CPS & IoT Security
AuroraSOC is one of the few SOC platforms that treats Cyber-Physical Systems (CPS) and IoT devices as first-class security assets alongside traditional IT infrastructure. This page explains the unique challenges of CPS security and how AuroraSOC addresses them.
What Are Cyber-Physical Systems?
CPS are systems where software directly controls physical processes:
| Domain | Examples | Risk |
|---|---|---|
| Industrial Control | PLCs, SCADA, DCS | Physical damage to equipment |
| Building Automation | HVAC, access control, fire suppression | Safety hazards |
| Medical Devices | Infusion pumps, patient monitors | Patient harm |
| Transportation | Traffic controllers, railway switches | Public safety |
| Energy | Smart grid, solar inverters, substations | Grid instability |
CPS vs. IT Security
Key Differences
| Aspect | IT Security | CPS/IoT Security |
|---|---|---|
| Priority | Confidentiality → Integrity → Availability | Safety → Availability → Integrity |
| Patching | Regular patch cycles | Months/years between patches (downtime unacceptable) |
| Protocols | TCP/IP, HTTP, TLS | Modbus, DNP3, BACnet, OPC UA, MQTT |
| Devices | Servers, workstations | Constrained (256KB RAM, no screen) |
| Lifetime | 3-5 years | 15-25 years |
| Isolation response | Isolate and investigate | Must maintain safety functions |
AuroraSOC's CPS Architecture
Three Firmware Platforms
AuroraSOC supports three distinct firmware platforms, each chosen for specific use cases:
ESP32-S3 — Zephyr RTOS (C)
Use case: Edge AI inference with WiFi connectivity
Why Zephyr + C?
- TFLite Micro for on-device ML inference (anomaly detection at the edge)
- Zephyr's hardware abstraction layer supports ESP32-S3's unique peripherals
- WiFi stack with TLS for secure MQTT communication
- OTA update capability for remote firmware management
nRF52840 — Embassy-rs (Rust)
Use case: BLE security sentinel and USB device monitor
Why Rust + Embassy?
- Memory safety without garbage collection on a 256KB RAM device
async/awaiton bare metal for concurrent BLE + MQTT-SN handling- Zero-cost abstractions — no runtime overhead compared to C
- CC310 hardware crypto accelerator for ECDSA attestation
STM32F429 — Ada SPARK (Ada)
Use case: Safety-critical relay control with formal verification
Why Ada SPARK?
- Formal proof that relay control logic cannot violate safety constraints
Pre/Postcontracts verified at compile time by the SPARK prover- Used in domains where software failures could cause physical harm
- PKA (Public Key Accelerator) for hardware-accelerated attestation
Firmware Attestation
Every device periodically proves its firmware integrity:
Physical-Cyber Correlation
AuroraSOC's unique capability: detecting attacks that span physical and digital domains.
Correlation Types
| Type | Detection Method | Example |
|---|---|---|
| PHYSICAL_TAMPER | Vibration sensor + auth failure | Someone physically accessing a device while attempting digital access |
| FIRMWARE_MISMATCH | Hash comparison against known-good | Supply chain attack replacing firmware |
| ANOMALOUS_TELEMETRY | Baseline deviation analysis | Temperature spike indicating hardware manipulation |
| COMMUNICATION_ANOMALY | Traffic pattern analysis | Device suddenly communicating with unknown IP |
| LOCATION_ANOMALY | Network zone validation | Device appearing in unexpected network segment |
How Correlation Works
Physical-cyber correlation alerts are always treated as Critical severity because they may indicate a sophisticated attacker with physical access to your infrastructure.
CPS Security Tools
The CPS Security agent has six specialized tools:
| Tool | Purpose |
|---|---|
| QueryCPSSensor | Read real-time telemetry from devices |
| VerifyAttestation | Trigger firmware integrity check |
| RevokeCertificate | Revoke a compromised device's certificate |
| CorrelatePhysicalCyber | Run correlation analysis on events |
| QueryOTProtocol | Query industrial protocols (Modbus, DNP3, OPC UA) |
| IsolateNetworkSegment | Isolate an OT network segment (requires approval) |