This page describes my research projects more-or-less in reverse chronological order. See also my publications and software.

Overview

My research area is in real-time/embedded systems (RT/ES) focusing on the cross-cutting concerns of security and predictability. My research applies the areas of operating systems, computer architecture, computer security, and programming languages/compilers.

To conduct RT/ES research, I have developed experimental infrastructures using modified cycle-accurate processor simulators including SimpleScalar, GEMS, and gem5. With these simulators I have used bare-metal, the Linux kernel, Composite OS, and the RTEMS real-time operating system to evaluate my research.

Automotive Cyber Security

NSF CNS 1646317 and CNS 2011620. Project Webpage

This project investigates security protocols and mechanisms that maintain safe operations for network-connected and autonomous automotive vehicles. I am currently pursuing two broad directions:

1. Develop algorithms and methods for an in-vehicle network intrusion detection system that can detect attacks on the (CAN) network and transition vehicular subsystems into fail-safe/fail-operational modes.
2. Improve our understanding of the attack surface that a connected car exposes and the vulnerabilities that may be exploited remotely.

Papers

•  Paul Agbaje,  Afia Anjum,  Arkajyoti Mitra,  Gedare Bloom,  Habeeb Olufowobi,    A Framework for Consistent and Repeatable Controller Area Network IDS Evaluation,  in Workshop on Automotive and Autonomous Vehicle Security,  Internet Society,.  [ pdf ]
•  Gedare Bloom,    WeepingCAN: A Stealthy CAN Bus-off Attack,  in Workshop on Automotive and Autonomous Vehicle Security,  Internet Society,.  [ pdf ]
•  Habeeb Olufowobi,  Clinton Young,  Joseph Zambreno,  Gedare Bloom,    SAIDuCANT: Specification-Based Automotive Intrusion Detection Using Controller Area Network (CAN) Timing,  in IEEE Transactions on Vehicular Technology,  vol. 69,  iss. 2,  pp. 1484-1494,.  [ pdf ]
•  Habeeb Olufowobi,  Sena Hounsinou,  Gedare Bloom,    Controller Area Network Intrusion Prevention System Leveraging Fault Recovery,  in Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy,  pp. 63-73,  Association for Computing Machinery,.  [ pdf ]
•  Clinton Young,  Joseph Zambreno,  Habeeb Olufowobi,  Gedare Bloom,    Survey of Automotive Controller Area Network Intrusion Detection Systems,  in IEEE Design Test,  vol. 36,  iss. 6,  pp. 48-55,.  [ pdf ]
•  H. Olufowobi,  G. Bloom,  C. Young,  J. Zambreno,    Work-in-Progress: Real-Time Modeling for Intrusion Detection in Automotive Controller Area Network,  in 2018 IEEE Real-Time Systems Symposium (RTSS),  pp. 161-164,.  [ pdf ]
•  Habeeb Olufowobi,  Uchenna Ezeobi,  Eric Muhati,  Gaylon Robinson,  Clinton Young,  Joseph Zambreno,  Gedare Bloom,    Anomaly Detection Approach Using Adaptive Cumulative Sum Algorithm for Controller Area Network,  in Proceedings of the ACM Workshop on Automotive Cybersecurity,  pp. 25-30,  ACM,.  [ pdf ]
•  Clinton Young,  Habeeb Olufowobi,  Gedare Bloom,  Joseph Zambreno,    Automotive Intrusion Detection Based on Constant CAN Message Frequencies Across Vehicle Driving Modes,  in Proceedings of the ACM Workshop on Automotive Cybersecurity,  pp. 9-14,  ACM,.  [ pdf ]
•  Habeeb Olufowobi,  Gedare Bloom,    Chapter 16 - Connected Cars: Automotive Cybersecurity and Privacy for Smart Cities,  in Smart Cities Cybersecurity and Privacy,  pp. 227-240,  Elsevier,.  [ pdf ]
•  Clinton Young,  Joseph Zambreno,  Gedare Bloom,    Towards a Fail-Operational Intrusion Detection System for In-Vehicle Networks,  in Proceedings of the Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS),.  [ pdf ]

Industrial Control System Security

Supported in part by NSF OAC 1839321 and OAC 2001789

This project investigates security for the EPICS/RTEMS open-source software ecosystem in support of scientific industrial control systems.

Papers

•  Gedare Bloom,  Joel Sherrill,  Tingting Hu,  Ivan Cibrario Bertolotti,    Real-Time Systems Development with RTEMS and Multicore Processors,  CRC Press,.  [ pdf ]
•  Prajjwal Dangal,  Gedare Bloom,    Towards Industrial Security Through Real-time Analytics,  in 2020 IEEE 23rd International Symposium on Real-Time Distributed Computing (ISORC),  pp. 156-157,.  [ pdf ]
•  Gedare Bloom,  Joel Sherrill,    Harmonizing ARINC 653 and Realtime POSIX for Conformance to the FACE Technical Standard,  in 2020 IEEE 23rd International Symposium on Real-Time Distributed Computing (ISORC),  pp. 98-105,.  [ pdf ]

Hardware Data Structures

For my dissertation, I studied hardware support (circuit-level parallelism) for improving the performance of data structures. I investigated how OS support helps applications to use the hardware, and applied my methods to real-time systems (GPS navigation, image processing) and distributed access control.

