Reconnaissance and Reverse Engineering: A Case Study of Cyberphysical Systems in the UMBC Academic Building ILSB

Andrea Ferketich
CSEE Dept, UMBC, and JHU APL

Joint work with Zachary Amoss, Leo Brown, Kevin Chen, Will DeStaffan, Brandon Hill, and Kathleen Koerner. This work
was carried out in the fall of 2022 as part of Alan Sherman’s INSuRE cybersecurity research class with Zachary Birnbaum (APL)
serving as technical director.

12:00pm (noon) – 1pm
Friday, February 17, 2023
Remotely via WebEx: https://umbc.webex.com/meet/sherman
Recording of Talk

Abstract:

We present our security analysis of three cyberphysical systems in UMBC’s new smart Interdisciplinary Life Sciences Building (ILSB): the access control system, the surveillance system, and the atrium’s electrical system. Supported by reconnaissance and reverse engineering, we identify potential vulnerabilities, attacks, and risks, and make recommendations. Conducting reconnaissance and reverse engineering activities on academic cyberphysical infrastructure is currently an insufficiently researched area, unlike critical infrastructure such as smart power grids and the Industrial Internet of Things (IIoT). This project identifies how susceptible three cyberphysical systems in ILSB are to cyber attacks, and the significance of each attack to the relevant system. Without completing a full analysis and reconnaissance of the building, the DoIT and facilities manager cannot be sure how the online sensor infrastructure interacts with the physical infrastructure. Typically, academic spaces are more physically accessible than are industry equivalents, primarily due to the public nature of universities, which encourages unfettered access to buildings for the sake of collaboration and student freedom. This level of access, however, also expands the potential attack surface by opening up the university to cyber attacks performed via physical methods. Our group discovered multiple attacks on the three cyberphysical systems, produced recommendations to the university, and identified additional analysis that can be performed to secure the cyberphysical infrastructure further. Our group additionally created mappings of target systems that include interface details and connection types. After creating reconnaissance artifacts, we identified vulnerabilities within the target systems and vulnerabilities within the target system configurations.

About the Speaker:

Andrea Ferketich is an employee at JHU APL, working as a task leader for US Navy combat systems cybersecurity integration with tactical systems. She is a computer science PhD student at UMBC who is proficient with various cybersecurity tools, cyber network security, cyber risk assessment, cyberphysical security, policy and requirements writing, project management, executive-level presentations, and Android programming. Andrea served as her INSuRE group’s technical project manager, coordinating with DoIT, and ensuring the overall project success with technical writing and resolving technical issues.

Email: andrea.ferketich@umbc.edu

Host:

Alan T. Sherman, sherman@umbc.edu

Upcoming CDL Meetings:

  • March 3, Enis Goleszewski (UMBC), Channel binding in FIDO should not be optional
  • March 17, no CDL talk (ACM SIGSCE)
  • March 31 – Speaker TBD
  • April 14 – Speaker TBD
  • April 28 – Speaker TBD
  • May 12 – Speaker TBD
  • March 20-24, UMBC spring break. May 5, CSEE Research Day (Library 7 th floor)

Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681.

The UMBC Cyber Defense Lab meets biweekly Fridays 12-1 pm. All meetings are open to the public.