Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Hume OverviewComputer Science Collaboration Ideas
Oct 2017
Dr. Joseph Mitola IIIDirector, Information Systems Laboratory
Aerospace Systems Laboratory
Electronic Systems Laboratory
0 Information Systems Laboratory
Office of Engagement and Learning
Hume Center Organization and Leadership
Hume as a $10M University-level Center 2
Office of the DirectorOffice of Finance and
Operations
Jon BlackDirector
Alan MichaelsDirector
Kevin HeaslipAssociate Director
Christine CallsenDirector
Kira GanttAssociate Director
Joe MitolaDirector
Charles ClancyDirector
Mark GoodwinDeputy Director
Bob McGwierChief Scientist
Christie ThompsonDirector
NationalCenters
NSF Security and Software Engineering Research Center
NSA/DHS Center for Academic Excellence in Cyber Defense Research
Intelligence Community Center for Academic Excellence
70Researchers, Staff, and Professors
350Students EngagedAnnually
$12MAnnual Program Expenditures
400Annual AcademicPublications
Education and Outreach
Hume as a $10M University-level Center 3
Research Laboratories and Program Thrusts
Hume as a $10M University-level Center 4
Electronic Systems Laboratory
InformationSystemsLaboratory
AerospaceSystems
Laboratory
Autonomy and Orchestration
Signals Intelligence &Cyber Operations
Resilient C4ISR Missions
ExperientialLearning
Sources of Funding
Program Thrust Breakdown
SIGINT andCyber
Resilient C4ISR Missions
Experiential Learning
Autonomy and Orchestration
Autonomous control of EM battlespace to combat adversary UAS platforms
SOSI situational awareness in degraded or denied sensing environments
Cybersecurity in airworthiness, failure modes, criticality, and common criteria
Low-power GPU platforms for cognitive EW missions, leveraging SDR and deep learning
Aerospace Systems Laboratory
Hume as a $10M University-level Center 5
Representative Programs
SquadXCore Technologies &Experimentation
HallmarkTA1: Tools/Technology
NAVAIRAirworthiness Center
Code 32Low-SWAP EW Payloads
Satellite ground station and cubesat launches
Distributed, cross-layer cognitive management engineSOSI, proximity operations, and tracking
Robust and secure control of platforms and payloads
Electronic Systems Laboratory
Hume as a $10M University-level Center 6
Security for wireless telematics and telemetry
Converged RF missions and payloadsRobust waveforms and software radio tools
Radar spectrum sharing, spectrum management
EM awareness and waveform agility through software radio and machine learning
Low-cost space-qualified software radio platform and waveform design tools
Rapid waveform prototyping, signal classification, and networking
Leveraging cyber observables in inform cognitive jamming campaign
Representative Programs
SC2Spectrum Collaboration Challenge
RF MicrosatRisk Reduction
Army ASA(ALT)Rapid Capabilities Office
Code 32EW Countermeasures
Use SIGINT to forecast political crises, disease outbreaks, and terrorist/military activity
Developing synthetic data of adversary activity to support advanced analytics
Threat assessment of cyber vulnerabilities in aircraft telemetry systems
Leveraging code annotations to automatically deploy critical code to secure co-processors
Information Systems Laboratory
Hume as a $10M University-level Center 7
Representative Programs
IARPAMercury
MAATA1: Synthetic Data
DHS S&TAircraft Cyber Initiative
Compiler & Middleware Security Tools
Security and privacy of IoT devices and services
Deep learning and reinforcement learningVirtualized, real-time, and embedded systems
Critical infrastructure and safety-critical systems
Part of a Larger Ecosystem at Virginia Tech
Hume as a $10M University-level Center 8
College ofEngineering
PamplinCollege ofBusiness
College ofScience
College ofLiberal Arts &
HumanSciences
School ofPublic and
InternationalAffairs
HumeCenter
Virginia TechApplied
ResearchCorporation
150 Professors andResearchers
600 Students EngagedAnnually
Current Portfolio
250 Professors andResearchers
2000 Students EngagedAnnually
Growth by 2023
University Investment, Program Development,
Philanthropy
Interdisciplinary approach that jointly considers
technology, policy, science, and business aspects of today’s greatest global
security challenges
Hume as a $10M University-level Center 9
Tam, Eli, Cameron Patterson, Peter Athanas
Global Security: Can We Trust Armed Robots?
University of Florida
Workshop on
Autonomy in Contested
Environments, Feb 2017
Can We Trust Home and Office Internet of Things (IoT)
Hume as a $10M University-level Center 11
Wireless Offers a Rich Domain for CS Collaboration
4/28/2017 (C) 2017 Virginia Tech 12
Require,Specify,Design,& Test
Biophysical Environment
Rain, Ice, SnowCongestedContested
Radio Physics
IoBT
YearsMinutes
Cognitive Radio
(c) 2017 Virginia Tech 13
Prof. Chip Maguire (1997): “You Can’t, Joe”
Upload, App
IP Block, *.GRC
Self
NOT OK
OKSandbox
RF Front EndRF/IF
Content
Self
Fault Management
[Machine Learning]
COTS VMs/CPUs Realize General Recursion
(c) 2017 Virginia Tech 14
The Halting Problem
A Turing Machine T cannot
examine the state-machine M
and input I of a second Turing
machine to determine whether it
will halt on that input
T(M,I) (T and M are
partial, not total functions)
Static analysis of TE code is
incomplete at best (see Lang
Sec) for academic frustration
with the status quo
Th
e to
tal
fun
ctio
ns
(su
b-T
uri
ng)
A Radio cannot be Turing-equivalent (no (x)!)
