CPS: Breakthrough: Cyber-Physical System Securitization by Responsibility Analysis

CPS：突破：通过责任分析实现信息物理系统安全化

• 批准号: 1446511
• 负责人: Patrick Cousot
• 金额: $ 50万
• 依托单位: New York University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-01-01 至 2019-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1446511&HistoricalAwards=false
• 关键词: CPS; Breakthrough; Cyber; Physical; System

Programs describe successions of actions to be performed by computers. Unfortunately programmers make errors which are exploited by attackers to divert program actions from their goals. Accordingly, program actions must be checked to be always safe and secure. Program security starts with the definition of which actions might be insecure and when they are bad. Insecure actions cannot be always forbidden as for safety. This project formalizes the concept of responsibility analysis. Responsibility analysis aims at determining automatically which program entities cause bad insecure actions to happen. This is possible by examining the program text only, because this text precisely describes all possible actions that can happen when later running a program. Based on an operational semantics of programs, the project formally defines semantic responsibility as the most precise way of locating the possible origin of bad actions. A sound static responsibility analysis will be designed by abstract interpretation of this operational semantics, on top of traditional safety analyses of C programs. A prototype static responsibility analyzer will be built to check for the security of cyber-physical systems (given bad actions and a security policy). The result of the analysis will be used to check that all entities responsible for bad actions are duly authorized (or the security policy is wrong). This tool will help programmers to soundly cure potential vulnerabilities at program design time as opposed to present-day post-mortem remedies after those attacks on programs that get detected. This would be a breakthrough at the confluence of cyber security, privacy, and cyber-physical systems.

程序描述了计算机要执行的操作的继承。不幸的是，程序员犯了错误，这些错误是由攻击者利用的，以将程序行动从其目标中转移出来。因此，必须检查程序措施以始终安全和安全。 程序安全性从哪些操作可能不安全以及何时不好的定义开始。不必要的行动就不能总是为安全而禁止。 该项目正式化了责任分析的概念。 责任分析旨在自动确定哪些程序实体会导致不安全的行动发生。 仅通过检查程序文本就可以做到这一点，因为此文本精确地描述了以后运行程序时可能发生的所有可能的动作。基于程序的操作语义，该项目正式将语义责任定义为找到不良行动可能起源的最精确方法。 声音静态责任分析将通过对C程序的传统安全分析进行抽象解释该操作语义的抽象解释。 将建立一个原型静态责任分析仪，以检查网络物理系统的安全性（鉴于不良的动作和安全策略）。 分析的结果将用于检查所有负责不良行为的实体是否均得到适当授权（或安全策略是错误的）。 该工具将帮助程序员在程序设计时间内综合解决潜在的漏洞，而不是在这些被检测到的程序进行攻击之后，而不是当今的后验尸。 这将是网络安全，隐私和网络物理系统汇合处的突破。