Faithful Integrated Reverse-engineering and Exploitation (FIRE)
Defense Advanced Research Projects Agency (DARPA) (2024 - 2027)
Mission
The Faithful Integrated Reverse-engineering and Exploitation (FIRE) program seeks to develop transformative tools to find, exploit, and patch vulnerabilities in medium-complexity cyber-physical systems within a specified time from when the physical system is delivered.
The Faithful Integrated Reverse-engineering and Exploitation (FIRE) program seeks to develop transformative tools to find, exploit, and patch vulnerabilities in medium-complexity cyber-physical systems (CPS) within a specified time from when the physical system is delivered to the analysis team. FIRE is primarily interested in cyber-physical vulnerabilities (CPV), ones that arise from the composition of hardware, software, and physical components where each component may not be vulnerable in-and-of itself. In other words, FIRE focuses on how the composition of logical components and physical components can make engineering systems susceptible to different types of cyber-physical attacks.
The FIRE goals are driven by the proliferation of low-cost commercial-off-the-shelf (COTS) components (e.g., sensors, actuators, and algorithms) resulting in diverse classes of CPS, including smart meters, medical devices, autonomous vehicles, and industrial control systems, to name a few. Furthermore, agile development practices have shown that even highly complex systems like cars can be remotely patched every few weeks. Innovative CPS vulnerability analysis tools and techniques are needed to keep pace with increased system diversity and decreased analysis timelines.
FIREFLY will use various AI methods, such as machine learning, knowledge management, and logic reasoning, to enable the modeling and analysis of CPS and any flaws or vulnerabilities found in them. It will also leverage and integrate a wide, multidisciplinary range of knowledge and expertise, including hardware and software analysis, complex system design, cyber-physical security, and automatic control. The project will take advantage of Purdue’s state-of-the-art CPS experimentation test beds and facilities, such as the Purdue UAS Research and Test Facility (PURT).
Currently, with the project leader, Prof. Dongyan Xu, the director of CERIAS (Center for Education and Research in Information Assurance and Security) and the committee for IPAI (Institute for Physical Artificial Intelligence), more than six faculty members from multiple disciplines have joined and thrust the FIREFLY. Members from the School of Aeronautics and Astronautics are James Goppert, a research professor who is managing director of Purdue’s Unmanned Aircraft Systems Research and Test Facility and lecturer, and Inseok Hwang, professor of aeronautics and astronautics engineering.
Research Topics and Products
1) Cyber-Physical Reverse Engineering
Knowledge-Informed System Identification
One example of the types of cyber-physical system vulnerabilities our team aims to demonstrate is showcasing “how to crash a quadcopter using acoustics.” It has been shown by a research team at the Korea Advanced Institute of Science and Technology (KAIST) that specific sound frequencies can inject false readings into the micro-electro-mechanical Systems (MEMS) gyroscope of a quadcopter, ultimately destabilizing the drone and causing it to crash (learn more). With this example, we expect new analysis tools developed through the program to be able to identify that a quadcopter’s gyroscope is vulnerable to an acoustic attack and develop ways to exploit that vulnerability, and ultimately, methods for nullifying a quadcopter’s vulnerability to acoustic attacks.
The first step in the analysis process should involve reverse engineering a cyber-physical system by creating an identical “digital twin.” To achieve this, our team is developing a system identification framework to incorporate the CPS knowledge base (CPS-KB), i.e., governing physics, design rules, and domain knowledge.
Publications:
To be appeared
2) Cyber-Physical Vulnerability Analysis
Reachability Analysis for Vulnerability Exploitation
Exploits of the cyber-physical vulnerability (CPV) may result in system-wide consequences. Because of the cross-domain, cross-component nature of CPVs, state-of-the-art (SOTA) cyber-only vulnerability analysis cannot be readily applicable to CPV analysis (CPVA), which involves the workflow of discovering, exploiting, and patching CPVs in a subject CPS. In particular, the interaction and interplay between CPS components and their operating environment may create CPVs that cannot be revealed when the components are examined individually.
Using the reverse-engineered model and the simulators with various levels of fidelity, our team is developing cyber-physical fuzzing and reachability analysis tools to successfully exploit system- and component-wise undiscovered vulnerabilities.
Publications:
To be appeared
People
Minhyun Cho, Ph.D. student
Suriyan Anandavel, Ph.D. student
Sponsor
DARPA Faithful Integrated Reverse-engineering and Exploitation
FA8750-24-2-0500 (learn more)
From 2024 to 2027
This material is based upon work supported by the Defense Advanced Research Projects Agency (DARPA) via Contract No. FA8750-24-2-0500. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the DARPA and the U.S. Government.