(c) 2017 Virginia Tech 15
C(tx,rx)
IF/ Baseband Digital Signal
Processing (DSP)RF/IF
ContentRF/IF RX Audio Speaker
RF/IF TX AudioContent Microphone
Control State Machine
Map 1:1, ONTO f-1
| 1.022 milliseconds for GSM |
J. Mitola III, “Software Radio Architecture: A Mathematical Perspective” IEEE JSAC May 99
Cognitive Radios (and Robots) OOPDAL Loop
(c) 2017 Virginia Tech 16
• Reinforced Hierarchical
Sequences
• Case Based Reasoning
(CBR) vs Rule Bases
• Radio Knowledge
Representation
Language (RKRL)
Cognitive Radio Self Knowledge
© 2002 for the US DoD
User
Environment
Antenna RF Modem Baseband User Interface
Hardware
INFOSEC
Protocol Stack, ControlModem, Equalizer, etc.
Software Radio
Software Modules …..
KnownSelf
RKRL = Radio Knowledge Representation Language
Cognition CycleCognition
EnvironmentSpace-TimePropagationNetwork
Meta-Software
Antenna RF Modem
INFOSEC
BasebandUser Interface
Equalizer Model
Variable Bindings
...
User(s)IdentityNeedsBehaviors ...
RKRL FramesOntologiesDescriptorsEffectors
Adapted from Cognitive Radio, Doctoral Dissertation, KTH, Stockholm, Jun 2000 (www.it.kth.se/~jmitola)
Cognitive Dissonance of Autonomous Systems
• Cognitive dissonance theory (Festinger, 1957) [quoted in 1]• Widely adopted to explain various types of cognitive clash• Evolved into a theory capable of explaining a variety of behaviors and
outcomes in which people strive to maintain a consistent concept of self (Aronson, 1995).
• Root kits should generate “computational cognitive dissonance”• Turing Machines: the Halting problem renders f(g(x), g’(x)) unknowable• Register Machines: Cantor diagonalization on Monitor() functions
• A complete set of monitor functions requires the power set of the natural numbers• In 1839, Cantor proved for N (cardinality Aleph 0) {N}! Is not countable (hence, Aleph 1)• Mitola noted that Monitor({R}, Turing ISA) is Aleph 1 (Ligatti, Mitola, Landwher 2012 ) • Gödel proved in 1937 that [Turing Machines] are self-referentially inconsistent
(c) 2017 Virginia Tech 18
Gödel Proof of the Inconsistency of Formal Logic
(c) 2017 Virginia Tech 19
Gödel numbering expresses logic in the well-understood countable domain N (
Natural Numbers 1, 2, 3, …) with deductive logic specified as (premises =>
conclusions) he infers Turing-equivalent premises, and proves that “This conclusion
cannot be proven” nor can an uncountably infinite number of others (WFF)
Therefore, all general purpose computing is
self-referentially inconsistent
The Halting Problem, Partial Recursion
17
Advanced Persistent Threat (APT)
(c) 2017 Dr. Joseph Mitola III 20
Spear Phishing
Enterprise at Risk
(c) 2017 Dr. Joseph Mitola III 21
2nd Stage Implant
Deploys 2nd Stage Droppers
SOURFACE Downloader
Dropper Malware
Document With Exploit
Spearphishing Email
Obtains 2nd
StageC2
Server
Local copying defeats closed networksOne variant of CHOPSTICK focuses on apparent air
gap / closed network capabilities by routing messages between local directories, the registry
and USB drives.
