Towards Cyber-Physical Vetting of Critical Infrastructures

Imagine that breaking into your home was as easy as hacking into your computer. With the advent of new technological advances and the Internet of Things (IoT), web-based technologies are becoming increasingly integrated into the physical fabric of our surroundings. While web-based home security may still on the horizon, critical infrastructures, such as those in civil, energy, manufacturing, and national defense domains, are increasingly interwoven with cyber components such as sensing, computing and control devices.

Protecting critical infrastructure from cyber and physical attacks, which have posed real, significant threats to organizational and national security, is no small task. Dongyan Xu and his research team are tackling this challenge head-on by taking an interdisciplinary and multipronged approach to create security solutions for an increasingly connected world.

Xu and his team are developing a new cyber-physical infrastructure (CPI) modeling tool to identify possible vulnerabilities and threats with a novel vetting method. The new modeling tool takes a holistic approach by analyzing the CPI software and firmware and checking it against physical and controls to expose any non-compliant, unwanted and even malicious logic in those programs. In addition, the modeling tool also employs testing of the physical systems to identify debugging techniques and identify vulnerabilities or loopholes within the system.

The team’s collective expertise in the areas of cybersecurity, defense, engineering and computer science is expanding their understanding of risks and impact scenarios. “Our effort brings together top experts across campus and incentivizes them to collaborate in a synergizing, cross-domain fashion—just like our framework,” says Xu. The team also has close connections with Naval Surface Warfare Center, Crane Division and Muscatatuck Urban Training Center (MUTC), both of which provide real CPI testbeds/proving grounds.

The team hopes that as our nation and the world create new critical infrastructures, their framework will provide a first line of defense against cyber-physical attacks.

Back to Projects

“Our effort brings together top experts across campus and incentivizes them to collaborate in a synergizing, cross-domain—just like our framework,” says Xu.

Team Photos

Principal Investigator: Dongyan Xu, professor of computer science; Interim Director, Center for Education and Research in Information Assurance and Security

Team: Daniel Delaurentis, professor of aeronautics and astronautics; Director, Institute for Global Security and Defense Innovation; Ananth Grama, professor computer science; Deputy Director, Purdue Center for Science of Information; Inseok Hwang, professor of aeronautics and astronautics; Ming Qu, associate professor of civil engineering; Eugene Spafford, professor of computer science; Executive Director Emeritus, Center for Education and Research in Information Assurance and Security