Columbia Technology Ventures

Improved security architecture for cyber-physical systems using rebooting and diversification

This technology is a security architecture for cyber-physical systems called YOLO (You Only Live Once) that uses periodic micro-rebooting and diversification to protect against external physical or cyber-attacks.

Unmet Need: Resilient security architecture for protecting cyber-physical systems

The integration of physical and computational components in a cyber-physical systems (CPS) opens new avenues through which adversaries can force incorrect and potentially dangerous behavior. Current corporate IT cyber defense measures involve frequent software updates and physical backup systems, neither of which is well-suited for CPS control modules due to stricter operational requirements during autonomous decision-making. As such, there is a need for improved CPS resilience, specifically in the areas of system redundancy and diversity.

The Technology: Improved security architecture for CPS using rebooting and diversification

This technology is a security architecture for CPS that protects against cyber or physical attacks by implementing two established cybersecurity measures, rebooting and diversification, in a manner that takes advantage of physical properties inherent to CPS. This architecture, referred to as YOLO, uses an inertia-aware rebooting strategy to flush out potentially tainted states left by attackers and to reset key operational parameters to default values, preventing malicious activity without impacting system performance. With each reboot, the CPS loads variants of key programs to prevent continued exploitation of any known vulnerabilities. In sum, YOLO combines established cybersecurity measures with physical properties inherent to CPS to protect against and survive external attacks.

This technology has been validated on a car engine running open source control software.

Applications:

  • Security architecture for CPS in drones, autonomous vehicles, planes, power plants, etc.
  • Military and defense security for radar, armored vehicle control, weapons control, etc.
  • CPS privacy and security for commercial products such as phones and navigation systems
  • Industrial Control Systems (ICS) security in manufacturing, production, and related systems
  • Security of Internet-Of-Things (IoT) products for industry and consumer use
  • CPS privacy and security for medical devices in the areas of patient monitoring, drug delivery, robotic surgery, etc.

Advantages:

  • Translates established IT cybersecurity measures to CPS security architecture
  • Takes advantage of CPS physical properties such as inertia and reliability against intermittent faults to survive malicious attacks
  • Prevents the re-exploitation of previously found vulnerabilities
  • Preserves operational activity and performance when guarding against attacks

Lead Inventor:

Simha Sethumadhavan, Ph.D.

Patent Information:

Patent Issued

Related Publications:

Tech Ventures Reference: