PALO ALTO, Calif., Feb. 12, 2019 /PRNewswire/ -- The Palo Alto Research Center, Inc. (PARC, a Xerox company) and George Mason University (GMU) have been awarded a contract from the Defense Advanced Research Project Agency (DARPA) Configuration Security program (ConSec). Within ConSec, researchers from PARC and GMU will collaborate on a project christened SCIBORG: Secure Configurations for the Internet of Things (IoT) based on Optimization and Reasoning on Graphs. The goal of SCIBORG is to devise fundamentally new approaches to determine security configurations that protect critical infrastructure and IoT-based systems.
"SCIBORG will measure its success in terms of the reduction of the impact of potential attacks. To reason about the security of an IoT configuration, it is important to evaluate the attack paths that are available to the adversary," said Hamed Soroush, Senior Researcher at PARC and the Principal Investigator. "Configuration settings that reduce the impact of these attack paths would, by this line of reasoning, be more secure."
The ConSec program aims to develop new approaches to generate and deploy secure configurations of components that make up large cyber-physical and cyber-military systems. Particularly desired are configurations that will minimize the vulnerability to attacks while maintaining the expected functionality and performance. This is an intractable problem because the space of possible configuration settings is extremely large and because it is not clear how to reason about security and functionality in a system-of-systems scenario.
"SCIBORG's focus on attack paths has an interesting side benefit; it provides one way to generate evidence explaining why a chosen configuration is more secure," said Shantanu Rane, who manages the Cyber-Physical Systems Security research area at PARC and will be the co-PI on this project.
To achieve SCIBORG's goals, PARC and GMU researchers will ingest per-component configurations and construct graph-based models to capture within-component and between-component dependencies among configuration elements. They will seek efficient and automated approaches to minimize the impact of possible attack paths, while maintaining functionality and performance.
"SCIBORG's approach explicitly encodes constraints on the configuration parameters using graph-based models, allowing us to significantly reduce the actual number of configurations that need to be tested for security and functionality," said Ersin Uzun, director of PARC's System Sciences Laboratory.
PARC has several decades of experience in creating and developing Model-based Reasoning projects and have been a successful performer on several past DARPA Programs in this area. Massimiliano Albanese, associate professor in the GMU Department of Information Sciences and Technology, will serve as a faculty collaborator on SCIBORG. Prof. Albanese has played a leading role in developing the approaches that facilitate joint reasoning about security and functionality in system-of-systems scenarios.
For more information, please visit https://www.darpa.mil/program/configuration-security.
PARC, a Xerox Company provides custom R&D, technology, expertise, best practices and intellectual property to Fortune 500 companies, startups and government agencies. For nearly 50 years, PARC has lived at the leading edge of innovation. Through an Open Innovation approach that combines scientific creativity, interdisciplinary collaboration and business drive, PARC continues to invent, develop and deliver breakthrough technologies with the capacity to transform or create new global markets. Bringing together leading scientists, engineers and designers, PARC works across multiple industries, with a focus on Artificial Intelligence and Human-Machine Collaboration, Internet of Things and Machine Intelligence, Digital Design and Manufacturing, Novel Printing, Microsystems and Smart Devices, and the Digital Workplace. For more information, visit www.parc.com.
Marshall Hampson for PARC, a Xerox Company