Cyber-Physical Systems (CPS) integrate devices that can interact with each other and the physical world around them. With CPS applications, engineers monitor the structural health of highways and bridges, farmers check the health of their crops, and ecologists observe wildlife in their natural habitat. Using sensory side-channels (e.g., light, temperature, infrared, acoustic), an adversary can successfully attack CPS devices and applications by (1) triggering existing malware, (2) transferring malware, (3) combining multiple side-channels to increase the impact of a threat, or (4) leaking sensitive information. This project develops novel security tools and techniques to protect CPS devices and applications against sensory side-channel threats. The project results are released as an open source project, so interested software developers can extend and reuse them in other CPS research. Broader impacts include educational training and tools for the CPS field, and a collaboration with the Miami-Dade County Public Schools (M-DCPS), to expose underrepresented middle school students to state-of-the art technology topics to pique students' interests in cyber-security and cyber-physical systems. The project investigates the sensory side-channel (e.g., acoustic, seismic, light, temperature) threats to CPS devices and applications and evaluates the feasibility and practicality of the attacks on real CPS equipment. The result is novel sensory side-channel-aware security tools and techniques for the CPS devices. Specifically, the principal investigator (1) analyzes the physical characteristics of the sensory CPS side-channels to understand how the physical world impacts the cyber world of CPS devices; (2) investigates the information leakage through the sensory side-channels on the CPS devices; (3) develops a novel IDS particularly designed to be aware of the sensory CPS side-channels; (4) designs and develops a CPS security testbed for test and experiments on real equipment and simulation tools.
