Search

Your search keyword '"Miroslav Pajic"' showing total 116 results
Start Over Author "Miroslav Pajic" Language undetermined
116 results on '"Miroslav Pajic"'

3. Security Analysis for Distributed IoT-Based Industrial Automation

Author

Zivana Jakovljevic, Vuk Lesi, and Miroslav Pajic

Subjects
0209 industrial biotechnology, Security analysis, Computer science, business.industry, Semantics (computer science), Distributed computing, Control (management), Systems and Control (eess.SY), 02 engineering and technology, Petri net, Electrical Engineering and Systems Science - Systems and Control, Automation, Attack model, 020901 industrial engineering & automation, Control and Systems Engineering, FOS: Electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, business, Internet of Things, Formal verification
Abstract

With ever-expanding computation and communication capabilities of modern embedded platforms, Internet of Things (IoT) technologies enable development of Reconfigurable Manufacturing Systems---a new generation of highly modularized industrial equipment suitable for highly-customized manufacturing. Sequential control in these systems is largely based on discrete events, while their formal execution semantics is specified as Control Interpreted Petri Nets (CIPN). Despite industry-wide use of programming languages based on the CIPN formalism, formal verification of such control applications in the presence of adversarial activity is not supported. Consequently, in this paper we focus on security-aware modeling and verification challenges for CIPN-based sequential control applications. Specifically, we show how CIPN models of networked industrial IoT controllers can be transformed into Time Petri Net (TPN)-based models, and composed with plant and security-aware channel models in order to enable system-level verification of safety properties in the presence of network-based attacks. Additionally, we introduce realistic channel-specific attack models that capture adversarial behavior using nondeterminism. Moreover, we show how verification results can be utilized to introduce security patches and motivate design of attack detectors that improve overall system resiliency, and allow satisfaction of critical safety properties. Finally, we evaluate our framework on an industrial case study.

Published
2022
Full Text
View/download PDF

4. Offline Learning of Closed-Loop Deep Brain Stimulation Controllers for Parkinson Disease Treatment

Author

Qitong Gao, Stephen L. Schmidt, Afsana Chowdhury, Guangyu Feng, Jennifer J. Peters, Katherine Genty, Warren M. Grill, Dennis A. Turner, and Miroslav Pajic

Subjects
Signal Processing (eess.SP), FOS: Computer and information sciences, Computer Science - Machine Learning, FOS: Biological sciences, FOS: Electrical engineering, electronic engineering, information engineering, Electrical Engineering and Systems Science - Signal Processing, Quantitative Biology - Quantitative Methods, Quantitative Methods (q-bio.QM), Machine Learning (cs.LG)
Abstract

Deep brain stimulation (DBS) has shown great promise toward treating motor symptoms caused by Parkinson's disease (PD), by delivering electrical pulses to the Basal Ganglia (BG) region of the brain. However, DBS devices approved by the U.S. Food and Drug Administration (FDA) can only deliver continuous DBS (cDBS) stimuli at a fixed amplitude; this energy inefficient operation reduces battery lifetime of the device, cannot adapt treatment dynamically for activity, and may cause significant side-effects (e.g., gait impairment). In this work, we introduce an offline reinforcement learning (RL) framework, allowing the use of past clinical data to train an RL policy to adjust the stimulation amplitude in real time, with the goal of reducing energy use while maintaining the same level of treatment (i.e., control) efficacy as cDBS. Moreover, clinical protocols require the safety and performance of such RL controllers to be demonstrated ahead of deployments in patients. Thus, we also introduce an offline policy evaluation (OPE) method to estimate the performance of RL policies using historical data, before deploying them on patients. We evaluated our framework on four PD patients equipped with the RC+S DBS system, employing the RL controllers during monthly clinical visits, with the overall control efficacy evaluated by severity of symptoms (i.e., bradykinesia and tremor), changes in PD biomakers (i.e., local field potentials), and patient ratings. The results from clinical experiments show that our RL-based controller maintains the same level of control efficacy as cDBS, but with significantly reduced stimulation energy. Further, the OPE method is shown effective in accurately estimating and ranking the expected returns of RL controllers., Accepted to International Conference on Cyber Physical Systems (ICCPS) 2023

