Session Tile |Demystifying Cyber-Physical Malware.
Nowadays the imminent danger of cyber-physical malware (CPM) is evident from attacks such as the power outage in Ukraine, or the hijacking of a Jeep Cherokee. The traditional notion of malware is too narrow, and the prevalent characterizations (virus, worm, Trojan horse, spyware, etc.) are neither precise nor comprehensive enough to characterize cyber-physical malware (CPM). Detecting sophisticated CPM is like searching for a needle in the haystack without knowing what the needle looks like. The talk will about congregate interdisciplinary knowledge to describe the fundamentals of CPM, the mathematical foundation for analyzing and verifying CPM, the current state-of-the-art, the challenges, and directions for future research. Employing real-world examples, we shall illustrate the challenges of analyzing and verifying CPM.
As we are living in the information era and the only way to tame it is via developing software, the security problems are often rooted in the complex software. It is hard for the cyber-physical systems (CPS) community to understand the intricacies of software analysis and verification. And for the software engineering community, the lack of adequate CPS knowledge is a major roadblock. This makes it important to demystify CPM so that software engineers can model the CPM problems, establish the mathematical foundation, and advance the software analysis and verification techniques to effectively address the CPM problems.
The talk will be shaped from the perspective of crucial needs for modeling, analyzing, and verifying CPM.
It will cover: