Robotic aerial vehicles (RAVs) have been increasingly deployed in various areas (e.g.,
commercial, military, scientific, and entertainment). However, RAVs’ security and safety
issues could not only arise from either of the “cyber” domain (e.g., control software) and
“physical” domain (e.g., vehicle control model) but also stem in their interplay. Unfortunately, existing work had focused mainly on either the “cyber-centric” or “control-centric”
approaches. However, such a single-domain focus could overlook the security threats caused
by the interplay between the cyber and physical domains.
<br>In this thesis, we present cyber-physical analysis and hardening to secure RAV controllers.
Through a combination of program analysis and vehicle control modeling, we first developed
novel techniques to (1) connect both cyber and physical domains and then (2) analyze
individual domains and their interplay. Specifically, we describe how to detect bugs after
RAV accidents using provenance (Mayday), how to proactively find bugs using fuzzing
(RVFuzzer), and how to patch vulnerable firmware using binary patching (DisPatch). As
a result, we have found 91 new bugs in modern RAV control programs, and their developers
confirmed 32 cases and patch 11 cases.
| Identifer | oai:union.ndltd.org:purdue.edu/oai:figshare.com:article/14502120 |
| Date | 06 May 2021 |
| Creators | Taegyu Kim (10716420) |
| Source Sets | Purdue University |
| Detected Language | English |
| Type | Text, Thesis |
| Rights | CC BY 4.0 |
| Relation | https://figshare.com/articles/thesis/Cyber-Physical_Analysis_and_Hardening_of_Robotic_Aerial_Vehicle_Controllers/14502120 |
Page generated in 0.0028 seconds