Published
2023
Full Text
View/download PDF

6. AVstack: An Open-Source, Reconfigurable Platform for Autonomous Vehicle Development

Author

Robert Spencer Hallyburton, Shucheng Zhang, and Miroslav Pajic

Subjects
Software Engineering (cs.SE), FOS: Computer and information sciences, Computer Science - Robotics, Computer Science - Software Engineering, FOS: Electrical engineering, electronic engineering, information engineering, Systems and Control (eess.SY), Electrical Engineering and Systems Science - Systems and Control, Robotics (cs.RO)
Abstract

Pioneers of autonomous vehicles (AVs) promised to revolutionize the driving experience and driving safety. However, milestones in AVs have materialized slower than forecast. Two culprits are (1) the lack of verifiability of proposed state-of-the-art AV components, and (2) stagnation of pursuing next-level evaluations, e.g., vehicle-to-infrastructure (V2I) and multi-agent collaboration. In part, progress has been hampered by: the large volume of software in AVs, the multiple disparate conventions, the difficulty of testing across datasets and simulators, and the inflexibility of state-of-the-art AV components. To address these challenges, we present AVstack, an open-source, reconfigurable software platform for AV design, implementation, test, and analysis. AVstack solves the validation problem by enabling first-of-a-kind trade studies on datasets and physics-based simulators. AVstack solves the stagnation problem as a reconfigurable AV platform built on dozens of open-source AV components in a high-level programming language. We demonstrate the power of AVstack through longitudinal testing across multiple benchmark datasets and V2I-collaboration case studies that explore trade-offs of designing multi-sensor, multi-agent algorithms.

Published
2023
Full Text
View/download PDF

9. A comparison of an implanted accelerometer with a wearable accelerometer for closed-loop DBS

Author

Erick, Rojas, Stephen L, Schmidt, Afsana, Chowdhury, Miroslav, Pajic, Dennis A, Turner, and Deborah S, Won

Subjects
Wearable Electronic Devices, Accelerometry, Tremor, Humans, Parkinson Disease, Prostheses and Implants
Abstract

Sensing technology, as well as cloud communication, is enabling the development of closed-loop deep brain stimulation (DBS) for Parkinson's disease. The accelerometer is a practical sensor that can provide information about the disease/health state of the patient as well as physical activity levels, all of which in the long-term can provide feedback information to an adaptive closed-loop control algorithm for more effective and personalized DBS therapy. In this paper, we present for the first time, acceleration streamed from Medtronic's RC+S device in patients with Parkinson's disease while at home, and compare it to accel-eration acquired concurrently from the patient's Apple Watch. We examined correlation between the accelerometer signals at varying time scales. We also compared the spectral band power obtained from the two accelerometers. While there was an average correlation of 0.37 for subject 1 and 0.50 for subject 2 between the two acceleration signals on a time scale of 10 minutes, the correlation was lower for shorter time scales on the order of seconds. There was greater spectral power in the Parkinsonian tremor band of 4-7 Hz for the externally worn accelerometer than the internal accelerometer, but the internal accelerometer showed greater relative power distributed in the higher frequencies (7-30 Hz). Thus, based on this preliminary analysis, we expect that the internal accelerometer may be used to assess patient activity and state for closed loop DBS but tremor detection may require more sophisticated signal processing. Furthermore, the internal accelerometer may contain information in higher frequency bands that reveal information about the patient state. Clinical relevance - Closed-loop DBS is expected to improve patient outcomes for the tens of thousands of Parkinson's disease patients using DBS [1], [2]. Eliminating an additional external device in order to implement closed-loop adaptive deep brain stimulation would benefit DBS patients however an understanding of what information is lost by doing so is needed to justify the ultimate design of closed-loop DBS.

