Preventing nationwide hacking, a fear of the future

The movie ‘Upgrade’ raises concern over the security of future technology by portraying an autonomous vehicle being hacked. Tragedy arises when the car in which the main character and his wife were riding gets attacked, killing the wife and paralyzing him.

This is because the cyber physical system of the interaction between the car and the computer was hacked. An autonomous vehicle is operated by the vehicle control computer, which uses electric signals to manipulate the accelerator and the brake. When this control computer was hacked, the hacker could manipulate the car’s speed and direction.

This can become a reality. Currently, as key infrastructure worldwide is interconnected with the communications network, the danger of cyber attacks is increasing. If the physical system attacked is not a car but a nuclear power plant, the nuclear reactor can be destroyed. If it is a power network, this could lead to a nation-wide catastrophe. The serious blackout in Ukraine that happened near the end of last year is an actual example. The importance of security is emphasized because it is directly related to human casualties and disasters.

Recently, such security problems have been widely discussed in the related fields. Active research on related topics is being conducted. SNU ECE Professor Hyungbo Shim is looking for a way to fundamentally block nation-wide hacking by applying homomorphic encryption, the latest security technology, to ‘cyber physical systems’. On April 4th, we met Professor Shim in a research laboratory in Gwanak-gu, Seoul, to listen to why ‘cyber physical systems’ are important and which technologies can help lower the danger.

-An understanding about cyber physical systems should come before security.
“Cars, airplanes, robot arms, engines, motors, building temperature, and immunocytes are examples of physical systems. They refer to actual physical objects. In the movie , if the world in virtual reality was a cyber world, the actual world would correspond to the physical system. After people invented the computer, they consistently conducted research on the space within it. Now, the computer has gained the power to move to the real world. For example, it operates the motor and raises the temperature by turning the heater on. We can say that if the computer space of the past was a cyber system, now it can be called a cyber-physical system as the computer interacts with the world. For instance, if a car were to drive on its own, the vehicle control computer, which is a cyber element, would use electric signals to operate the accelerator, brake, and motor. It will change directions by rotating the driving wheel. Such movements are fed to the vehicle control computer through sensors that convert the information to electric signals. This is why the autonomous vehicle can be called a cyber-physical-system where the computer and car interact.”

-What is control theory?
“Control theory is a field of research centered on mathematically modeling an actual physical system and studying basic theories to control this as intended. As explained before, we know that in a cyber-physical system, the control computer receives sensor information as input and creates electrical signals to operate something. Control theory provides answers to the question of deciding which algorithm to use for the control computer. In other words, through control theory, one gets to know how to process the sensor information and to create operational signals.”

-Why is security for Cyber Physical Systems(CPS) important?
“CPS interacts with the actual physical world, so if the CPS is hacked, the hacker has the power to control the physical system. Say that the physical system is a reactor of a nuclear power plant. The hacker could destroy the reactor. If the physical system is an autonomous vehicle, the car’s direction and velocity could be manipulated. Therefore, CPS hacking could lead to a disaster or endanger lives.”

-How is this different from cyber security?
“A reason this is different from computer engineering fields such as bank and PC security is because of the additional element of physical systems (expressed with differential equations). Some existing hackers aim to gain control over physical systems rather than retrieve personal or bank savings information. In certain situations, national intelligence services could become such hackers. If control of another nation’s nuclear power plant can be obtained, this could be used to attack the nation in case of a national emergency like war.”

-What is ‘cyber physical system security’ technology?
“Many computer engineers are studying security for computer systems. Cyber-physical system security, unlike computer system security, adds security algorithms to the control algorithm itself. The security algorithm is also designed based on control theory. Here, not only the cyber elements, but also the characteristics of the controlled physical system must be accounted for when constructing the security algorithm. This is where there is a contrast between ‘cyber-physical system security’ and ‘cyber security’.”

-Until now, what methods were used for ‘cyber physical system security’?
“First of all, there is something called fault-detection algorithm in control theory. If a sensor or an actuator in the control system malfunctions, the entire CPS can be in danger. Therefore, when something malfunctions, this methodology is applied to detect the failure and to stop the system or otherwise take action. Research on this topic goes far back in history. When it was first known that CPS could be hacked, people thought that the fault-detection algorithm could protect the control system. They thought that when the hacker entered a signal into the control system, the control computer could diagnose this as a fault and protect the system. However, fault signals have a randomness that occurs naturally, whereas hacking signals are intentionally designed with precision. It is discovered that such an intentionally designed signal could bypass the fault-detection even if the actual physical system is functioning abnormally. Now, many are concentrating on the development of algorithms that can proactively react to hacking signals and are no longer depending on traditional fault-detection algorithms.”

-What are the limitations of conventional security methods?
“Around the time of the discovery that fault-detection algorithms could not guarantee CPS security, hacking methods that used the kinetics of physical systems were developed. For a while, there was research on how to hack, rather than how to block it. Alongside such research, there was research investigating possible security algorithms for each hacking method, and ‘Individual algorithms’ were studied. Our research laboratory also published research results on new hacking techniques and methods to block such attacks. However, such an approach has limitations in the sense that if a new attack method is developed, we are not prepared for it.”