Papers

• G. Bloom, R. Simha. Hardware-Enhanced Distributed Access Enforcement for Role-Based Access Control, Proceedings of the 19th ACM Symposium on Access Control Models and Technologies, SACMAT ‘14, June 2014.
• G. Bloom. “Operating System Support for Shared Hardware Data Structures”, Dissertation Thesis, The George Washington University, 2012.
• G. Bloom, G. Parmer, B. Narahari, and R. Simha. Shared Hardware Data Structures for Hard Real-Time Systems, 12th International Conference on Embedded Software, EMSOFT 2012, October 2012.
• G. Bloom, G. Parmer, B. Narahari, and R. Simha. Real-Time Scheduling with Hardware Data Structures, Work-in-Progress Session, IEEE Real-Time Systems Symposium, 2010. RTSS 2010. December 2010.

Untrusted IC Fabrication—IC Supply Chain

A newer field of study is the problem of malicious changes made to integrated circuits (IC or chip). These malicious changes, called Trojan circuits (or hardware Trojans), are an active area of study. Trojan circuits are a problem because ICs are manufactured in untrusted semiconductor fabrication plants (fabs or foundries). Untrusted fabrication also introduces the threats of intellectual property (IP) theft and counterfeit or cloned chips.

I looked into methods of active detection of Trojan circuit behavior at runtime; my work is contrary to most other research, which focuses on detection in a lab setting. By adding some simple, verifiable hardware logic at the board level (plug a card in to your motherboard), we can detect Trojan circuits when they make their move.

I also propose novel methods for fabs to increase trust in their processes by adding audit and tracking mechanisms.

Papers

• G. Bloom, B. Narahari, R. Simha, A. Namazi, and R. Levy FPGA SoC Architecture and Runtime to Prevent Hardware Trojans from Leaking Secrets, 2015 IEEE International Workshop on Hardware-Oriented Security and Trust, HOST 2015.
• G. Bloom, B. Narahari, R. Simha, and J. Zambreno. Providing secure execution environments with a last line of defense against Trojan circuit attacks, Computers & Security, vol. 28, no. 7, pp. 660-669, October 2009.
• G. Bloom, B. Narahari, and R. Simha. OS Support for Detecting Trojan Circuit Attacks, hst, pp. 100-103, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust, HOST 2009.
• G. Bloom, B. Narahari, and R. Simha. Fab Forensics: Increasing Trust in IC Fabrication, IEEE International Conference on Technologies for Homeland Security, 2010. HST ‘10.

Hardware Containers for Software Security

In the hardware containers project, I worked closely with Eugen Leontie and others to investigate hardware approaches for fine-grained memory access control. Our solution enables software developers to enforce memory protection in software components as small as C functions. Our code is available on GitHub with a modified SimpleScalar and modified GEMS.

Papers

• E. Leontie, G. Bloom, R. Simha, Hardware and Software Support for Fine-Grained Memory Access Control and Encapsulation in C++, ACM SIGPLAN Systems, Programming, Languages and Applications: Software for Humanity (SPLASH 2013), October 2013.

• E. Leontie, G. Bloom, B. Narahari, and R. Simha. No Principal Too Small: Memory Access Control for Fine-Grained Protection Domains, 15th Euromicro Conference on Digital System Design, DSD 2012, September 2012.

• E. Leontie, G. Bloom, R.Simha. Automation for Creating and Configuring Security Manifests for Hardware Containers, 4th Symposium on Configuration Analytics and Automation, SafeConfig 2011, October 2011.

• E. Leontie, G. Bloom, O. Gelbart, B. Narahari, and R. Simha. A Compiler-Hardware Technique for Protecting Against Buffer Overflow Attacks, Journal of Information Assurance and Security (JIAS), vol. 5, no. 1, pp. 1-8, 2010.

• E. Leontie, G. Bloom, B. Narahari, R. Simha, and J. Zambreno. Hardware Containers for Software Components: A Trusted Platform for COTS-Based Systems, 2009 IEEE/IFIP International Symposium on Trusted Computing and Communications, TRUSTCOM 2009, August 2009.
• E. Leontie, G. Bloom, B. Narahari, R. Simha, and J. Zambreno. Hardware-enforced Fine-grained Isolation of Untrusted Code, Proceedings of the Workshop on Secure Execution of Untrusted Code (SecuCode), November 2009.

Distributed Systems

My research career started out in parallel programming with the MTU UPC Group and distributed systems with Jonathan Stanton’s project, the Spread Messaging Toolkit. Although I did not go very far along this path, the general area continues to interest me.

Secure Bulletin Board (SecBB)

Critical to many electronic voting systems, a secure bulletin board provides append-only, globally-visible storage. Verifying operations with a secure bulletin board is simple: post items to the board and the entire world can verify their contents. Unfortunately, most current implementations require trusting a central (third) party.

One approach could use replicated servers and copy posted messages to each replica. Then, a majority of messages that are read exactly the same are taken as the correct message. I have implemented such a service, using a group messaging system and some cryptographic primitives. If a majority of the servers are correct, a posted message will remain immutable. Although the implementation is not production-quality, initial performance results are promising for even large precinct elections (4 million voters).

Mixnet Privacy

The gap between the practical and theoretical number of permutations that can be generated using a pseudorandom number generator (PRNG), when combined with randomized partial checking, introduces privacy loss. However, the privacy loss is of a theoretical nature: as long as the PRNG maintains the seed entropy at a level that is computationally infeasible to brute-force, then this gap does not indicate loss of privacy.

Papers

• G. Bloom and S. Popoveniuc. Information Leakage in Mix Networks with Randomized Partial Checking, 2009 International Conference on Information Security and Privacy, ISP-09, July 2009.

Disclaimers

• The opinions, findings, and conclusions or recommendations expressed are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.

• Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland Security.