Published
2022
Full Text
View/download PDF

10. A Reinforcement Learning-Informed Pattern Mining Framework for Multivariate Time Series Classification

Author

Ge Gao, Qitong Gao, Xi Yang, Miroslav Pajic, and Min Chi

Abstract

Multivariate time series (MTS) classification is a challenging and important task in various domains and real-world applications. Much of prior work on MTS can be roughly divided into neural network (NN)- and pattern-based methods. The former can lead to robust classification performance, but many of the generated patterns are challenging to interpret; while the latter often produce interpretable patterns that may not be helpful for the classification task. In this work, we propose a reinforcement learning (RL) informed PAttern Mining framework (RLPAM) to identify interpretable yet important patterns for MTS classification. Our framework has been validated by 30 benchmark datasets as well as real-world large-scale electronic health records (EHRs) for an extremely challenging task: sepsis shock early prediction. We show that RLPAM outperforms the state-of-the-art NN-based methods on 14 out of 30 datasets as well as on the EHRs. Finally, we show how RL informed patterns can be interpretable and can improve our understanding of septic shock progression.

Published
2022
Full Text
View/download PDF

11. Attacks on Distributed Sequential Control in Manufacturing Automation

Author

Zivana Jakovljevic, Miroslav Pajic, and Vuk Lesi

Subjects
Supervisory control theory, business.industry, Event (computing), Computer science, Distributed computing, 020208 electrical & electronic engineering, Reconfigurability, Control reconfiguration, 02 engineering and technology, Modular design, Automation, Computer Science Applications, Control and Systems Engineering, Control system, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, business, Information Systems, Vulnerability (computing)
Abstract

Industrial Internet of Things (IIoT) represents a backbone of modern reconfigurable manufacturing systems (RMS), which enable manufacturing of a high product variety through rapid and easy reconfiguration of manufacturing equipment. In IIoT-enabled RMS, modular equipment is built from smart devices, each performing its own tasks, whereas the global functioning is achieved through their networking and intensive communication. Although device communication contributes to the system reconfigurability, it also opens up new security challenges due to potential vulnerability of communication links. In this article, we present security analysis for a major part of RMS in which manufacturing equipment is sequentially controlled and can be modeled as discrete event systems (DES). Control distribution within DES implies communication of certain events between smart modules. Specifically, in this work, we focus on attacks on communication of these events. In particular, we develop a method for modeling such attacks, including event insertion and removal attacks, in distributed sequential control; the method is based on the supervisory control theory framework. We show how the modeled attacks can be detected and provide a method for identification of communication links that require protection to avoid catastrophic damage of the system. Finally, we illustrate and experimentally validate applicability of our methodology on a real-world industrial case study with reconfigurable manufacturing equipment.

Published
2021
Full Text
View/download PDF

12. Extending the Lifetime of MEDA Biochips by Selective Sensing on Microelectrodes

Author

Zhanwei Zhong, Krishnendu Chakrabarty, Tung-Che Liang, and Miroslav Pajic

Subjects
business.industry, Computer science, Cell, Microfluidics, 02 engineering and technology, Computer Graphics and Computer-Aided Design, 020202 computer hardware & architecture, Microelectrode, chemistry.chemical_compound, medicine.anatomical_structure, CMOS, chemistry, 0202 electrical engineering, electronic engineering, information engineering, Miniaturization, medicine, Bioassay, Electrical and Electronic Engineering, business, Biochip, Software, Computer hardware, MEDA
Abstract

A digital microfluidic biochip (DMFB) enables miniaturization of immunoassays, point-of-care clinical diagnostics, and DNA sequencing. A recent generation of DMFBs uses a micro-electrode-dot-array (MEDA) architecture, which provides fine-grained control of droplets and real-time droplet sensing using the CMOS technology. However, microelectrodes in a MEDA biochip degrade when they are charged and discharged frequently during bioassay execution. In this article, we first make the key observation that the droplet-sensing operations contribute up to 94% of all microelectrode actuation in MEDA. Consequently, to reduce the number of droplet-sensing operations, we present a new microelectrode cell (MC) design as well as a selective-sensing method such that only a small fraction of microelectrodes perform droplet sensing during bioassay execution. The selection of microelectrodes that need to perform the droplet sensing is based on an analysis of experimental data. A comprehensive set of simulation results show that the total number of droplet-sensing operations is reduced to only 0.7%, which prolongs the lifespan of a MEDA biochip by $11\times $ without any impact on bioassay time-to-response.

