Securing the supply chain: CCI researchers expanding their field

 CCI researchers expanding their field

The Commonwealth Cyber Initiative (CCI) has funded several projects to advance the state of supply chain cybersecurity, drawing together Virginia researchers to address securing autonomous vehicles, power grids, and more.

“Securing the supply chain helps protect our national economy and overall safety,” said Luiz DaSilva, CCI executive director. “Virginia’s research community, with its connection to industry, is working to keep our data, power grids, autonomous vehicles, and other critical areas safe from attack. CCI researchers bring their deep understanding to these challenges. We expect these seed grants to fuel future, large projects.”

CCI awarded 10 grants, totaling $650,000, to members of our research network. 

Recipients are at the CCI Hub, William & Mary (W&M), George Mason University, Old Dominion University (ODU), the University of Virginia (UVA), and Virginia Tech.

CCI held a supply chain cybersecurity workshop at the CCI Symposium in April to give funded researchers the opportunity to learn more about each other’s work. The intent is to help facilitate future projects that build off CCI seed grants, then earn funding from industry or government, DaSilva said.

Researchers took the opportunity to expand their network at the workshop, including Lishan Yang, a computer science assistant professor at Mason who’s research focuses on autonomous vehicles.

“I made some new friends in this workshop, and we are brainstorming for new ideas and collaborations,” Yang said.

Yi Shi, a CCI associate research professor, said he’s in the process of looking for large project opportunities; attending the workshop could help him build a future team. 

Learn more about the funded projects

Five projects focus on securing autonomous vehicles, including:

• ODU’s Katherine Smith and Rafael Diaz want to develop a trusted decision-making system for autonomous vehicles to take real-time actions that consider untrusted components in a mixed driving environment involving human-driven vehicles.
• To secure the deep neural network of autonomous vehicles against backdoor attacks, Sai Manoj Pudukotai Dinakarrao of Mason and Haiying (Helen) Shen of UVA will develop a system-aware verification technique inspired by software fuzzing.
• Sidi Liu and Adwait Nadkarni of W&M will evaluate the current security and privacy of tele-operated connected and autonomous vehicles through experimental and empirical approaches, using large-scale, physical testbeds.
• Lida Haghnegahder and Mohammad GhasemiGol of ODU aim to develop a machine learning-based security solution for distributed autonomous unmanned aerial vehicle swarms and decentralized detection to provide strong mission assurance in contested environments.
• Evgenia Smirni of W&M and Lishan Yang of Mason aim to enhance autonomous vehicle resilience by understanding the end-to-end effect of faults in the operation of the vehicles, then proposing practical mitigation techniques to harden their operation against faults.

Additional supply chain funded projects include:

• UVA’s Wajih Ul Hassan will develop an intrusion detection system to spot sophisticated attacks on software supply chains by conducting a decentralized analysis of system logs while upholding data privacy standards.
  
• Md Shirajum Munir and Sachin Shetty of ODU and Walid Saad of Virginia Tech plan to develop a framework to understand the potential of generative artificial intelligence (GenAI)-based attacks on the power grid to set up defenses. They’ll study potential attack vectors that GenAI brings into the power grid supply chain and develop an intelligent zero trust defense mechanism.
  
• Microelectronics embedded in computing platforms can emit electromagnetic emanations that can be exploited during manufacturing and spread through the supply chain. Yi Shi of the CCI Hub and Tugba Erpek and Yalin Sagduyu of Virginia Tech will explore the use of radio frequencies to develop safeguards for these components.
  
• Qiang Zeng of Mason plans to ensure lifetime supply chain security for the Internet of Things by testing devices and updates through on-device fuzzing that will take advantage of the hub-to-device local control channel.
  
• Lannan Lisa Luo of Mason proposes to apply the ideas and techniques in neural machine translation to binary code analysis, translating it to a binary in a high-resource instruction set architecture (ISA). A single model on a high-resource ISA can be trained, then the process reused on other ISAs.

For more information, contact CCI’s Communications and Marketing Director Michele McDonald.