanya, 11, ...
- Section 14A Of SC/ST Act Contains No Limitation Period To Bar Filing Of Appeal Against Order Under 1989 Act: Allahabad High Courton July 29, 2022 at 8:23 am
The Allahabad High Court has observed that Section 14A of SC/ST (Prevention of Atrocities) Act, 1989 puts no limitation on filing an appeal against an order under the provisions of the 1989 Act. The ...
- Bihar man alleges wife and daughter kidnapped and being forced to convert; police denyon July 27, 2022 at 3:36 am
Police said that the matter has been investigated thoroughly and the wife and the daughter, far from being in captivity, had an altogether different story to tell. (Representative image) ...
- Bihar man alleges wife and daughter kidnapped and being forced to convert; police denyon July 27, 2022 at 3:35 am
A resident of Bihar’s Begusarai district has accused his neighbours, belonging to another religious community, of kidnapping his wife and married daughter and, after exploiting them sexually, putting ...
- ‘Forced conversions’: Delhi HC tells BJP leader he has to show more than just apprehensionson July 25, 2022 at 1:29 pm
BJP leader Ashwini Kumar Upadhyay had argued that Delhi has become a safe haven for illegal religious conversions and there is no law to book people for it.