Security Engineering


Also referred to as “Systems Aware Cybersecurity”


Principal Investigator:  Dr. Barry Horowitz, University of Virginia (Bh8e@irgina.edu)

Principal Investigator:  Dr. Pete Beling  (), and Cody Fleming (), University of Virginia

Timeframe:  Phase I: June 2011 to December 2011; Phase II: January 2012 to October 2012; Phase III: October 2012 to December 2013; Phase IV: January 2014 to December 2014; Phase V: December 2014 to December 2015; Phase VI:  January 2016 to November 2016; Phase VII: December 2016 to December 2017

Category: Trusted Systems


Description

Objectives: This effort has been in progress since 2011 and is currently focusing on four cybersecurity topics:

  • Development of a prototype security system for securely monitoring an autonomous surveillance system on board an unmanned aerial vehicle for possible cyber attacks (emphasis on advanced persistent threats including supply chain and insider initiated attacks). Serves as an initial use case for a secure Sentinel-based architecture focused on monitoring and when needed, reconfiguring systems in response to cyber attacks at the system level (weapons systems, sensor systems, physical infrastructure systems).
  • Exploring decision support methodologies for determining on a mission basis the most critical system functions to secure. Employing attack tree tools as well as SysML/UML tools to support the decision process.
  • Developing cybersecurity CONOPS for operation of UAV’s that are possibly under attack. Simulation experiments are planned for Creech AFB and at UVA to gain an initial understanding of user issues and managing operator confidence in decision-making in situations where cyber support systems are thought to be under attack.
  • Exploring the opportunity to apply private Cloud capabilities as a Sentinel for monitoring ground-based systems so as be able to readily employ moving target and diversity solutions to secure the Sentinel. In addition, exploring the use of tools to monitor Cloud performance related to latencies as a means for detecting out-of-norm situations that can be related to possible cyber attacks.

Approach:  The project emphasizes the use of rapid prototyping to gain early visibility and understanding of the unique issues that cyber defense brings with it in parallel with longer term more basic research efforts that discover fundamental ways to improve upon the earlier work. Each of the topics described above is developing initial prototype applications, with emphasis on applications that are inter-related.

Application:  The benefit of this project is the basis it establishes for introducing the System-Aware Security concept and the accompanying evaluation system into practice.

Publications

Publications:

  • Horowitz, B.M. and Jones, R.A., “Smart security sentinels for providing point defense cyber security of critical system functions”, To be submitted IEEE Journal of  Systems, Man and Cybernetics
  • Jones, R.A., Luckett, B., Beling, P., Horowitz, B.M., “Architectural Scoring Framework for the Creation and Evaluation of System-Aware Cyber Security Solutions”, Journal of Environmental Systems and Decisions 33, no. 3 (2013): 341-361
  • Horowitz, B.M. and Pierce, K.M., “The integration of diversely redundant designs, dynamic system models, and state estimation technology to the cyber security of physical systems”, Systems Engineering, vol 16, Issue 4 (2013): 401-412
  • Jones, R.A. and Horowitz, B.M., “A system-aware cyber security architecture”, Systems Engineering, Volume 15, No. 2 (2012), 224-240
  • Bayuk, J.L. and Horowitz, B.M., “An architectural systems engineering methodology for addressing cyber security”, Systems Engineering 14 (2011), 294-304
  • Babineau, G.L., Jones, R.A. Horowitz, B.M., “A system-aware cyber security method for shipboard control systems with a method described to evaluate cyber security solutions”, 2012 IEEE International Conference on Technologies for Homeland Security (HST), 2012
  • Jones, R.A., Nguyen, T.V., and Horowitz, B.M., “System-Aware security for nuclear power systems”, 2011 IEEE International Conference on Technologies for Homeland Security (HST), 2011, pp. 224-229
  • Bayuk, J.L., Horowitz, B.M., Jones, R. “Security via related disciplines”, 10th Annual Conference on Systems Engineering Research, March 1, 2012
  • B.M. Horowitz, AFCEA SIGNAL – Cybersecurity for Unmanned Aerial Vehicle Missions, April 2016 (pp40-43)
  • B.M. Horowitz, D. Scott Lucero – INCOSE INSIGHT,   System-Aware Cybersecurity: A Systems Engineering Approach for Enhancing Cybersecurity, July 2016

Research Team

Current researchers

  • PI: Dr. Barry Horowitz, University of Virginia
  • Co-PI: Dr. Peter Beling, University of Virginia
  • Co-PI: Cody Fleming, University of Virginia
  • Stephen Adams, University of Virginia
  • Carl Elks, Virginia Commonwealth University
  • Tim Bakker, Virginia Commonwealth University
  • Kryzsztof Cios, Virginia Commonwealth University
  • Georgios Bakirtzis, Virginia Commonwealth University

Past researchers

  • Dr. Cark Elks, University of Virginia
  • Dr. Marty Humphrey, University of Virginia
  • Dr. Kevin Skadron, University of Virginia
  • Dr. Ron D. Williams, University of Virginia
  • Dr. William Melvin, Georgia Tech Research Institute
  • Dr. Nathan Lau, University of Virginia
  • Dr. Jennifer Bayuk, Stevens Institute of Technology
  • Dr. Alfredo Garcia, University of Virginia
  • Dr. Michael Heiges, Georgia Institute of Technology
  • Lt Col Chris Gay, University of Virginia
  • Mr. Jim Perkins, Georgia Institute of Technology
  • Ms. Johanna LoTempio, Georgia Institute of Technology
  • Mr. Tom Owens, Georgia Institute of Technology
  • Mr. Alex Triesczieski Georgia Institute of Technology
  • Mr. Ed Suhler, University of Virginia
  • Mr. R.W. Williams, University of Virginia
  • Mr. Michael Brinkmann, Georgia Institute of Technology

Collaborating Institutions

Project Researchers