CICI: SSC: Real-Time Operating System and Network Security for Scientific Middleware

CICI：SSC：科学中间件的实时操作系统和网络安全

• 批准号: 2001789
• 负责人: Gedare Bloom
• 金额: $ 69.26万
• 依托单位: University of Colorado at Colorado Springs
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-11-01 至 2024-03-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2001789&HistoricalAwards=false
• 关键词: CICI; SSC; Real; Time; Operating

Remote monitoring and control of industrial control systems are protected using firewalls and user passwords. Cyberattacks that get past firewalls have unfettered access to command industrial control systems with potential to harm digital assets, environmental resources, and humans in proximity to the compromised system. To prevent and mitigate such harms in scientific industrial control systems, this project enhances the security of open-source cyberinfrastructure used for high energy physics, astronomy, and space sciences. The results of this project enhance the security of scientific instruments used in particle accelerators, large-scale telescopes, satellites, and space probes. The benefits to science and the public include greater confidence in the fidelity of experimental data collected from these scientific instruments, and increased reliability of scientific cyberinfrastructure that reduces the costs associated with accidental misconfigurations or malicious cyberattacks.The objective of this project is to enhance the security of the open-source Real-Time Executive for Multiprocessor Systems (RTEMS) real-time operating system and the Experimental Physics and Industrial Control System (EPICS) software and networks; RTEMS and EPICS are widely used cyberinfrastructure for controlling scientific instruments. The security enhancements span eight related project activities: (1) static analysis and security fuzzing as part of continuous integration; (2) cryptographic security for the open-source software development life cycle; (3) secure boot and update for remotely-managed scientific instruments; (4) open-source cryptographic libraries for secure communication; (5) real-time memory protection; (6) formal modeling and analysis of network protocols; (7) enhanced security event logging; and (8) network-based intrusion detection for scientific industrial control systems. The project outcomes provide a roadmap for enculturating cybersecurity best practices in open-source, open-science communities while advancing the state-of-the-art research in cyberinfrastructure software engineering and industrial control system security.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

工业控制系统的远程监控和控制使用防火墙和用户密码进行保护。通过防火墙的网络攻击可以不受限制地访问命令工业控制系统，这可能会损害数字资产，环境资源和靠近受感染系统的人类。 为了防止和减轻科学工业控制系统中的此类危害，该项目增强了用于高能物理、天文学和空间科学的开源网络基础设施的安全性。该项目的成果提高了粒子加速器、大型望远镜、卫星和空间探测器中使用的科学仪器的安全性。对科学和公众的好处包括对从这些科学仪器收集的实验数据的保真度更有信心，提高科学网络基础设施的可靠性，降低与意外错误配置或恶意网络攻击相关的成本。该项目的目标是提高开源多处理器系统实时执行（RTEMS）的安全性，真实的-时间操作系统和实验物理与工业控制系统（EPICS）软件和网络; RTEMS和EPICS是用于控制科学仪器的广泛使用的网络基础设施。加强安全措施涉及八个相关的项目活动：（1）作为持续集成一部分的静态分析和安全模糊;（2）开放源码软件开发生命周期的密码安全;（3）远程管理科学仪器的安全靴子和更新;（4）用于安全通信的开放源码密码库;（5）实时内存保护;（6）网络协议的形式化建模和分析;（7）增强的安全事件记录;以及（8）用于科学工业控制系统的基于网络的入侵检测。该项目成果为在开源、开放科学社区中培养网络安全最佳实践提供了路线图，同时推动了网络基础设施软件工程和工业控制系统安全方面的最先进研究。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

The Tragedy of the Miners

矿工的悲剧

• DOI: 10.1109/ccnc49033.2022.9700705
• 发表时间: 2022
• 期刊: 2022 IEEE 19th Annual Consumer Communications Networking Conference (CCNC
• 作者: Banerjee, Vijay;Rabinowitz, Ryan;Stidd, Mark;Lewis, Rory;Brown, Philip N.;Bloom, Gedare
• 通讯作者: Bloom, Gedare

Evaluating Feature Robustness for Windows Malware Family Classification

评估 Windows 恶意软件家族分类的功能稳健性

• DOI: 10.1109/icccn54977.2022.9868914
• 发表时间: 2022
• 期刊: 2022 International Conference on Computer Communications and Networks
• 作者: Duby, Adam;Taylor, Teryl;Bloom, Gedare;Zhuang, Yanyan
• 通讯作者: Zhuang, Yanyan

Shining New Light on Useful Features for Network Intrusion Detection Algorithms

为网络入侵检测算法的有用功能带来新的启示

• DOI: 10.1109/ccnc49033.2022.9700654
• 发表时间: 2022
• 期刊: 2022 IEEE 19th Annual Consumer Communications Networking Conference (CCNC
• 作者: Lawrence, Heather;Ezeobi, Uchenna;Bloom, Gedare;Zhuang, Yanyan
• 通讯作者: Zhuang, Yanyan

Detecting and Classifying Self-Deleting Windows Malware Using Prefetch Files

使用预取文件检测和分类自删除 Windows 恶意软件

• DOI: 10.1109/ccwc54503.2022.9720874
• 发表时间: 2022
• 期刊: 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC
• 作者: Duby, Adam;Taylor, Teryl;Bloom, Gedare;Zhuang, Yanyan
• 通讯作者: Zhuang, Yanyan

CANASTA: Controller Area Network Authentication Schedulability Timing Analysis

• DOI: 10.1109/tvt.2023.3258746
• 发表时间: 2023-08
• 期刊: IEEE Transactions on Vehicular Technology
• 影响因子: 6.8
• 作者: Omolade Ikumapayi;Habeeb Olufowobi;J. Daily;T. Hu;I. Bertolotti;Gedare Bloom