For most people, the term \u201ccyber security\u201d calls to mind stories of data theft like the recent hacks of the OPM database, or network spying like the 2012 breach of the Navy-Marine Corps Intranet.<\/p>\n
But in this networked world, hackers might also try to disable or take control of machines in our physical world\u2014from large systems like electric power grids and industrial plants, to transportations assets like cars, trains, planes or even ships at sea.<\/p>\n
In response, the U.S. Navy is developing the Resilient Hull, Mechanical, and Electrical Security (RHIMES) system, a cyber protection system designed to make its shipboard mechanical and electrical control systems resilient to cyber attacks.<\/p>\n
\u201cThe purpose of RHIMES is to enable us to fight through a cyber attack,\u201d said Chief of Naval Research Rear Adm. Mat Winter. \u201cThis technology will help the Navy protect its shipboard physical systems, but it may also have important applications to protecting our nation\u2019s physical infrastructure.\u201d<\/p>\n
Dr. Ryan Craven, a program officer of the Cyber Security and Complex Software Systems Program in the Mathematics Computer and Information Sciences Division of the Office of Naval Research, explained that RHIMES is designed to prevent an attacker from disabling or taking control of programmable logic controllers\u2014the hardware components that interface with physical systems on the ship.<\/p>\n
\u201cSome examples of the types of shipboard systems that RHIMES is looking to protect include damage control and firefighting, anchoring, climate control, electric power, hydraulics, steering and engine control,\u201d explained Craven. \u201cIt essentially touches all parts of the ship.\u201d<\/p>\n
Attacks on mechanical systems that are operated by computers have happened before. Stuxnet, the famous industrial \u201ccomputer worm\u201d discovered in 2010 was designed to attack controllers of Iranian centrifuges, causing the centrifuges to run at very high speeds, effectively tearing themselves apart.<\/p>\n
\u201cAnother powerful example is the hacking of a German steel mill in 2014,\u201d Craven said. \u201cThe hackers reportedly got in and overheated a blast furnace, and even made it so that the plant workers couldn\u2019t properly shut down the furnace, causing massive damage to the system.\u201d<\/p>\n
Traditionally, computer security systems protect against previously identified malicious code. When new threats appear, security firms have to update their databases and issue new signatures. Because security companies react to the appearance of new threats, they are always one step behind. Plus, a hacker can make small changes to their virus to avoid being detected by a signature.<\/p>\n
\u201cInstead, RHIMES relies on advanced cyber resiliency techniques to introduce diversity and stop entire classes of attacks at once,\u201d Craven said. Most physical controllers have redundant backups in place that have the same core programming, he explained. These backups allow the system to remain operational in the event of a controller failure. But without diversity in their programming, if one gets hacked, they all get hacked.<\/p>\n
\u201cFunctionally, all of the controllers do the same thing, but RHIMES introduces diversity via a slightly different implementation for each controller\u2019s program,\u201d Craven explained. \u201cIn the event of a cyber attack, RHIMES makes it so that a different hack is required to exploit each controller. The same exact exploit can\u2019t be used against more than one controller.\u201d<\/p>\n
This work aligns with higher level strategic guidance to protect against cyber threats, like the U.S. Navy\u2019s \u201cCyber Power 2020,\u201d but the technology may also have benefits outside of the Navy.<\/p>\n
\u201cVulnerabilities exist wherever computing intersects with the physical world, such as in factories, cars and aircraft,\u201d Craven said, \u201cand these vulnerabilities could potentially benefit from the same techniques for cyber resilience.\u201d<\/p>\n