In this project, we investigate detection and mitigation of memory-safety attacks (e.g. buffer overflow) for cyber-physical systems. Current security solutions for memory-safety attacks are not directly applicable for cyber-physical systems (CPS) for several reasons. Firstly, most CPS enforce real-time constraints and it needs to be investigated whether security solutions for memory-safety attacks can meet the real-time constraints enforced by typical CPS. Secondly, the state-of-the-art memory-safety attack mitigation is to abort the system when a memory-safety attack is identified. Such a solution is also not applicable for CPS, as the availability of a CPS is equally important as security. For IIoT, we aim to answer the following research questions: 1) What are the different attack vectors to compromise the security of a given Industrial IoT (IIoT) device? 2) Given a set of attacker models, how to automatically discover possible security breaches in IIoT devices? 3) How do we design IIoT devices robust in terms of security (specifically, for DoS attacks and malware)? To know more about our work here check the following publication: ESSoS2018.
Acknowledgement: We are grateful to Keysight Technologies for generously supporting this project.