FAMU-FSU Cyber-Physcial Security Seminar Series
GreenBox: A Trustworthy Software Platform for Untrusted and Compromised Systems
Virgil D. Gligor, Carnegie Mellon University (1/17/2025)
The 2010 “axioms” of insecurity for commodity software systems explain why such systems are likely to remain vulnerable for the foreseeable future. Recent reports of security breaches confirm this long-standing trend, illustrating high-value penetrations of both business enterprises and government agencies by state-sponsored adversaries, originating primarily from China and Russia. To counter penetrations of endpoint systems (e.g., laptops, desktops, mobile phones) and embedded applications (e.g., energy distribution subsystems and robotic applications), we designed GreenBox, a low-cost trustworthy software platform that withstands any remote adversary attack – even when the underlying operating systems (e.g., Windows, Linux, MacOS, ROS) are fully compromised by zero-day attacks. GreenBox never requires security patches, and all its updates are formally specified and verified; it retains its secure usability on legacy systems and applications; and it is not vulnerable to social engineering attacks that insert malicious software into the underlying operating system and applications. We argue that the one-time cost of achieving GreenBox’s trustworthiness via formal specification and verification is modest and much below the recurrent cost of recovery from typical software breaches.
Bio
Dr. Virgil D. Gligor is a Professor at Carnegie Mellon University, where he directed CyLab, the university’s institute of security and privacy, between 2008 and 2015. Over the past five decades, his research has ranged from access control mechanisms, penetration analysis, and denial-of-service protection to cryptographic protocols and applied cryptography. He was an associate editor of several ACM and IEEE journals and the editor-in-chief of the IEEE Transactions on Dependable and Secure Computing. He received the 2006 National Information Systems Security Award jointly given by NIST and NSA, the 2011 Outstanding Innovation Award of ACM SIGSAC, and the 2013 Technical Achievement Award of IEEE Computer Society. He was inducted into the National Cyber Security Hall of Fame in 2019.
Cyberphysical Security Research at ORNL
Stacy Prowell, Oak Ridge National Laboratory (11/25/2024)
In this talk Dr. Stacy Prowell will present some of his research on cyberphysical system security conducted at Oak Ridge National Laboratory. Work presented includes automated reverse engineering, side-channel analysis, and remote attestation. These all share a common theme of attempting to find a source of ground truth in cyberphysical systems and then leveraging that to discover vulnerabilities, intrusions, and tampering.
Bio
Dr. Stacy Prowell is a distinguished researcher in the Oak Ridge National Laboratory (ORNL) National Security Sciences Directorate. For ten years Dr. Prowell served as the Chief Cyber Security Research Scientist and led the Cyber Warfare Research Team while working to build a cybersecurity program at ORNL. Dr. Prowell started the lab’s Vehicle Security Program and served as its director and served as the Program Manager for Cybersecurity for Energy Delivery Systems in the Sustainable Electricity Program. Dr. Prowell has published two books and numerous papers on software engineering and system security. His work on a system for deep analysis of compiled software led to the Hyperion system which received a 2015 R&D 100 award. Dr. Prowell is currently the Associate Director of Reserarch for the Cybersecurity Education, Research, and Outreach Center at Tennessee Technological University, and a Professor in the Computer Science Department. Previously, Prowell worked in the CERT Program of the CMU Software Engineering Institute on automated analysis of malware.
Optimal Incentivization Strategies for Charging
Control of Electric Vehicles in Electricity
Distribution Grids considering Dynamical
Stability Constraints
Aranya Chakrabortty, North Carolina State University (10/04/2024)
Significant amount of research has been done on how charging of EVs should be priced in a cost-effective way to facilitate grid operations. However, one question that is still unclear is: how does massive-scale EV charging impact the dynamics of the distribution grid, and can pricing help in smoothing of EV loads so that both small-signal and voltage stability margins of the grid can be improved? In this talk, I will present an optimal control design to answer the above question in light of understanding how high charging demands from EV customers may cause dynamical instability, and how price incentivization, charging setpoints, and optimal controllers for the EV converters can all be co-designed to minimize the risk of these instabilities.
Bio
Dr. Aranya Chakrabortty is a professor and the associate department head for research in the Electrical and Computer Engineering department at North Carolina State University. His research interests are at the intersection of power systems and controls systems. He received the NSF CAREER award in 2011, and was named a university faculty scholar by NC State Provost office in 2019. From 2020 to 2023, Aranya served as a program director at NSF where he managed various research portfolios on power and energy systems.