APPLIED ENGINEERING CONCEPTS, INCORPORATED SBIR Phase I Award, July 2019

The convergence of operational technology and information technology systems has left many critical infrastructure deployments vulnerable to cyber attack. Defensive guidelines from organizations such as the U.S. National Institute of Standards and Technology call for the implementation of device authentication. However, there are no technologies currently available to provide device authentication at the network physical layer. The Physical layer Authentication for Wired Networks effort intends to provide a solution to this capability gap by exploiting intrinsic physical features of device communication signals. This technique is often referred to as fingerprinting in an effort to compare the technique to the use of human fingerprints for authentication purposes. This is essentially a classification problem that will be solved via machine learning techniques, specifically deep learning. The Phase I effort will focus on two main goals: the development of the required machine learning techniques, including the creation of a realistic training and validation data set, and prototype system design. The data set generated will be made publicly available for validation of results and to assist in advancing the overall field. The prototype will be constructed during the Phase II effort and will be a passive, small form factor, embedded device capable of interfacing with the network to capture physical layer device signals as well as network packet data. There is also the intent to publish any novel results that are obtained during the Phase I effort. PAWN Phases II and/or III will result in a commercial product line capable of non-intrusively adding physical layer authentication to OT networks. This will be through the addition of a small form factor hardware appliance that provides the capability to sample electrical signals traveling on the network as well as monitor network traffic at higher layer of the protocol stack. This device will provide processing power when deployed in a traditional network, but in the future will be integrated with the control plane of a software-defined network.