Rising Stars 2020:

Sena Hounsinou

Postdoctoral Researcher

University of Colorado, Colorado Springs


PhD '18 Southern Illinois University, Carbondale

Areas of Interest

  • Computer Architecture and Engineering
  • Cyber-Physical Systems and Design Automation
  • Security
  • Real Time Systems
  • Reconfigurable Computing

Poster

Vulnerability of Controller Area Network to Schedule-based Attacks

Abstract

To provide guarantees about execution time, real-time systems are designed using a specific task set, and a predetermined schedule. Because of its determinism, reliability and cost effectiveness, the Control Area Network (CAN) bus has become an attractive choice for real-time automotive communication between electronic control units. Recent studies have shown that the predictability of real-time systems can be exploited to degrade the performance of the system or compromise its integrity: having obtained certain schedule-related information or patterns about the system, an adversary can reconstruct its schedule and plan an attack with a higher chance of success. However, the ability to reconstruct a precise schedule is dependent on the amount of information at the attacker’s disposal. In this work, we studied the vulnerability of the CAN bus to such attacks. We investigated the limitations of the CAN bus message scheduling, and the ability of a potential attacker to infer information about a victim message’s parameters in order to perform target attacks or to manipulate safety-critical components on the car system. We developed a schedule reconstruction algorithm and evaluated its accuracy in the presence of real-time parameters (e.g. noisy estimates of periods, offsets, and jitter).

Bio

Sena is a Postdoctoral Associate in the Embedded Systems Security Lab in the Computer Science Department at the University of Colorado Colorado Springs. Her research interests are centered around leveraging software flexibility and hardware reliability to devise high-performance solutions in embedded and cyber-physical systems. Currently, she is investigating cybersecurity questions related to the Experimental Physics Industrial Control System (EPICS) open-source cyberinfrastructure. To ensure scientific data integrity and the validity of experiments, her work to enhance EPICS security entails (1) improving network security, (2) designing a memory protection framework that is adaptable to the various operating systems currently supported in EPICS deployments, and (3) integrating security into the software development life cycle.

Sena is also interested in the security aspects of real-time systems. Recently, she implemented a novel algorithm to detect and recover from message spoofing attacks aimed at distorting the operation of the Controller Area Network (CAN) bus. To ensure that high-critical or safety-critical tasks are executed on time in mixed-criticality systems, she also introduced a hardware-software co-design methodology and implemented a multi-mode scheduler along with a task-overrun monitor at the hardware level. In the future, she intends to explore the space of schedule-based attacks and their countermeasures, and the use of real-time parameters for specifying normal system behavior in formulating a specification-based intrusion detection system for safety-critical cyber-physical systems.

During her doctoral studies at Southern Illinois University Carbondale, her work focused on Field Programmable Gate Array-based circuits to improve variable block size motion estimation algorithm. She designed and implemented most-significant-bit-first accumulator and comparator with early termination capability to reduce hardware utilization, memory operations, and power consumption. Before relocating to Colorado with her research group, Sena also taught undergraduate courses as a lecturer in the Department of Electrical Engineering and Computer Science at Howard University.

In her free time, Sena enjoys reading, cooking, or taking long walks.