Title: Human Capital Development – Resilient Cyber Physical Systems
Report No.: Technical Report SERC-2017-TR-113
Publication Date: September 29, 2017
The research and education programs in computer and software security and resilience were advanced in the 1980’s and 1990’s with many formal approaches to system reliability, security, dependability, and safety – primarily in response to U.S Department of Defense needs. Since that time, the scale and complexity of critical computing systems has increased immensely, but without a related increased focus on research, knowledge, and education specifically addressing dependable and resilient computing. This significant need is critical for the software embedded systems that dominate defense missions, as well as emerging Internet of Things (IoT), distributed computing, and other commercial systems. A further area of concern is a lack of university investment in laboratory facilities that can simulate large scale cyber-physical systems (CPS). Most of the recent information security research and education programs focus on commercial information technology (IT) systems, and consequently, much of the recent university investment has focused on computer science and associates IT applications.
Formal research or studies in related curricula are also difficult to find. However, top universities such as Georgia Tech and the University of Virginia are now broadening their information security education programs to recognize specialized knowledge threads related to the unique demands of information systems, cyber-physical systems, and related policy concerns. In 2015 the National Academies Committee on 21st Century Cyber-Physical Systems Education explored requirements for education and training related to applications of the CPS domain. Their report, A 21st Century Cyber-Physical Systems Education, recommended “the creation and evolution of undergraduate education courses, programs, and pathways so that engineering and computer science graduates have more opportunities to gain the knowledge and skills required to engineer cyber-physical systems” [NAS, 2016]. Although this report focused on emerging commercial applications of CPS, the foundational knowledge applies equally to defense related systems.
This project conducted background research to develop a taxonomy that relates core characteristics of CPS, concepts of security and availability in CPS, and related core knowledge and skills associated with the development of such systems. A broad survey of existing education programs across more than 100 U.S. universities was conducted to characterize the existing undergraduate and graduate engineering and computer science education programs as related to emerging needs of CPS. These surveys were augmented by deeper dives into the education programs at our universities, including both curricula and laboratory programs, to develop a set of recommendations.
Based on the taxonomy development, we conclude in the DoD applications of resilient CPS there is a set of knowledge areas, skills, and competencies that can be derived from basic foundations and principles of dependability and security in computer and software systems, to particular aspects of dependability and security CPS, and finally to assurance principles that evaluate and verify their dependability and security. The unique aspects of military CPS can be viewed as an application area. We next looked at availability of education opportunities across the CPS domain.
After collection data on courses offered and labs/projects funded by these competitive engineering universities, it became clear that there is a lack of opportunities for students to learn more about CPS and computer security in general. For example, only four programs in our survey offered a degree with a dedicated CPS focus, and only two of these with a security component, highlighting the shortage of programs that can produce competent CPS engineers. Outside of the classroom, there was usually only one semi-thematically relevant project that students could participate in. These deficits illustrate the causes of the lack of qualified employees in CPS. Now that these results have been compiled, it is easier to provide evidence of an absence of attention to the critical topic that is security in these systems.
The combination of taxonomy development and survey results were used to produce a set of themes published curricula across U.S. university computer engineering and computer science programs to establish a set of themes that are indicators of the appropriate knowledge sets. These themes allowed us to combine knowledge of what constitutes a CPS with related curricula in computer engineering and computer science, and competencies associated with system assurance. This mapping will be useful in the development of future curriculum recommendations and competency models.
Very few academic institutions are currently supporting cybersecurity related laboratories that would support educational curriculum focused on resilience of cyber physical systems. However, advanced efforts in academia and industry related to cyber-attack resilience for physical systems are starting to emerge, including the use of laboratories to provide experimental results. These laboratory designs offer design opportunities for new laboratories that are focused on supporting educational needs. Resilience-focused solutions will demand future system designers who integrate solutions that are based upon technical and operational areas of knowledge that are not traditionally part of the cybersecurity curriculums that are now offered. In particular, techniques related to fault tolerant system design and understanding of attack taxonomies that integrate IT system attacks combined with control physical control system attacks are typically not part of a cybersecurity-related curriculum. Another outcome of the survey is the conclusion that model-based engineering techniques provide a significant opportunity for design and evaluation of potential resilience solutions.
The UVA team further investigated the concept of resilient CPS within a more specific taxonomy of threat attack methods and responses. They tested the resulting methods, processes and tools in an initial professional education setting with good results. Based upon these results it is recommended that the DoD consider establishing one or two new cyber physical system resilience education efforts that build upon the GaTech/UVA study outcomes and include the desire to continue to gather information about these efforts that will help to identify improvement opportunities based upon actual experience.
- Molly Nadolski, Georgia Institute of Technology
- Paige Meierhofer, Georgia Institute of Technology
- Nicola Bezzo, University of Virginia
- Jack Davidson, University of Virginia
- Ron Williams, University of Virginia