Securing Cyber-Physical Systems: Challenges and the road ahead
Martin Ochoa
Singapore University of Technology and Design
CISPA Distinguished Lecture Series
Martín Ochoa studied Systems Engineering in San José, CR (Universidad Latina, B.Sc.) and Mathematics in Rome (La Sapienza, B.Sc.). He continued his math studies in Munich (LMU, M.Sc.). Thereafter, Martín completed a PhD in Computer Science at the TU Dortmund. He then worked as a consultant and researcher in IT security for Siemens Corporate Technology in Munich. Before joining SUTD Martin worked in the Chair of Software Engineering of the Technical University of Munich as a post-doctoral researcher.
With the proliferation of highly connected "smart things", such as home and industrial automation systems, there has been also a corresponding rise in attacks and concerns regarding their security. On the one hand, many of these systems were not designed with security considerations in mind, due to historical reasons (in the case of legacy Industrial Control Systems) and rush-to-market constraints (for some Internet-of-Things devices). Moreover, there are other inherent constraints that conflict with security, such as computational limitations, real-time deadlines and the difficulty to perform traditional testing and patching, among others. In this talk we discuss some of these challenges and report on recent results and work in progress being performed on realistic CPS testbeds (water, smart-grid and IoT) at SUTD. Such efforts include: authenticating communications and enforcing memory safety in ICS, reasoning on integrity violating information flows in CPS and building scalable highly-interactive honeypots.