NSF Project - Year 1 Products (2014)

(NSF DUE-1315328), (09/2013-08/2015) Total $300K. Project Title: "EDU: Collaborative: When Cyber Security Meets Physical World: A Multimedia-based Virtual Classroom for Cyber-Physical Systems Security Education to Serve City / Rural Colleges".

PI: Fei Hu

Project Abstract The goal of this project is to establish a multimedia-based virtual classroom with a virtual lab teaching assistant for the education of cyber-physical system (CPS) security. Such a virtual classroom will enable college students in resource-limited rural areas to learn the latest CPS security knowledge through on-line, peer-to-peer learning with other students (such as those in city schools).

The novelty of this development includes three features: First, all CPS security teaching materials target application-driven learning. We will select the important, interesting CPS applications including healthcare, renewable energy, and industrial control, for CPS attacks analysis. Second, we will work with a multimedia company to build interesting virtual classroom lectures. We will enhance rural area students' security learning through peer-to-peer on-line idea exchange tools. Third, to meet the open access labs' requirements, we will build interactive virtual lab helper software (called virtual lab TA), to enable remote students to conduct virtual hardware labs and obtain help through multimedia tools.
Year 1 summary

In Year 1, we have achieved the following outcomes:

Presented our work in NIST educational workshop on homeland security;

Developed a one-semester course on CPS security;

Developed 2 labs (at UA site) and 6 labs (at Miss State site) on CPS security;

Developed Virtual TA tools for UA labs.

(1) NIST NICE Workshop


Workshop Website ; Here is My presentation (by Fei Hu)


(2) New Course Development


Course Name: ECE 493/593 - Cyber-Physical System Security

Audiences: Junior/Senior undergraduate students and first-year graduate students; Computer Science, Computer Engineering, Information Technology, or other related majors

Course materials we have developed so far: (some of them are slides; some of them are discussion/reading materials (PDF papers)

Week 1. Lecture on "CPS Basics" (Slides)

Week 2. Introduction to CPS security (Slides) Reading materials: National CPS security requirements (from Department of Homeland Security)

Week 3. Applied Cryptography - Symmetric methods (slides) Applied Crypto - Math basics (slides)

Week 4. AES Public Key (I) (all slides)

Week 5. (all slides) Public Key (II): RSA Public Key (III): ECC, Hash Public Key (IV): Advanced topics

Week 6. (all slides) Sensor Networks for CPS Sensor Network Security (I) Sensor Network Security (II) Sensor Network Security: reading materials

Week 7. CPS - SensorWeb and security (slides) Control Systems (basics) Secure control (I)

Week 8. Secure control (II) Secure control (III): DoS attack Industry control security

Week 9. Automobile security (I) Automobile security (II) (slides) Reading materials Water system security Reading materials

Week 10. Medical Device Security (I) reading materials Medical Device Security (II) Medical Device Security (III) reading materials

Week 11. Implanted Device Security (I) Implanted Device Security (II) (Kevin slides) Implanted Device Security (III) Implanted Device Security (IV)

Week 12. Power system basics Power system security (I) (slides) Power system security (II)

Week 13. Data injection attack in CPS (slides) State estimation attack SCADA security

Week 14. Circuit security embedded system security reading materials

Week 15. Mobile Phone security Side channel attack Metering security

Week 16. RFID security (I) (slides) RFID security (II) (slides)


(3) Lab materials

Senior Project (can be used for class project / labs): CPS Security: Mobile Phone case

The PI (Fei Hu) has guided a group of senior student to develop an interesting CPS security project on mobile phone security. The background of this senior project can be found from the following two papers: Paper 1 Paper 2

The entire project report can be found here: Project Report The presentation slides are here: Project Presentation

All software codes can be found here: Codes

Required Hardware
" Android phone with required sensors (accelerometer, light, proximity, sound)
" One computer for extracting data from phone and running MATLAB

Required Software
" Java Development Kit
" Android SDK
" Android IDE
" Linux

6 Labs on SCADA security (please contact another PI - Prof. Tommy Morris for details)


(4) Virtual TA tools

Why build virtual labs with a software-based TA? This project will also build a series of virtual labs that allow the rural students to try the "virtual hardware". Since the rural schools may not have the required lab resources (such as circuit boards, oscillator, etc.), for hardware-based security labs such as IMD power charge security lab, we will build tools to guide remote students for hardware settings. For software-based security labs (such as the lab on the use of CPS simulator or other tools for smart grid security), we will build multimedia-oriented virtual lab teaching assistant (VTA) to answer potential lab questions students may have. The VTA will have an index of lab questions. When students click any of them, a multimedia clip with video/audio explanations will appear. The VTA tool includes pre-lab training, topic explanations, instrumentation training, and a post-lab assessment. The VTA system not only helps remote rural students to complete each security lab, but also adapts to the requirements of 24/7 open access labs: today, more and more schools adopt open labs that allow individual, self-paced learning and fit students' flexible schedules. Open labs save more teaching resources (equipment and space) than traditional fixed-schedule labs.

In the following two VTA tools we have developed by using professional multimedia software kit, please unzip it and open story.html (a webpage file). Then you can hear voice, listen video, etc. All those things look like a TA helping you with each aspect of the lab.

VTA tool 1 on mobile phone sensor based user ahentication. In this VTA, we will show you how you can use the sensors (such as acoustic, motion sensor, etc.) in the smart phone to find out the behavioral features of the user. This helps to identify some misbehaviors such as making phone calls during driving.

In this lab, students can learn DTW (Dynamic Time Warping), SVM (Support Vector Machine), and Dimension Reduction algorithms.

VTA tool 2 on mobile phone forensics. This lab aims to find out call records from the binary-format memory image. Even a user may issue "delete log" command in the phone, we can still dig into the raw memory data to detect calling records. We use HMM (hidden Markov model) software to identify imcomplete phone numbers or people's names.