You are here

Security in Cyber-Physical Networked Systems

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA9453-14-M-0006
Agency Tracking Number: F13A-T05-0148
Amount: $149,996.00
Phase: Phase I
Program: STTR
Solicitation Topic Code: AF13-AT05
Solicitation Number: 2013.A
Timeline
Solicitation Year: 2013
Award Year: 2013
Award Start Date (Proposal Award Date): 2013-10-01
Award End Date (Contract End Date): 2014-07-07
Small Business Information
591 Camino de la Reina Suite 610
San Diego, CA -
United States
DUNS: 010681380
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Robert McGraw
 Vice-President, CTO
 (619) 398-1410
 rmcgraw@ramlabs.com
Business Contact
 Michelle Foley
Title: Director of Finance and Contracts
Phone: (619) 398-1410
Email: mjaent@ramlabs.com
Research Institution
 Auburn University
 Drew Hamilton
 
Department of Computer Science 3101 Shelby Center
Auburn, AL 36849-5347
United States

 (334) 663-6860
 Nonprofit College or University
Abstract

ABSTRACT: Physical infrastructure is faced with a variety of security challenges including malicious insiders, hackers, and threats present within the supply chain. Hardware, sensors, and software residing in these environments may be captured or compromised by an adversary for the purpose of attacking or disrupting operations. Recent examples of attacks on such infrastructure can be found in Flame and Stuxnet attacks on foreign power systems. Technologies that promote secure and trusted transactions are required to detect and mitigate those threats. We propose to develop Cyber Physical (CP) Sentry, a solution that assesses the security and trustworthiness of sensors, applications and the hardware on which they reside. CP Sentry builds on the concept of a distributed trusted notary system by providing sensors that detect changes in system state, using distributed trusted notaries to independently evaluate the security of nodes using a variety of scoring criteria, and weighing notary responses in order to best detect the presence of an attack. Identifying the attack then sets the stage for administrator or automated mitigation response based on the type of attack detected. Our solution allows the CP Sentry itself to be protected against adversary attack by leveraging the use of trusted computing throughout our design. BENEFIT: This project will develop a solution for providing security for cyber physical infrastructure, including SCADA systems. Such systems can be subverted by malicious insiders, external hackers and/or supply chain threats. Examples of where such attacks have gained a recent foothold have included the Shamoon, Duqu, Flame and Stuxnet viruses that have been used to bring down foreign power generation and refining systems. CP Sentry will enable us to provide security solutions for today's CP infrastructure to secure and protect deployed sensors, software and firmware throughout America's infrastructure. The target market for CP Sentry is the power generation and refining markets. According to an ARC Advisory Group study, the SCADA market alone is projected to grow by 8.9% annually between now and 2016. Currently, the oil and gas section of the SCADA market is at $1.3B, while the power generation section of the SCADA market is at $930M and projected to grow to $1.5B by 2020. Within these sectors, there are several leading vendors that can utilize CP Sentry to protect their infrastructure. Leaders include ABB Ltd., Siemens AG, Schneider Electric SA, Honeywell International, Rockwell Automation, Inc. and GE Co. and Invensys plc. To take advantage of these immense opportunities to commercialize this technology, RAM Laboratories'strategy involves a dual-pronged approach that addresses (1) licensing, and (2) technical services. Both of these elements are integral parts of our corporate growth strategy. We will pursue the licensing of the Cyber Physical Sentry for use in monitoring physical infrastructure. These tools will go beyond traditional intrusion detection systems and system management solutions to provide a reach into the hardware, sensor, software and firmware associated with critical infrastructure. While this technology will focus on sensors and monitors associated with physical infrastructure, our solution will look to provide our technology for value-added integration with existing commercial technologies. The second commercialization approach that we are pursuing is in the area of Technical Services and Custom Development. In this area, we will provide customers with custom integrated technical solutions based on our CPS technology for use deploying a custom solution on their infrastructure via technical services.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government