Preventing Catastrophe from Sophisticated Software Sabotage An Introduction to Detecting Security and Safety Vulnerabilities in Embedded Software

On August 17, 2009 at the Sayano-Shushenskaya hydroelectric power station
in Khakassia, Russia, excessive vibration caused a 920-ton turbine to
break apart and release pressurized water which flooded the facility
killing 75 people and causing a power grid failure. The control software
designed to shut down the turbine in the event of excessive vibration was
not operating at the time. General Keith B. Alexander, commander of U.S.
Cyber Command noted that we are living in a time where such a deadly
incident could also happen as a result of a cyber attack.

Ubiquitous software has made cyber security an urgent safety and national
defense issue. Unfortunately, cyber security measures in use today are
woefully inadequate. Software sabotage now differs as much from
conventional hacking as biological warfare differs from hand grenades.
Catastrophe is all but inevitable if cyber security measures fail to match
the sophistication of saboteurs. Stealing secrets from a smart phone,
damaging a nuclear reactor and bringing down a power grid are disasters
easily within the reach of todayfs cyber attackers. A television, a mobile
phone, a car, a nuclear reactor, a missile, a power grid, in fact anything
that contains sophisticated software can be a target for these attacks.

These new attacks result from misbehaving functional mutations of
software. These mutations can appear in limitless variations that make
them extremely difficult to identify with conventional security measures,
particularly when they lie dormant before striking. Detecting these
attacks is intrinsically different from detecting other software safety
and security vulnerabilities. The new attacks, like cancer, present the
challenge of distinguishing between normal and abnormal, and they can go
undetected before irreversible damage is done. Just as screening for
cancer must be done using sophisticated laboratory techniques, critical
code must be examined with sophisticated software analysis techniques.

This introductory talk will provide an overview of progression of ten
years of our research from analysis tools for safety-critical avionics
software to our current DARPA-funded research on malware detection in
Android apps. The talk will provide an introduction to the mathematical
framework we have developed for analyzing large software and include a
short demonstration to illustrate how challenging analysis can be done in
minutes using one of our interactive tools as opposed to a manual analysis
that would take days.

SPEAKER'S PROFILE:

Dr. Kothari led the effort at Iowa State University to establish the
software engineering degree program in 2007 that has flourished over
years. He founded EnSoft in 2002. EnSoftf's products for developing
software for safety-critical control systems are licensed worldwide by
avionics, automobile, electronics, and other manufactures. Dr. Kothari has
given several invited colloquiums and keynote talks, and served as a
Distinguished ACM Lecturer. Currently, he is leading a multi-million
dollar Automated Program Analysis for Cybersecurity (APAC) DARPA project.
Dr. Kothari was awarded in 2012 the Iowa State Board of Regents Professor
Award for excellence in Research, Teaching, and Service.