Published
2020
Full Text
View/download PDF

13. Distributing Sequential Control for Manufacturing Automation Systems

Author

Vuk Lesi, Zivana Jakovljevic, Stefan Mitrovic, and Miroslav Pajic

Subjects
0209 industrial biotechnology, business.industry, Computer science, Modularity (biology), 020208 electrical & electronic engineering, 02 engineering and technology, Modular design, Petri net, Automation, Decentralised system, 020901 industrial engineering & automation, Intelligent sensor, Control and Systems Engineering, Control system, Embedded system, 0202 electrical engineering, electronic engineering, information engineering, Code (cryptography), Electrical and Electronic Engineering, business
Abstract

Recent trends in manufacturing require the use of reconfigurable equipment that facilitates rapid and cost-effective change of functionality through modular design, which supports fast integration. Intelligent devices (e.g., sensors, actuators) with integrated computation and communication capabilities enable high-level modularity, not only with the respect to hardware components but also in terms of control functionality; this can be achieved by distributing control to different network-connected devices. Thus, to enable fast and reliable system reconfigurations, in this brief, we introduce a method for distribution of control tasks and generation of control code for the devices in the control network. Our approach is based on the control interpreted Petri nets (CIPNs) formalism. We start from a CIPN capturing the centralized (overall) control system, and the mapping of input and output signals to local controllers (LCs) (i.e., smart devices) that have direct physical access to system sensors and actuators. From these, our method automatically designs distributed control tasks for LCs in the network, as well as generates control code for each LC. The applicability of the proposed method is experimentally verified on two real-world case studies.

Published
2020
Full Text
View/download PDF

18. Operator Strategy Model Development in UAV Hacking Detection

Author

Mahmoud Elfar, Mary L. Cummings, Haibei Zhu, Miroslav Pajic, and Ziyao Wang

Subjects
0209 industrial biotechnology, Decision support system, Spoofing attack, Computer Networks and Communications, Computer science, Human Factors and Ergonomics, 02 engineering and technology, Machine learning, computer.software_genre, 020901 industrial engineering & automation, 0203 mechanical engineering, Supervisory control, Artificial Intelligence, Hidden Markov model, 020301 aerospace & aeronautics, business.industry, Testbed, Drone, Computer Science Applications, Human-Computer Interaction, Control and Systems Engineering, Control system, Signal Processing, Global Positioning System, Artificial intelligence, business, computer
Abstract

An increasingly relevant security issue for unmanned aerial vehicles (UAVs, also known as drones) is the possibility of a global positioning system (GPS) spoofing attack. Given the existing problems in current GPS spoofing detection techniques and human visual advantages in searching and localizing targets, we propose a human-autonomy collaborative approach of human geo-location to assist UAV control systems in detecting GPS spoofing attacks. An interactive testbed and experiment were designed and used to evaluate this approach, which demonstrated that human-autonomy collaborative hacking detection is a viable concept. Using the hidden Markov model (HMM) approach, operator behavior patterns and strategies from the experiment were modeled via hidden states and transitions among them. These models revealed two dominant hacking detection strategies. Statistical results and expert performer evaluations show no significant difference between different hacking detection strategies in terms of correct detection. The detection strategy model suggests areas of future research in decision support tool design for UAV hacking detection. Also, the development of HMMs presents the feasibility of quantitatively investigating operator behavior patterns and strategies in human supervisory control scenarios.

Published
2019
Full Text
View/download PDF

19. Statistical Verification of Hyperproperties for Cyber-Physical Systems

Author

Mojtaba Zarei, Borzoo Bonakdarpour, Miroslav Pajic, and Yu Wang

Subjects
0209 industrial biotechnology, Theoretical computer science, Markov chain, Computer science, Probabilistic logic, Cyber-physical system, 02 engineering and technology, Rotation formalisms in three dimensions, Automaton, Range (mathematics), 020901 industrial engineering & automation, Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, A priori and a posteriori, 020201 artificial intelligence & image processing, Temporal logic, Software
Abstract

