Senior Project Opportunities

2022-2023 Projects

Various Projects with UC Santa Cruz 

Activity Contact: Bridget Benson | bbenson@calpoly.edu

There are some Faculty Members at UC Santa Cruz who are interested in having our students work with them on various CPE and EE related projects. The slides linked below provide a handful of main areas that students are encouraged to explore further. If you are interested, Bridget Benson can support you in contacting a UCSC Faculty Member and figuring out a way to define a specific project.

Side Channels

Activity Contact: Stephen Beard | srbeard@calpoly.edu

When thinking about computer security, we often focus on securing the parts of the computer we use and think about most often – the software and its execution. However, all computing devices are physical objects at some level with physical characteristics. Side Channel Attacks exploit the physical implementation of a system using physical artifacts that its operation creates – power, timing, electromagnetic radiation, sound, light, etc. For example, you can figure out someone’s cell phone PIN just by watching the power draw from its charger cable; you can easily crack a password using timing; you can turn a laser into a speaker and silently activate a smart home system! All kinds of really weird and interesting things are possible when you start to consider computing devices physical objects rather than magic math boxes. I am interested in advising any and all projects that investigate these types of attacks. These types of projects typically draw on a little bit of knowledge in many areas, and thus are great for individuals, teams, and cross-disciplinary groups. There is great potential for projects that have a heavy emphasis on reimplementing existing work, and those with more of a research element to them.

Some example projects that I am currently most interested in:
  • Using a laser to transmit sound to silently induce a smart home type device.
  • Hiding a cell phone power analysis device in a USB cable
  • Extending current work in cell phone power analysis to deduce typed text rather than just 10 key PINs
  • AC power analysis for cell phone PIN discovery rather than 5 V DC
  • Acoustic analysis of keyboard typing to deduce text
  • Voltage glitching attacks to directly attack systems

Cyber Physical Systems

Activity Contact: Stephen Beard | srbeard@calpoly.edu

Operational Technology (OT, think factories and power plants) have long been the realm of analog control with some isolated digital systems. Thus, the threat model that such systems have classically faced has excluded many of the classical threats that the Information Technology (IT, think laptops and servers) realm has dealt with. With the increasing connectivity in our world and the business desire for more and more “big data” driven decisions, many OT spaces are being driving towards connectivity. This clashing of worlds has serious consequences for security that we have already begun to see — the damage caused by a cyber incident in a power plant, water treatment plant, or hospital has serious risk of injury and loss of life.

In recognition of the need for more research and education in this area, PG&E has graciously donated a Critical Infrastructure Cyber Security Lab to Cal Poly. This lab will hopefully serve as the basis for many exciting courses and projects. It is currently a fantastic framework upon which we can build, consisting of several workstations, servers, data diodes, and Programmable Logic Controllers (think the OT version of an FPGA). We currently need a few projects to help flesh out this skeleton. These include projects to create some cyber physical systems that can serve as demonstrations and attack targets, as well as some projects to bring the network side of the lab up to full functionality. Note that many interested attacks require targets of some sort, so there is a natural ordering to some of these projects. I, in addition to a few other faculty, are interested in advising projects in these areas.

Some example projects include:
  • Closed Loop PLC Controlled Systems
    • Traffic light control system
    • Simulated power plant / distribution system
    • Suspend ping pong ball in a column of air
  • System Administration
    • Imaging and backup of servers and workstations
    • Racking and installing hypervisor-based server
    • Network IDS configuration and analysis
  • Attack Exploration
    • Attacks circumventing data diode-based networks
    • Human Machine Interface PLC attacks
    • Hardware trojan based attacks

Architectural Security

Activity Contact: Stephen Beard | srbeard@calpoly.edu
Trusted systems require the faithful execution of secure software by secure hardware. Today’s systems have neither. Essentially all software contains bugs that attackers can find and exploit. The complexity of hardware, combined with the large attack surface presented in its development, manufacturing, and deployment processes make it nearly impossible to secure every component. My dissertation focused on leveraging a small, trusted, and potentially formally verified set of hardware and software to contain the potentially ill effects of untrusted/buggy/malicious hardware and software. This wholistic system-based approach has the potential to guarantee the correctness of communication from a system without major impacts to its performance. We have historically called this system TrustGuard and the small, trusted, hardware verification unit the Sentry. There are still many open areas that deserve further investigation in this area, and I would be thrilled to advise student projects that will help me further explore this area. Note that many of these projects will contain a strong research emphasis.
 
Some example areas and projects
  • Architectural simulations for security
  • FPGA based implementations of hardware security-based techniques
  • Formal verification of hardware and software designs
  • Exploration of security policy-based communication verification
  • Further exploration of software with clear specification between inputs and outputs for verification-based protection

Whale Detangler

Activity Contact: Bridget Benson | bbenson@calpoly.edu
Looking for 1-2 students to make Rev2 of a whale detangler system made by past senior project students.  The bulk of the project involves designing a new PCB that combines a microcontroller with a strain gauge, accelerometer, and digital switch.  Students will also work with the client to perform at sea tests of the system.  

Pitch2Programmers

Activity Contact: Chris Lupo | clupo@calpoly.edu

Pitch2programmers is a hybrid event that will be held on November 17th, 2022, from 3:30 to 6:30 PM in the advanced technology lab at Cal Poly (Building 7).  It aims to bring senior students at Cal Poly and stakeholders/advisors/project managers/faculty together for creative and unique learn by doing senior project experiences. In order to receive up to date information, the schedule, and the Zoom link, we require students register their interest in the event: https://forms.gle/Ufvm1m7AHxzptHK29 

Link | Pitch2Programmers Event | CSC Senior Project Description