Within ConSec, researchers from PARC and GMU will collaborate on a project christened SCIBORG: Secure Configurations for the Internet of Things (IoT) Based on Optimization and Reasoning on Graphs. The goal of SCIBORG is to devise fundamentally new approaches to determine security configurations that protect critical infrastructure and IoT-based systems.
“SCIBORG will measure its success in terms of the reduction of the impact of potential attacks. To reason about the security of an IoT configuration, it is important to evaluate the attack paths that are available to the adversary,” said Hamed Soroush, senior researcher at PARC and the principal investigator. “Configuration settings that reduce the impact of these attack paths would, by this line of reasoning, be more secure.”
The ConSec program aims to develop new approaches to generate and deploy secure configurations of components that make up large cyber-physical and cyber-military systems. Particularly desired are configurations that will minimize the vulnerability to attacks while maintaining the expected functionality and performance.
“SCIBORG’s focus on attack paths has an interesting side benefit; it provides one way to generate evidence explaining why a chosen configuration is more secure,” said Shantanu Rane, who manages the Cyber-Physical Systems Security research area at PARC and will be the co-PI on this project.
To achieve SCIBORG’s goals, PARC and GMU researchers will seek efficient and automated approaches to minimize the impact of possible attack paths, while maintaining functionality and performance.
“SCIBORG’s approach explicitly encodes constraints on the configuration parameters using graph-based models, allowing us to significantly reduce the actual number of configurations that need to be tested for security and functionality,” said Ersin Uzun, director of PARC’s System Sciences Laboratory.
PARC has several decades of experience in creating and developing Model-based Reasoning projects and has been a successful performer on several past DARPA programs in this area. Massimiliano Albanese, associate professor in the GMU Department of Information Sciences and Technology, will serve as a faculty collaborator on SCIBORG. Prof. Albanese has played a leading role in developing the approaches that facilitate joint reasoning about security and functionality in system-of-systems scenarios.