RUCKUS - a cybersecurity engine for performing autonomous cyber-physical system vulnerability discovery at scale.

In 2016, the Cyber Grand Challenge (CGC) provided key foundations and motivations for navigating towards an autonomous cybersecurity approach. Since that time, novel strides have been made in the areas of static analysis, vulnerability discovery, patching, and exploit generation. However, a majority of these efforts have been focused on enterprise systems, leaving a gap in the Cyber-Physical System (CPS) domain. With the rise of connected infrastructure and the introduction of 5G communications, CPS are becoming more ingrained within present-day society. Due to a large amount of legacy software, and control of safety-critical actuation, CPS are and will continue to be a huge attack vector for our adversaries to remotely deploy devastating attacks against our country with low economic cost and at scale. To combat this threat, we propose the need to apply the most beneficial concepts from the CGC to create more secure and resilient CPS. In this paper, we introduce a CPS security assessment architecture RUCKUS for autonomously identifying and analyzing CPS firmware, identifying vulnerabilities, and developing exploits. Further, our approach considers how to integrate graph analytics to extrapolate findings to firmware at scale, allowing for measuring the potential widespread impact of attacks. Our architecture is demonstrated using an automotive case study, leveraging firmware from the most popular automotive and router manufacturers to assess the real-world potential impact of CPS attacks.