80 likes | 230 Views
Workshop on Research Directions for Security and Networking in Critical Real-Time and Embedded Systems. Organizers: NC State University & UNC Chapel Hill Agency support: NSF, DoD, DARPA Academic support: many universities Industry support: companies (large and small). Objective.
E N D
Workshop on Research Directions forSecurity and Networking in Critical Real-Time and Embedded Systems Organizers: NC State University & UNC Chapel Hill Agency support: NSF, DoD, DARPA Academic support: many universities Industry support: companies (large and small)
Objective • Identify research problems in • Security & Networking for • Real-time/embedded systems • Critical infrastructure • SCADA (supervisory control & data acquisition) systems • PCS (process control systems) • Safety-critical systems • Aviation, automotive, … • Mission-critical systems • UAVs, …
Challenges • Network connectivity of critical infrastructure • Internal, external, maintenance access hidden but not isolated (Modbus/TCP) • Wireless data acquisition and sensor networks • Real-time techniques for network security • Real-time constraints on security provisions • Trust in embedded systems & networks • Cybersecurity • “Security for SCADA … 5-10 years behind” (Fed. TSWG)
More Challenges • Limited resources (embedded) • Long life cycles of hardware/software (10-20 years) • Hard to upgrade (ROM), default/same old passwords • No protection (memory, network encryption, same port, firewalls)
Potential Threats • Malfunctioning control devices • Malicious tempering • Worms, viruses on monitoring/control stations • Terrorist attacks • Targets • Power grid, power plants • Water plants, chemical plants • Gas and oil pipelines, refineries • Phone • Transportation (air traffic control, planes, rail, subway) • Loss of service/property, injury/death, environmental, financial…
Aims • Identify risks and grand challenges • Determine needs to • Enhance existing systems (medium term) • Design new systems from scratch (long term) • Some old, some new • Learn from other fields & develop new solutions • Bring together • Researchers, practitioners, funding agencies • Summarize findings in workshop report • Open to public • Agencies: solicit funds • Industry academia cooperation: ample opportunities now!
Let’s get started • Program • Keynotes & short presentations • Panel & round table • Break-out sessions • Summary & round table • Workshop report
Firewalls Encyption Monitoring Honeypots Detection systems Timing constraints / timing checks RTOS enhancements & redesign:VRTX, LynxOS, QNX, TinyOS Network isolation vs. connectivity (and maintainability) Wired / wireless communication Compromised / malfunctioning sensors Hardware (ASICS, PLCs: programmable logic controllers) Software diversity Upgrade vulnerability Topics: Roundtable Discussion • Consider experiences and solutions (e.g., network security) • Develop new solutions • Topics: