Defense as a Service Cloud for Cyber-Physical Systems

Modernizing our critical infrastructure often involves upgrades with Cyber-Physical Systems (CPS) to enhance efficiency, safety and reliability. New security and resilience requirements and challenges arise given the mission- and time-critical nature of CPS applications. These applications are always targeted by sophisticated persistent attacks exploiting potential cyber-physical integration vulnerabilities. In this paper, we present CyPhyCARD (Cooperative Autonomous Resilient Defense "CARD" platform for Cyber Physical Systems) as a resilient and secure defense cloud. The foundation of CyPhyCARD is our Cell-Oriented Architecture (COA) that enables distributed, dynamically configurable, and runtime-programmable platforms. COA comprises composable intrinsically resilient, active components termed "Cells" that dynamically manage heterogeneous resources and executable software code variants to execute CyPhyCARD defense missions. CyPhyCARD uses our generic Evolutionary Sensory system (EvoSense) to circulate context-driven, functionally customizable sensors and effectors through the target of defense. EvoSense provides cooperative autonomous control and sharing amongst interconnected defense service providers (CyPhyCARD) and/or their target of defense to enhance attack detection and deterrence. Further, CyPhyCARD uses our ChameleonSoft system to secure its infrastructure of cells. ChameleonSoft is a multidimensional software diversity system that autonomously induces runtime confusion and diffusion thereby, in effect, encrypting the spatiotemporal software behavior and realizing a moving target defense. Both EvoSense and ChameleonSoft are built using the COA. CyPhyCARD is designed to increase the cost for the attacker at all times through persistently asymmetric operations achieved, in part, using a moving target defense construction and automated recovery provided by ChameleonSoft; rabid global attack detection and mitigation through EvoSense; and Operation resilience in presence of attacks using attack containment and honeypots defense missions. We demonstrate, using an attack scenario, how our proposed solution reacts to threats targeting CyPhyCARD and/or its target of defense systems.