Monowar Hasan, assistant professor in Washington State University’s School of Electrical Engineering and Computer Science, has received a prestigious National Science Foundation (NSF) CAREER Award for his work to detect and mitigate information leakage in time-critical cyber-physical systems.
The five-year, $600,000 award supports early-career faculty who are leading research advances and who have the potential to become role models in research and education.
Cyber-physical system like those in autonomous vehicles, drones, medical devices, and power plants rely on a mix of complex modules and software. Many of these systems still use older, legacy software that wasn’t built with today’s cybersecurity challenges in mind.
“Understanding how data flows in cyber-physical systems — what’s running, how apps communicate, and how information moves — is already challenging. Network and internet connectivity in newer technologies, like autonomous vehicles, makes it even harder,” Hasan said.
Our goal is to track how data flows through critical systems — does it follow design specs, or is someone tampering with it? Answering that helps us build systems that are more resilient and trustworthy.
Monowar Hasan, assistant professor
Washington State University
Covert timing channels are unintended communication channels that allow malicious actors to secretly exchange information between software tasks by manipulating the execution timing.
“Attackers don’t need to break everything at once — just knowing the timing of critical tasks can let them crash a system,” Hasan said. “These leaks pose real risks to both safety and reliability.”
Hasan’s project explores hidden “covert channels” in real-time schedulers and develops strategies to detect, measure, and block them. His team will study the system behaviors that create these timing vulnerabilities and design improved schedulers to prevent information leaks.
“Our goal is to track how data flows through critical systems — does it follow design specs, or is someone tampering with it?” Hasan said. “Answering that helps us build systems that are more resilient and trustworthy.”
The researchers will begin by mapping how information moves across system components and identifying potential leakage points. To counter these risks, they plan to introduce controlled “noise” into the system, making it harder for attackers to detect or exploit patterns in data flow.
“We’re adding controlled randomness so that, from an attacker’s perspective, the system no longer looks predictable,” Hasan said. “The challenge is to do this without disturbing normal operations, so we have to engineer it carefully to keep the system running smoothly while blocking information leaks.”
To wrap up, the researchers will develop “metrics” to gauge system security against cyberattacks, then validate their approach using cyber-physical testbeds like autonomous robots and rovers.
“Our work will improve the security, safety, and resilience of real-time cyber-physical systems. This CAREER project is just the beginning — there are still many challenges and opportunities to tackle in the field,” Hasan said.
With WSU since 2023, Hasan holds a PhD in computer science from the University of Illinois Urbana-Champaign and a master’s degree from the University of Manitoba.