-What are some security methods you worked on?
“I am looking for a way to fundamentally stem hacking attacks to the CPS. The first result was from an idea to modify the ‘digital-to-analog’ converter, which changes the operational signal from the computer to actual physical signals. Usually, a method called ‘zero-order-hold’ is used. For this, a constant value is maintained for one sampling period. The idea was to convert this to a signal with a particular pattern. With modification at a somewhat odd location, the unstable zero point of actual physical systems can be replaced by a stable zero point. The key to this idea is focusing not on blocking hacking, but preventing the hacking from harming the physical system. The second result used an encryption method called homomorphic encryption. Homomorphic encryption technology is the latest technology in the encryption research field. However, applying this to control systems is not a simple task. First of all, there are continuous input signals from the sensor to the control system, and this must be constantly and quickly processed. If the signal of a traffic light change enters an autonomous car, it must decide to quickly step on the accelerator and produce the operational signal. Also, the control signal for the car must be continuously produced during driving. However, homomorphic encryption technology is yet to become well adapted to such situations. Our objective is to solve such problems with control theory. We came up with using multiple control units and utilizing the entire system’s stability for the continuous operation of homomorphic encryption.”

-You succeeded in manipulating a drone by applying homomorphic encryption to the control system.
“Professor Hyoun Jin Kim of SNU Department of Aerospace Engineering helped us with actually applying the technology to drones and setting it in flight. Through this, it was demonstrated that it was actually possible to encrypt all control signals and conduct the calculations according to control theory without decrypting the code. However, we were only able to conduct experiments for the simplest cases of various control theories. In the future, we hope to show that it is possible to create secure control systems by using homomorphic encryption for a wider variety of control methods. Also, it seems that new control theories must be constructed as homomorphic encryption is modified.”

-You said that conventional security methods have limitations when they encounter new attack techniques. Do you think homomorphic encryption can be a fundamental solution?
“I believe so. To elaborate, the hacker hacks communication lines or control units to observe what signals pass by. Based on the information, he or she decides when to enter which signal. If the information is encrypted, he or she cannot make the decision. If the hacker fails to decrypt the code and enters any signal, the fault detection algorithm I explained comes into play. Thus, the hacker has failed.”

-How far have we come in terms of development?
“The idea to improve control system security by using homomorphic encryption first came into light in 2015. Our research team also developed such an idea independently, but the journal publication was in 2016. Because our team’s method allows multiplication between encrypted scripts, it is technically more secure. Research on homomorphic encryption started in 2009, mainly in the mathematics department, although I think that when it comes to the technology of applying it to control systems, theories have started being established just now. These theories are now being checked empirically. Currently, there are research teams for this field in Australia, U.S.A., and Japan. Microsoft has taken interest and is conducting research.”

-Security is one of the major issues of the Fourth Industrial Revolution. Which fields can this technology be applied to?
“The keyword of the Fourth Industrial Revolution is ‘connectivity’. The aim is for IoT(Internet of Things), where everything is connected by a network. That is why it would be horrifying if a hacker attacked the connection lines and controlled everything as he or she wanted. Therefore, I think this technology can be applied to all control systems. For instance, in the future, autonomous cars will be connected to other vehicles or the road network through a wireless communication network. A hacker could use this communication network to take over the car. If we protect the vehicle’s control unit with homomorphic encryption as a defense against this, it would be possible to protect the car from a hacker.”

-As one of the top hundred future technologies, how do you think it will develop?
“Homomorphic encryption is scalable. I also believe that security methods in control systems where homomorphic encryptions interact with the actual physical system can be expanded to other various fields. However, there are yet limitations because the control computer to which the homomorphic encryption is applied must have a high processing speed. That is why I think this will first be applied to fields where if the physical system goes wrong, the ripple effects are huge. Nuclear power plants and the railroad systems are examples. Also, because autonomous cars are directly related to human lives, I think this will also become a major application field. I personally believe that the fact that control unit encryption technology using homomorphic encryption was selected as one of the top hundred future technologies is encouraging. Perhaps the choice of a technology that is yet to be well known internationally over research topics that are following technical trends overseas will act as a turning point that encourages pioneering research.”

-I heard that you worked with Professor Jung Hee Cheon, who was introduced in the top 100 technologies.
“Actually, my encounter with Professor Jung Hee Cheon triggered the idea of applying homomorphic encryption to the control unit. Our department has seminars for undergraduates where invited speakers introduce various technical trends. By chance, I saw the poster that said that Professor Jung Hee Cheon was introducing homomorphic encryption technology. It intrigued me to attend the seminar. As I was conducting research on control system security, it occurred to me at the time that it would be nice to apply homomorphic encryption to the control system. After the seminar, I contacted Professor Jung Hee Cheon and shared my thoughts. Professor Jung Hee Cheon did not know about control systems and I knew nothing about homomorphic encryption. At first, I thought that things would go well as everything was new and interesting with the exchange between two different people. As we went in deeper technically, however, the two technologies had different aims and problems popped out. There were disappointments. However, such limitations again became research topics, and we acquired several research results from the collaboration work with Professor Jung Hee Cheon’s team. There still remain problems to applying homomorphic encryption to control systems. The parts that must be resolved with homomorphic encryption technology are being studied by Professor Cheon’s team. We are conducting research on the problems that must be solved with control theory. We are still collaborating.”

Source: http://ee.snu.ac.kr/community/news?bm=v&bbsidx=48789
Translated by: Jee Hyun Lee, English Editor of Department of Electrical and Computer Engineering, jlee621@snu.ac.kr