CAREER: Securing Critical Infrastructure with Autonomously Secure Storage

职业：通过自主安全存储保护关键基础设施

• 批准号: 1254198
• 负责人: Kevin Butler
• 金额: $ 40万
• 依托单位: University of Oregon Eugene
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2013
• 资助国家: 美国
• 起止时间: 2013-04-01 至 2015-04-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1254198&HistoricalAwards=false
• 关键词: CAREER; Securing; Critical; Infrastructure; Autonomously

Embedded systems currently rely on local and often insecure state retention for process control and subsequent forensic analysis. As critical embedded control systems (e.g., smart grids, SCADA) generate increasing amounts of data and become ever more connected to other systems, secure retention and management of that data is required. Attacks such as Stuxnet show that SCADA and other systems comprising critical infrastructure are vulnerable to the compromise of controllers and sensing devices, as well as falsification of data to circumvent anomaly detection mechanisms. This project develops techniques and architectures for securely storing and monitoring embedded system state in critical infrastructure. We are examining vulnerabilities relating to generating and storing data in critical embedded systems, which are often resource-constrained environments. We propose the design and deployment of 'autonomously secure storage devices' that act as resilient storage for embedded devices. We are designing logging, audit, and management architectures for resiliently storing system data and provenance in the face of malicious and compromised devices. Additionally, we explore how this data may be disseminated to other systems and to environments such as the cloud and aim to protect data through privacy-preserving communication and querying interfaces, and attempt to make data-driven inferences about system operation to detect anomalous behavior. Through these active protections to generated data and metadata, we aim to provide a new baseline for producing and storing data generated within critical infrastructures.

嵌入式系统目前依赖于本地和往往不安全的状态保持过程控制和后续的取证分析。作为关键的嵌入式控制系统（例如，智能电网、SCADA）产生越来越多的数据，并且与其他系统的连接越来越紧密，因此需要对这些数据进行安全的保留和管理。 Stuxnet等攻击表明，SCADA和其他组成关键基础设施的系统很容易受到控制器和传感设备的危害，以及伪造数据以规避异常检测机制。该项目开发了用于安全存储和监控关键基础设施中嵌入式系统状态的技术和体系结构。我们正在研究与关键嵌入式系统中生成和存储数据相关的漏洞，这些系统通常是资源受限的环境。我们提出了设计和部署的“自主安全存储设备”，作为弹性存储嵌入式设备。 我们正在设计日志记录、审计和管理架构，以便在面对恶意和受损设备时弹性存储系统数据和来源。此外，我们还将探索如何将这些数据传播到其他系统和云等环境中，旨在通过保护隐私的通信和查询接口来保护数据，并尝试对系统操作进行数据驱动的推断，以检测异常行为。通过这些对生成的数据和元数据的主动保护，我们的目标是为在关键基础设施内生成和存储数据提供新的基准。