Runtime Integrity Verification In Cyber-Physical Systems Using Side-Channel Fingerprint

The world is moving towards a connected ecosystem of cyber-physical components, which are increasingly deployed in diverse fields, from automobiles, to power grids, city infrastructure, manufacturing, and biomedical systems. Majority of these applications call for physical proximity of users to the system due to the nature of the service (e.g., health care). Both remote (through a network) and physical access to these systems have significantly broadened the attack surface of Cyber-Physical Systems (CPS) by providing increased flexibility to observe and alter the system maliciously. Many such systems are deployed in critical applications requiring a high level of operational integrity. Existing solutions for attack detection and prevention are often not adequate, specifically with respect to emerging vulnerabilities. In this paper, we focus on run-time monitoring of CPS with respect to attacks on hardware and software. In particular, we present the motivation for run-time monitoring and then propose methods for detection of physical attacks on hardware and activation of malicious programs in system software, both of which are severe threats to traditional and emerging applications of CPS. We propose a power up and runtime hardware-software integrity monitoring of sensing and computing equipment in CPS through continuous observation of various side-channel parameters using a plug and-play hardware module. We present a systematic framework that includes signature generation and comparison technique through device calibration, noise reduction, and workload analysis. Finally, we present a framework for monitoring two side-channel parameters (namely, power and electromagnetic radiation) to detect component replacement and malicious code execution.