Smart manufacturing processes include communication of data collected at sensor nodes to centralized databases, where data is aggregated and interpreted. The communication infrastructure can be infiltrated and potentially exploited. The results can be devastating as an attacker can insert malicious code overwriting. For instance, existing Programmable Logic Controllers (PLCs) can learn and manipulate communicated data. Ensuring the security and resiliency of the data while separating the useful data from the non-useful data requires multidisciplinary approaches that integrate manufacturing science, information science and data science.

• First, we focus on securing sensors end nodes. Techniques will be developed to allow verification of correct and non-malicious functioning of sensor end nodes. In particular, we introduce the concept of stealthy logging by end nodes, which allows detection of remote attackers. Strong adversaries will be detected with the forward security principles on
which stealthy logging is based. Digital keys will be renewed (without the need for interaction with the centralized server) in an irreversible way. Check pointing will monitor and verify stealthy logs. This allows to (provably) detect anomalies in end nodes. (subtask 5.1)
• Besides verifying integrity of end nodes, we will develop mechanisms to aggregate collected data at aggregation nodes “under encryption,” meaning that even full observance of the computation inside aggregation nodes cannot teach the adversary any sensitive information. We are currently experimenting with practical solutions based on so-called garbled circuits with small code footprints. This task goes beyond the usual encryption of communication as we also obfuscate the intermediate computation results inside aggregation nodes. (subtask 5.2)
• In scenarios where existing devices cannot be updated or replaced by the approach in Task 5.1, a bump-in-the-wire technology (a secure device connected to the sensor networks to secure sensor nodes) will be utilized. Anomaly detection algorithms as are used in current state-ofthe- art security systems (with additional input from Task 5.1) will be developed to detect malicious sensor operations. A resilient policy framework will be deployed to ensure safe and reliable operation of the sensor network, even in the presence of attacks. By utilizing data aggregation results from Task 5.2, we will then develop techniques for BIG datasets, to obtain smart data that enable the optimization of manufacturing energy usage. (subtask 5.3)

Clean Energy Smart Manufacturing Innovation Institute

Investigators

George Bollas

george.bollas@uconn.edu

Dr. George Bollas is the Director of the Institute for Advanced Systems Engineering (IASE) at the University of Connecticut. He is an Associate Professor with the Department of Chemical and Biomolecular Engineering at the University of Connecticut, a process design expert and winner of the prestigious NSF CAREER Award and the ACS PRF DNI Award. He received B.E. and Ph.D. degrees from the Aristotle University of Thessaloniki in Greece and then worked as a postdoctoral research associate at the Chemical Engineering Department of MIT. At UConn, he is leading efforts to develop and explore novel system representations (steady state and dynamic models) of thermal fluid systems (TFS) in equation-oriented environments that allow system dynamic optimization, sensitivity and uncertainty analysis, fault detection and optimal control. Dr. Bollas is also the director of the Process Design Simulation and Optimization Laboratory (PDSOL). The lab pursues a balanced approach to experimentation guided by robust modeling and simulation of chemical processes, including experimental design, process scaling and control.

Fei Miao

fei.miao@uconn.edu

Dr. Miao received a Ph.D. degree, and the “Charles Hallac and Sarah Keil Wolf Award for Best Doctoral Dissertation” in Electrical and Systems Engineering in May 2016, with a dual Master degree of Statistics from Wharton School in August 2015, from the University of Pennsylvania, Philadelphia, USA. She received a B.S. degree with a major in Automation and a minor in Finance, from Shanghai Jiao Tong University (SJTU), Shanghai, China in June 2010. Before joining Uconn, she was a postdoc researcher at the GRASP Lab and the PRECISE Lab of University of Pennsylvania, from September 2016 to August 2017.

Marten van Dijk

vandijk@engr.uconn.edu

Marten has 15+  years research experience in system security both in academia and industry:  He is now the Charles H. Knapp Associate Professor in the ECE Department at UConn.  He worked for two and a half years at RSA Laboratories in cybersecurity.  Prior to RSA he was a research scientist at MIT CSAIL working together with Prof. Srini Devadas with an emphasis on processor architectures that offer strong security guarantees; most notably, this collaboration led to the introduction of the first circuit realizations of Physical Unclonable Functions (PUFs) which received the A. Richard Newton Technical Impact Award in Electronic Design Automation in 2015 (and the ACSAC’02 outstanding student paper award), led to the design of Aegis, the first single-chip secure processor that verifies integrity and freshness of external memory which was selected for inclusion in  ”25 years of International Conference on Supercomputing” in 2014, and led to a simple and efficient Oblivious RAM which received a best student paper award at CCS 2013.  The IRIS authenticated file system with proofs of retrievability received the NYU-Poly AT&T Best Applied Security Paper Award, 3rd place, 2012.  His work on fully homomorphic encryption over the integers was nominated (1 out of 3) for best paper award at Eurocrypt 2010.  Prior to working in system security he was a research scientist at the digital signal processing group at Philips Research where he became the lead inventor of the error correcting codes used in Blu-ray disc.  He received a Ph.D. in mathematics, a M.S. in mathematics, and a M.S. in computer science from Eindhoven University of Technology.