Secure Data Acquisition for Physics-based Side Channel Cybersecurity

Abstract

Cyber-physical systems (CPSs), such as planes and water treatment plants, are increasingly connected to the Internet. Connecting CPSs to the Internet allows for greater productivity but also increases the attack surface of these devices. Therefore, ensuring the security of CPSs is critical. One way to detect intrusions is through monitoring side-channel information, such as power consumption data.

This thesis proposes a data acquisition unit (DAQ) to monitor and securely transmit power consumption data to the cloud for security applications. Anomaly detectors can then use this data to raise security-related alarms. As the DAQ is connected to the Internet, it is essential to consider security threats against it. To this end, this thesis conducts a security analysis using the Canadian government’s Harmonized Threat & Risk Assessment. In contrast to prior approaches, which have the detectors run locally, the detectors using the DAQ's data run in the cloud. This is enabled by the DAQ streaming the power consumption data to the cloud. Since the security-related anomaly detectors run in the cloud, they have access to more computational resources. Streaming has the additional advantage of scaling across multiple monitored devices. The DAQ is also significantly less expensive and more compact than an oscilloscope, which several prior methods use.