Many important properties of cyber-physical systems (CPS) are defined upon the relationship between multiple executions simultaneously in continuous time. Examples include probabilistic fairness and sensitivity to modeling errors (i.e., parameters changes) for real-valued signals. These requirements can only be specified by hyperproperties . In this article, we focus on verifying probabilistic hyperproperties for CPS. To cover a wide range of modeling formalisms, we first propose a general model of probabilistic uncertain systems (PUSs) that unify commonly studied CPS models such as continuous-time Markov chains (CTMCs) and probabilistically parametrized Hybrid I/O Automata (P 2 HIOA). To formally specify hyperproperties, we propose a new temporal logic, hyper probabilistic signal temporal logic (HyperPSTL) that serves as a hyper and probabilistic version of the conventional signal temporal logic (STL). Considering the complexity of real-world systems that can be captured as PUSs, we adopt a statistical model checking (SMC) approach for their verification. We develop a new SMC technique based on the direct computation of significance levels of statistical assertions for HyperPSTL specifications, which requires no a priori knowledge on the indifference margin. Then, we introduce SMC algorithms for HyperPSTL specifications on the joint probabilistic distribution of multiple paths, as well as specifications with nested probabilistic operators quantifying different paths, which cannot be handled by existing SMC algorithms. Finally, we show the effectiveness of our SMC algorithms on CPS benchmarks with varying levels of complexity, including the Toyota Powertrain Control System.

Published
2019
Full Text
View/download PDF

20. Probabilistic conformance for cyber-physical systems

Author

Yu Wang, Borzoo Bonakdarpoor, Mojtaba Zarei, and Miroslav Pajic

Subjects
0209 industrial biotechnology, Class (computer programming), Powertrain, Settling time, business.industry, Computer science, Probabilistic logic, Automotive industry, Cyber-physical system, Systems and Control (eess.SY), 02 engineering and technology, Electrical Engineering and Systems Science - Systems and Control, Reliability engineering, Set (abstract data type), 020901 industrial engineering & automation, FOS: Electrical engineering, electronic engineering, information engineering, business, Statistical hypothesis testing
Abstract

In system analysis, conformance indicates that two systems simultaneously satisfy the same set of specifications of interest; thus, the results from analyzing one system automatically transfer to the other, or one system can safely replace the other in practice. In this work, we study the probabilistic conformance of cyber-physical systems (CPS). We propose a notion of (approximate) probabilistic conformance for sets of complex specifications expressed by the Signal Temporal Logic (STL). Based on a novel statistical test, we develop the first statistical verification methods for the probabilistic conformance of a wide class of CPS. Using this method, we verify the conformance of the startup time of the widely-used full and simplified model of Toyota powertrain systems, the settling time of model-predictive-control-based and neural-network-based automotive lane-keeping controllers, as well as the maximal voltage deviation of full and simplified power grid systems.

Published
2021
Full Text
View/download PDF

21. Formal Synthesis of Adaptive Droplet Routing for MEDA Biochips

Author

Krishnendu Chakrabarty, Mahmoud Elfar, Tung-Che Liang, and Miroslav Pajic

Subjects
business.industry, Computer science, Microfluidics, Computer Graphics and Computer-Aided Design, chemistry.chemical_compound, Formal synthesis, Microelectrode, CMOS, chemistry, Miniaturization, Electrical and Electronic Engineering, Routing (electronic design automation), business, Biochip, Software, Computer hardware, MEDA
Abstract

A digital microfluidic biochip (DMFB) enables the miniaturization of immunoassays, point-of-care clinical diagnostics, and DNA sequencing. A recent generation of DMFBs uses a micro-electrode-dot-array (MEDA) architecture, which provides fine-grained control of droplets and real-time droplet sensing using CMOS technology. However, microelectrodes in a MEDA biochip can degrade due to charge trapping when they are repeatedly charged and discharged during bioassay execution; such degradation leads to the failure of microelectrodes and erroneous bioassay outcomes. To address this problem, we first introduce a new microelectrode-cell design such that we can obtain the health status of all the microelectrodes in a MEDA biochip by employing the inherent sensing mechanism. Next, we present a stochastic game-based model for droplet manipulation, and a formal synthesis method for droplet routing that can dynamically change droplet transportation routes. This adaptation is based on the real-time health information obtained from microelectrodes. Comprehensive simulation results for four real-life bioassays show that our method increases the likelihood of successful bioassay completion with negligible impact on time-to-results.

