CS-3551 Advanced Topics in Distributed Systems Class Project Final Presentation
Using Unikernels to Enhance the Attack-Resistance of Spire, a Network-Attack-Resilient Intrusion-Tolerant SCADA for the Power Grid
Researchers: Brad Whitehead and Mike Boby
Project Overview:
The purpose of this project was to convert the conventional polymorphic executables of Spire, a network-attack-resistant and intrusion-tolerant SCADA system, to self-contained unikernels to enhance their resistance to compromise-type of attacks.

Spire uses the 'multicompiler' to generate unique, polymorphic executables with each compilation. The multicompiler generates an ELF executable. Consequently, the project used a unikernel library and build system, Hermitux, that works with executables instead of the normal requirement to use the original source code.

After the converson, the multicompiled-unikernel-Spire system was evaluated to confirm that Spire continued to operate correctly, that the executables exhibited the increased performance and reduced resource utilization characteristics of unikernel technology, and if possible, to demonstrate the increased compromise resistance of the system using various attack tools such as 'metasploit' and a red team 'capture the flag' exercise.

While the conversion effort was successful and Spire's unikernel components exhibited significantly reduced boot times and memory usage, because of time constraints it was not possible to confirm the overall operation of Spire nor to empirically test its increased compromise resistance.
Final Project Presentation
Back
Next
Project Materials
References/Research