Current Projects
Cybersecurity Assurance for Critical Infrastructure Protection of critical infrastructure is rapidly growing as one of the most important areas of cybersecurity. The primary goal of this project is to design and develop critical infrastructure cybersecurity assessment methodologies and associated modelling and simulation environments. We are working on a rigorous, formal methods-based approach for identifying and analyzing the existence of implicit component interactions in critical infrastructure systems. Our goal is to provide a formal understanding of how and why implicit interactions can exist in distributed systems, such as those commonly found in critical infrastructures. Additionally, the methods we are developing can identify deficiencies in important existing system components, allowing for better assessment of the risks being taken by using such components in critical systems.
Critical Infrastructure Resilience Institute (CIRI), University of Illinois, Urbana IL, USA
U.S. Department of Homeland Security Science & Technology Directorate
Collaborator: John Villasenor (UCLA)
January 2016 - June 2019
Validating the Effectiveness of Security Design Patterns Security design patterns have been proposed for mitigating security threats at early stages of software design. However, approaches for verifying and validating that using a security design pattern mitigates a particular threat, or class of threats, and improves system security, do not currently exist. This research project aims to close this gap in the research by developing approaches for: (1) detecting security threats targeting communication channels in the architectural design of distributed software systems, and (2) analyzing, verifying, and validating the effectiveness of security design patterns for mitigating detected security threats and improving system security at design-time.
CU Development Grant, Carleton University, Ottawa ON, Canada
September 2018 - August 2019
Past Projects
Assurance Cases for Security and Resilience of Advanced Metering Infrastructure Smart energy grids depend on advanced metering infrastructure (AMI) and enormous amounts of information collected and used to make important decisions related to energy services including billing, monitoring, distribution, load balancing, and more. Therefore, ensuring the confidentially, integrity, and availability of this information is paramount. However, proving that AMI is secure, and that it is acceptably resilient is a difficult task. In this project, we seek to establish the ground work required for the development of assurance case templates for security and resilience properties of AMI. We aim to form the foundation for ongoing research in the development of assurance cases for security and resilience of critical infrastructure. Our goal is to take the important first step towards developing a more holistic and comprehensive approach for ensuring the security and resilience of critical infrastructures. Having a systematic way in which we can assure that providers of AMI have done their due diligence in protecting against, and planning for, potential compromise or failure of their systems, and the components from which they are built, can advance and enhance cybersecurity assurance in the complex distributed systems that are now a part of so many critical infrastructures. This will ultimately provide valuable and insightful information regarding how to mitigate the security vulnerabilities and risks, and how to reduce the impact when a system experiences an attack or failure.
Natural Resources Canada, Ottawa ON, Canada
February 2018 - March 2018