Published
2021
Full Text
View/download PDF

22. Deep Imitative Reinforcement Learning for Temporal Logic Robot Motion Planning with Noisy Semantic Observations

Author

Qitong Gao, Michael M. Zavlanos, and Miroslav Pajic

Subjects
0209 industrial biotechnology, Computer science, business.industry, Probabilistic logic, Mobile robot, 02 engineering and technology, 010501 environmental sciences, 01 natural sciences, 020901 industrial engineering & automation, Linear temporal logic, Reinforcement learning, Robot, Temporal logic, Noise (video), Artificial intelligence, Markov decision process, business, 0105 earth and related environmental sciences
Abstract

In this paper, we propose a Deep Imitative Q-learning (DIQL) method to synthesize control policies for mobile robots that need to satisfy Linear Temporal Logic (LTL) specifications using noisy semantic observations of their surroundings. The robot sensing error is modeled using probabilistic labels defined over the states of a Labeled Transition System (LTS) and the robot mobility is modeled using a Labeled Markov Decision Process (LMDP) with unknown transition probabilities. We use existing product-based model checkers (PMCs) as experts to guide the Q-learning algorithm to convergence. To the best of our knowledge, this is the first approach that models noise in semantic observations using probabilistic labeling functions and employs existing model checkers to provide suboptimal instructions to the Q-learning agent.

Published
2020
Full Text
View/download PDF

23. Statistical verification of learning-based cyber-physical systems

Author

Miroslav Pajic, Mojtaba Zarei, and Yu Wang

Subjects
030213 general clinical medicine, 0209 industrial biotechnology, Artificial neural network, Property (programming), Computer science, Cyber-physical system, 02 engineering and technology, 03 medical and health sciences, 020901 industrial engineering & automation, 0302 clinical medicine, Computer engineering, Reachability, Control theory, Scalability, Robot, Focus (optics)
Abstract

The use of Neural Network (NN)-based controllers has attracted significant attention in recent years. Yet, due to the complexity and non-linearity of such NN-based cyber-physical systems (CPS), existing verification techniques that employ exhaustive state-space search, face significant scalability challenges; this effectively limits their use for analysis of real-world CPS. In this work, we focus on the use of Statistical Model Checking (SMC) for verifying complex NN-controlled CPS. Using an SMC approach based on Clopper-Pearson confidence levels, we verify from samples specifications that are captured by Signal Temporal Logic (STL) formulas. Specifically, we consider three CPS benchmarks with varying levels of plant and controller complexity, as well as the type of considered STL properties - reachability property for a mountain car, safety property for a bipedal robot, and control performance of the closed-loop magnet levitation system. On these benchmarks, we show that SMC methods can be successfully used to provide high-assurance for learning-based CPS.

Published
2020
Full Text
View/download PDF

24. Model-Based Design of Closed Loop Deep Brain Stimulation Controller using Reinforcement Learning

Author

Warren M. Grill, Karthik Kamaravelu, Ilija Jovanov, Michael Naumann, Miroslav Pajic, Vuk Lesi, and Qitong Gao

Subjects
0209 industrial biotechnology, Deep brain stimulation, Computer science, medicine.medical_treatment, 02 engineering and technology, 020901 industrial engineering & automation, Control theory, Brain stimulation, Model-based design, medicine, Reinforcement learning, State space, Markov decision process, Energy (signal processing)
Abstract

Parkinson’s disease (PD) currently Influences around one million people in the US. Deep brain stimulation (DBS) is a surgical treatment for the motor symptoms of PD that delivers electrical stimulation to the basal ganglia (BG) region of the brain. Existing commercial DBS devices employ stimulation based only on fixed-frequency periodic pulses. While such periodic high-frequency DBS controllers provide effective relief of PD symptoms, they are very inefficient in terms of energy consumption, and the lifetime of these battery- operated devices is limited to 4 years. Furthermore, fixed high- frequency stimulation may have side effects, such as speech impairment. Consequently, there is a need to move beyond (1) fixed stimulation pulse controllers, and (2) ‘one-size-fits- all’ patient-agnostic treatments, to provide energy efficient and effective (in terms of relieving PD symptoms) DBS controllers. In this work, we introduce a deep reinforcement learning (RL)- based approach that can derive patient-specific DBS patterns that are both effective in reducing a model-based proxy for PD symptoms, as well as energy-efficient. Specifically, we model the BG regions as a Markov decision process (MDP), and define the state and action space as state of the neurons in the BG regions and the stimulation patterns, respectively. Thereafter, we define the reward functions over the state space, and the learning objective is set to maximize the accumulated reward over a finite horizon (i.e., the treatment duration), while bounding average stimulation frequency. We evaluate the performance of our methodology using a Brain-on-Chip (BoC) FPGA platform that implements the physiologically-relevant basal ganglia model (BGM). We show that our RL-based DBS controllers significantly outperform existing fixed frequency controllers in terms of energy efficiency (e.g., by using 70% less energy than common periodic controllers), while providing suitable reduction of model-based proxy for PD symptoms.

