For Immediate Release
Cyber Security Research Alliance Workshop Publishes Research Results for "Taxonomy & Ontology for Roots of Trust for Cyber-Physical Systems”
Drexel University and George Mason University Research Teams Investigated Transportation, Medical Device and Energy Systems Security
WAKEFIELD, Mass., Jan. 6, 2015 – The Cyber Security Research Alliance (CSRA) today announced the publication of results from the "Roots of Trust for Cyber-Physical Systems (CPS)” pilot research project, which focused on building a universal common vocabulary and context for Cyber-Physical Systems (CPS) Roots of Trust in order to streamline research, assessment and responses to threats in this area.
"Roots of Trust" are security functions or components in a device or system that are implicitly trusted and create a foundation of integrity for that device or system. Cyber-physical systems are computing structures and components with physical interfaces that are used as a part of critical infrastructures for essential services such as energy delivery, transportation or home automation. Roots of Trust in CPS are critical for increasing operational integrity, trustworthiness and the safety of cyber-physical systems.
The pilot project draws from the recommendations received during the "Designed-In Cyber Security for Cyber-Physical Systems" workshop conducted last year. Drexel University and George Mason University were selected as CSRA research partners, with a goal of delivering a taxonomy and ontology of terms and relationships for technologies related to CPS Roots of Trust. The resulting survey and ontology provided insights into defining a common context and vocabulary for CPS as well as a mechanism to detect gaps, relationships among diverse domains and promising technology developments. A research summary and detailed results are posted on the CSRA website.
"One of the inhibitors of research in this area has been the lack of common terminology and assessments of work in adjacent fields," said Julian Warrick, CSRA interim president and Lockheed Martin director. "We believe the outcome of this project will give direction to researchers in forming multi-disciplinary teams to investigate the best solutions, taking into account real world trade-offs for protection, detection and response to cyber-attacks on CPS."
Domains surveyed included transportation and medical devices (George Mason University) and energy systems (Drexel University). For each domain, the project teams surveyed the field, prioritized technologies, identified gaps and defined approaches to build an ontology based on the analysis. The project teams also defined a common vocabulary for CPS, provided information on research already conducted and prioritized gaps.
“The diversity of CPS contexts and the multi-disciplinary nature of the field have limited the sharing of best practices and research advances,” said Warrick. “The public availability of the CSRA project results will help improve this situation and build a more connected community of practice in CPS security and privacy.”
As the CSRA continues to work via public-private partnerships to execute research agendas in key technical areas, conduct larger-scale research and development activities and contribute to the national strategy in cyber security, it seeks to engage a broad range of participants. Interested parties are invited to join the effort, for the benefit of all.
About the CSRA
The CSRA is a private, non-profit research consortium formed in response to the growing need for increased public-private collaboration to address complex problems in cyber security. The founding members of the CSRA are Advanced Micro Devices (AMD), Honeywell, Intel Corporation, Lockheed Martin, and RSA, The Security Division of EMC. The CSRA seeks to achieve coordinated industry participation to address national cyber security research and development (R&D) imperatives and bridge the gap between government-funded R&D and commercially available products and solutions in cyber security. More information about the CSRA can be found at www.cybersecurityresearch.org.
Ryan Zimmerman, 202.336.7962, ext 7962; Cell: 202.560.8230