Publications
Security considerations for next-generation operating systems for cyber-physical systems
Summary
Summary
Cyber-physical systems (CPSs) are increasingly targeted in high-profile cyber attacks. Examples of such attacks include Stuxnet, which targeted nuclear centrifuges; Crashoverride, and Triton, which targeted power grids; and the Mirai botnet, which targeted internet-of-things (IoT) devices such as cameras to carry out a large-scale distributed denial-of-service (DDoS) attack. Such attacks...
Design and analysis framework for trusted and assured microelectronics
Summary
Summary
An in-depth understanding of microelectronics assurance in Department of Defense (DoD) missions is increasingly important as the DoD continues to address supply chain challenges. Many studies take a "bottom-up" approach, in which vulnerabilities are assessed in terms of general-purpose usage. This is beneficial in developing a general knowledge foundation. However...
HARDEN: A high assurance design environment
Summary
Summary
Systems resilient to cyber-attacks for mission assurance are difficult to develop, and the means of effectively evaluating them is even harder. We have developed a new architectural design and engineering environment, referred to as HARDEN (High AssuRance Design ENvironment), which supports an agile design methodology used to create secure and...
Understanding Mission-Driven Resiliency Workshop
Summary
“Understanding Mission-Driven Resiliency” on behalf of the US Air Force, on March 18, 2019 at MIT
Lincoln Laboratory Beaver Works in Cambridge, MA. Participants began to bridge the gap between
government and industry to improve the resiliency of government systems to cyber attacks. The
workshop focused on understanding and defining resiliency from different perspectives and included
five panels devoted to discussing how different industries view and manage resiliency within their
organizations, the sources of resiliency within organizations and software-intensive systems, measuring
resiliency, and building resiliency within an organization or technology stack.
Summary
MIT Lincoln Laboratory hosted an invitation-only, one-day interdisciplinary workshop entitled
“Understanding Mission-Driven Resiliency” on behalf of the US Air Force, on March 18, 2019 at MIT
Lincoln Laboratory Beaver Works in Cambridge, MA. Participants began to bridge the gap between
government and industry to improve the resiliency of government systems...
Guidelines for secure small satellite design and implementation: FY18 Cyber Security Line-Supported Program
Summary
Summary
We are on the cusp of a computational renaissance in space, and we should not bring past terrestrial missteps along. Commercial off-the-shelf (COTS) processors -- much more powerful than traditional rad-hard devices -- are increasingly used in a variety of low-altitude, short-duration CubeSat class missions. With this new-found headroom, the...
Secure input validation in Rust with parsing-expression grammars
Summary
Summary
Accepting input from the outside world is one of the most dangerous things a system can do. Since type information is lost across system boundaries, systems must perform type-specific input handling routines to recover this information. Adversaries can carefully craft input data to exploit any bugs or vulnerabilities in these...
Security and performance analysis of custom memory allocators
Summary
Summary
Computer programmers use custom memory allocators as an alternative to built-in or general-purpose memory allocators with the intent to improve performance and minimize human error. However, it is difficult to achieve both memory safety and performance gains on custom memory allocators. In this thesis, we study the relationship between memory...
Leveraging Intel SGX technology to protect security-sensitive applications
Summary
Summary
This paper explains the process by which Intel Software Guard Extensions (SGX) can be leveraged into an existing codebase to protect a security-sensitive application. Intel SGX provides user-level applications with hardware-enforced confidentiality and integrity protections and incurs manageable impact on performance. These protections apply to all three phases of the...
OS independent and hardware-assisted insider threat detection and prevention framework
Summary
Summary
Governmental and military institutions harbor critical infrastructure and highly confidential information. Although institutions are investing a lot for protecting their data and assets from possible outsider attacks, insiders are still a distrustful source of information leakage. As malicious software injection is one among many attacks, turning innocent employees into malicious...
Cross-app poisoning in software-defined networking
Summary
Summary
Software-defined networking (SDN) continues to grow in popularity because of its programmable and extensible control plane realized through network applications (apps). However, apps introduce significant security challenges that can systemically disrupt network operations, since apps must access or modify data in a shared control plane state. If our understanding of...