Published
2020
Full Text
View/download PDF

26. Attack-resilient state estimation with intermittent data authentication

Author

Amir Khazraei and Miroslav Pajic

Subjects
Authentication, Computer science, business.industry, Cryptography, Systems and Control (eess.SY), Electrical Engineering and Systems Science - Systems and Control, Noise, Control and Systems Engineering, Control theory, Control system, Data integrity, FOS: Electrical engineering, electronic engineering, information engineering, Message authentication code, State (computer science), Electrical and Electronic Engineering, business, Computer network
Abstract

Network-based attacks on control systems may alter sensor data delivered to the controller, effectively causing degradation in control performance. As a result, having access to accurate state estimates, even in the presence of attacks on sensor measurements, is of critical importance. In this paper, we analyze performance of resilient state estimators (RSEs) when any subset of sensors may be compromised by a stealthy attacker. Specifically, we consider systems with the well-known l0-based RSE and two commonly used sound intrusion detectors (IDs). For linear time-invariant plants with bounded noise, we define the notion of perfect attackability (PA) when attacks may result in unbounded estimation errors while remaining undetected by the employed ID (i.e., stealthy). We derive necessary and sufficient PA conditions, showing that a system can be perfectly attackable even if the plant is stable. While PA can be prevented with the use the standard cryptographic mechanisms (e.g.,message authentication) that ensure data integrity under network-based attacks, their continuous use imposes significant communication and computational overhead. Consequently, we also study the impact that even intermittent use of data authentication has on RSE performance guarantees in the presence of stealthy attacks. We show that if messages from some of the sensors are even intermittently authenticated, stealthy attacks could not result in unbounded state estimation errors., 12 pages, 7 figures, submitted to Journal

Published
2022
Full Text
View/download PDF

27. A hybrid stochastic game for secure control of cyber-physical systems

Author

Miroslav Pajic, Quanyan Zhu, George J. Pappas, and Fei Miao

Subjects
0209 industrial biotechnology, Computer science, Distributed computing, Stochastic game, Cyber-physical system, 02 engineering and technology, Optimal control, System dynamics, 020901 industrial engineering & automation, Control and Systems Engineering, Control theory, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), 020201 artificial intelligence & image processing, Markov decision process, Electrical and Electronic Engineering
Abstract

In this paper, we establish a zero-sum, hybrid state stochastic game model for designing defense policies for cyber-physical systems against different types of attacks. With the increasingly integrated properties of cyber-physical systems (CPS) today, security is a challenge for critical infrastructures. Though resilient control and detecting techniques for a specific model of attack have been proposed, to analyze and design detection and defense mechanisms against multiple types of attacks for CPSs requires new system frameworks. Besides security, other requirements such as optimal control cost also need to be considered. The hybrid game model we propose contains physical states that are described by the system dynamics, and a cyber state that represents the detection mode of the system composed by a set of subsystems. A strategy means selecting a subsystem by combining one controller, one estimator and one detector among a finite set of candidate components at each state. Based on the game model, we propose a suboptimal value iteration algorithm for a finite horizon game, and prove that the algorithm results an upper bound for the value of the finite horizon game. A moving-horizon approach is also developed in order to provide a scalable and real-time computation of the switching strategies. Both algorithms aim at obtaining a saddle-point equilibrium policy for balancing the system’s security overhead and control cost. The paper illustrates these concepts using numerical examples, and we compare the results with previously system designs that only equipped with one type of controller.

