A Decade of Research In CPS Security: An Unconsummated Union Between Control Theory and Information Security

Dr Alvaro A. Cardenas, University of California, Santa Cruz, USA


Advances in embedded computers and networks that monitor and control physical systems are improving our productivity, sustainability, and well-being, but they also introduce security risks associated with information technology. To fully understand the risks of these technologies, and to develop resilient security and privacy mechanisms in cyber-physical systems, we need concepts from control as well as information security. In the last decade, the control community has proposed fundamental advances in Cyber-Physical Systems (CPS) security; in parallel, the computer security community has also achieved significant advances in practical implementation aspects for CPS security and privacy. While both of these fields have made significant progress independently, there is still a large language and conceptual barrier between the two fields, and as a result, computer security experts have developed a parallel and independent research agenda from control theory researchers. In order to design future CPS security and privacy mechanisms, the two communities need to come closer together and leverage the insights that each has developed. In this talk I will discuss our efforts to facilitate the integration of these two communities by leveraging the physical properties of the system under control for designing novel security and privacy algorithms, tools, and metrics for CPS. I will also discuss our ongoing research on the tradeoffs between security and privacy in cyber-physical systems, and conclude the talk with practical examples of the new threat vectors and vulnerabilities in Internet of Things devices.


Alvaro A. Cardenas is an Associate Professor of Computer Science and Engineering at the University of California, Santa Cruz. Before this, he was the Eugene McDermott Associate Professor of Computer Science at the University of Texas at Dallas. He was also a postdoctoral scholar at the University of California, Berkeley, and research staff at Fujitsu Laboratories. He holds M.S. and Ph.D. degrees from the University of Maryland, College Park and a B.S. from Universidad de Los Andes. His research interests focus on cyber-physical systems and IoT security and privacy. He is the recipient of the NSF CAREER award, the 2018 faculty excellence in research award from the Erik Johnson School of Engineering and Computer Science, the Eugene McDermott Fellow Endowed Chair at the University of Texas at Dallas, and he is the recipient of best paper awards from the IEEE Smart Grid Communications Conference and the U.S. Army Research Conference, and a finalist of the CSAW competition in Israel.