The Results
Successfully Attacking “Isolated” Factory Floor Networks
Industrial Robots and Controls (IIoT)
(c) 2017 Virginia Tech 22
Cyber-physical Attacks
(c) 2017 Virginia Tech 23
Stuxnet 2007
Compliance is Not Good Enough
(c) 2017 Virginia Tech 24
Let’s Call It “Comput-ications”
(c) 2017 Virginia Tech 25
Compute
- ISA
- Registers
- OS
- Server
- App
- GUI
Communicate
- Network
- I/O
- Memory
- Hard drive
- Servers
- Protocols
- App 2 App
VPN, etc
Cybersecurity Is Impossible
4/28/2017 (C) 2017 Virginia Tech 26
Proof by Cantor Diagonalization (1839) on Monitor Functions (Ligatti 2010)
Power Set of {R}i is not decidable Monitor(Rj) can never be completed
{R}0 {R}2
i{R}1 {R}i
Registers (+ Memory (over Networks))
Mon(1)
Mon (2)
…
Mon (j)
Mon (j+1)
0 0 0 …. 1 1 1 0 …
0 1 0 …. 1 1 0 1 …
0 1 1 …. 1 1 0 0 …
Diagonal(Ex4(j, i=j)) = (0,1,1, … )
Not(Diagonal(Ex4(j, i=j))) = (1,0,0, … ) Mon*
Recursively Enumerable Sequence
Monit
ors
Proof by Cantor Diagonalization (1839)
Hackers [Erickson] Observe, Invert, Probe Until {R}j..k X (= hacked)
On COTS General Purpose CPU - von Neumann Memory Architectures
Dataflow Computing Overcomes Turing-von Neumann
(c) 2017 Virginia Tech 27
General Recursive Total Recursive
Women, Fire and Dangerous Things
Machine DNA [6] (Self)
(c) 2017 Virginia Tech 29
Shortfalls of Computational Linguistics
4/28/2017 (C) 2017 Virginia Tech 30
Learning Specifications
(c) 2017 Virginia Tech 31
But VHDL is Too Hard
(c) 2017 Virginia Tech 32
• Native VHDL builds a custom computing machine
• Hardware skills required
• Cross-compilers (Matlab etc.) are not efficient
Semantic Cross-compiler
4/28/2017 (C) 2017 Virginia Tech 33
OriginalMatlab C-code
For the Radio
Semantics
The Software Layers
(c) 2017 Virginia Tech 34
CPU/RAM
Operating System (OS)
C, C++ Libraries, DLLs
App Languages: Java,
Java Virtual Machine (JVM)
Scripting Languages
Perl, Python, Ruby
Virtual Machine (VM)
SandBox
Protocols: HTTP
Browser: HTML, PHP, JavaScript
APT
APT
APT
APT
APT
$$$
6 Layers
106
Attack
Surfaces?
SCL Describing Human Domains
4/28/2017 (C) 2017 Virginia Tech 35
(Actors) are certain types of people and organizations, e.g. [having /skills\] such as a(First Responder [who can /put out a fire\]) (Fireman)
Deep Learning of Languages
(c) 2017 Virginia Tech 36
System Security In The Hardware (SSITH)
37
HOPS SSITH Architecture
38
Horizontal Semantics-enhanced APIs
Memory-checking HOPS Pipes Oversee Dedicated Processing Unit (DPU) Code
Result
MEM
40G
MEM
Crypto Key
Bits
Virtual
Memory
MEM
SSD
PHY Layer
Payload
MEM
Packets
MEM
DPU 1
API
APIJSONData Py Thread Data
VTrackData C Thread Data
VV
PD
APIData JS Thread Data HTTP
Process Dispatch (PD)
Window
MEM
APIAPI
API
WireDisplay
MEM
API
Horizontal
Hadoop
Function Pipe
MEMORY BLOCK
VALIDATED USE
Language (Metaphor) in Software Engineering
• Metaphors are used to understand and experience one thing in terms of another [6, 7].
• Metaphor refers not only to instances in which both worlds of concepts correspond to one another, but also to cases in which they do not. If both worlds of concepts are identical, the metaphor is not a metaphor of that thing, but rather the thing itself.
• Beck [1] suggests 'driving' as a metaphor for software development. • Similar to car driving, software development is controlled by the execution of many small
adjustments. • Feedback is required when the driver is a slightly “off”• Many opportunities for corrections at a reasonable cost. • This metaphor, however, is limited: No teamwork is involved in driving. Still, this metaphor is
worthwhile.
• Several attempts to use metaphors in software projects • All reported difficulties in adopting this practice [2, 5, 8]. • Metaphor is a practice that requires a high level of cognitive awareness when implemented [3].
(c) 2017 Virginia Tech 39
Scaling Up: Learning Algorithms from Examples
(c) 2017 Virginia Tech 40
The Emerging Megatrend
(c) 2017 Virginia Tech 41
Value Chain
Time
H A R
OS
Libraries
GUI, DB
Script E
CPU
App-Enabling Chips
Soft
war
e D
efin
ed R
adio
(S
DR
)S
oft W
ired R
ad
io (S
WR
)
Collaboration Ideas – joint pursuits
• DARPA• Domain-specific System on Chip (Tom Rondeau)
• Big Data in a Computing Domain (e.g. video games)
• Ontology and Computing Primitives
• NSF MURI• Reducing barriers to cyber security via self-aware sysems
• Ingest specifications to create rich computational models of the domain
• Specialize the models for various “self” subdomains (e.g. IIoT, self-driving cars)
• ONR• De-bloat, deconstruct, simplify code, reduce attack surfaces without changing function
• Specifications Design (SW, HW) Implementation Optimization
Hume as a $10M University-level Center 42
Academic Collaboration Ideas
• Applied Theory of Computing• Goedel, Turing, LangSec, Chip-sets, Integrated HW-SW Design, New Langauges, Tools
• Software-Defined Systems Engineering• Networks of Radios and Robots
• Cognitive systems = autonomous + trustworthy
• Other?
Hume as a $10M University-level Center 43