CIRI researcher seeking testbed for cybersecurity assurance framework

1/17/2019 11:00:00 PM

During the summer of 2015, a Jeep Cherokee SUV fell victim to hackers who exposed the existence of implicit interactions between the vehicle’s infotainment system and its transmission controls. This event served as the inspiration for CIRI researcher Jason Jaskolka to begin exploring these implicit interactions and how they can introduce vulnerabilities in large and complex systems.
Photograph of harbor
Photograph of harbor

Implicit interactions – defined as unforeseen interactions among components that may not be expected or intended by the designers and operators of the system – complicate efforts to create more secure cyber-physical systems, including smart cars, ports, and other entities. Jaskolka aims to address this problem by designing and developing critical infrastructure cybersecurity assessment methodologies and associated modeling and simulation environments. More specifically, he seeks to identify and mitigate cybersecurity vulnerabilities by “reading between the lines” and searching for implicit interactions between components of a system.

In the Jeep incident, the infotainment system wasn’t connected to the CAN bus (the main artery for vehicle communication) directly, but rather indirectly through a chip that interfaced with both. Through this link, hackers were able to get into the system through the infotainment network and reprogram the chip to compromise the transmission control system.

“This is an example of two seemingly disconnected components that should not have much to do with each other all of a sudden causing unintended behaviors with the potential to impact the safety, security and reliability of the system,” said Jaskolka, a faculty member in the Department of Systems and Computer Engineering at Carleton (Ontario) University.
Photograph of Jason Jaskolka
Photograph of Jason Jaskolka

As it is difficult to track all potential interactions within a system, Jaskolka set out to develop a modeling and assessment framework to specifically identify and track these implicit interactions. He utilized the mathematical framework Communicating Concurrent Kleene Algebra (C2KA) to develop his approach, which is now set to run via a prototype software tool. The technology runs an automation of all of the analyses, which provide salient metrics for the severity or exploitability of a given vulnerability – in his case an implicit interaction – identified to exist in a given system. Beyond critical infrastructure, Jaskolka also envisions the applicability of the developed methodology and framework to supply chain logistics, as well as command and control processes.

Jaskolka seeks a suitable case study system for a “road test” of his rigorous and systematic cybersecurity to enable better identification of critical infrastructure applications for the research and to provide actionable information that can improve critical infrastructure security. He is now seeking industry partners to validate the theoretical framework in practice by supplying a testbed for a case study. The testbed must include 6–12 components and have a defined stimulus-response (interaction between inputs and outputs) for each component. Ideally, the system components should also share some global state (for example, through the use of shared memory) and interact in both linear and concurrent ways.

Jaskolka started working with CIRI during his time as a DHS Cybersecurity Postdoctoral Researcher at Stanford University’s Center for International Security and Cooperation (CISAC). There, he further honed his research specialty in cybersecurity evaluation & assurance, and formal approaches for both. He joined the faculty at Carleton in 2017.