Published
2018
Full Text
View/download PDF

28. Efficient and Adaptive Error Recovery in a Micro-Electrode-Dot-Array Digital Microfluidic Biochip

Author

Chen-Yi Lee, Miroslav Pajic, Po-Hsien Yu, Tsung-Yi Ho, Kelvin Yi-Tse Lai, Krishnendu Chakrabarty, Zipeng Li, and John McCrone

Subjects
Engineering, business.industry, 020208 electrical & electronic engineering, Microfluidics, 02 engineering and technology, Chip, Computer Graphics and Computer-Aided Design, PRISM model checker, 020202 computer hardware & architecture, chemistry.chemical_compound, Control flow, chemistry, Embedded system, Hardware_INTEGRATEDCIRCUITS, 0202 electrical engineering, electronic engineering, information engineering, Digital microfluidics, Electrical and Electronic Engineering, business, Biochip, Integer programming, Software, MEDA
Abstract

A digital microfluidic biochip (DMFB) is an attractive technology platform for automating laboratory procedures in biochemistry. In recent years, DMFBs based on a micro-electrode-dot-array (MEDA) architecture have been proposed. MEDA biochips can provide advantages of better capability of droplet manipulation and real-time sensing ability. However, errors are likely to occur due to defects, chip degradation, and the lack of precision inherent in biochemical experiments. Therefore, an efficient error-recovery strategy is essential to ensure the correctness of assays executed on MEDA biochips. By exploiting MEDA-specific advances in droplet sensing, we present a novel error-recovery technique to dynamically reconfigure the biochip using real-time data provided by on-chip sensors. Local recovery strategies based on probabilistic-timed-automata are presented for various types of errors. An online synthesis technique and a control flow are also proposed to connect local-recovery procedures with global error recovery for the complete bioassay. Moreover, an integer linear programming-based method is also proposed to select the optimal local-recovery time for each operation. Laboratory experiments using a fabricated MEDA chip are used to characterize the outcomes of key droplet operations. The PRISM model checker and three benchmarks are used for an extensive set of simulations. Our results highlight the effectiveness of the proposed error-recovery strategy.

Published
2018
Full Text
View/download PDF

29. Security-Aware Scheduling of Embedded Control Tasks

Author

Ilija Jovanov, Miroslav Pajic, and Vuk Lesi

Subjects
0209 industrial biotechnology, Linear programming, business.industry, Computer science, Distributed computing, Automotive industry, Cryptography, Usability, 02 engineering and technology, Man-in-the-middle attack, 020202 computer hardware & architecture, Scheduling (computing), 020901 industrial engineering & automation, Hardware and Architecture, Data integrity, 0202 electrical engineering, electronic engineering, information engineering, Message authentication code, business, Software
Abstract

In this work, we focus on securing cyber-physical systems (CPS) in the presence of network-based attacks, such as Man-in-the-Middle (MitM) attacks, where a stealthy attacker is able to compromise communication between system sensors and controllers. Standard methods for this type of attacks rely on the use of cryptographic mechanisms, such as Message Authentication Codes (MACs) to ensure data integrity. However, this approach incurs significant computation overhead, limiting its use in resource constrained systems. Consequently, we consider the problem of scheduling multiple control tasks on a shared processor while providing a suitable level of security guarantees. Specifically, by security guarantees we refer to control performance, i.e., Quality-of-Control (QoC), in the presence of attacks. We start by mapping requirements for QoC under attack into constraints for security-aware control tasks that, besides standard control operations, intermittently perform data authentication. This allows for the analysis of the impact that security-related computation overhead has on both schedulability of control tasks and QoC. Building on this analysis, we introduce a mixed-integer linear programming-based technique to obtain a schedulable task set with predefined QoC requirements. Also, to facilitate optimal resource allocation, we provide a method to analyze interplay between available computational resources and the overall QoC under attack, and show how to obtain a schedulable task set that maximizes the overall QoC guarantees. Finally, we prove usability of our approach on a case study with multiple automotive control components.

Published
2017
Full Text
View/download PDF

30. Synthesis of Error-Recovery Protocols for Micro-Electrode-Dot-Array Digital Microfluidic Biochips

Author

Krishnendu Chakrabarty, Mahmoud Elfar, Zhanwei Zhong, Zipeng Li, and Miroslav Pajic

Subjects
Schedule, Computer science, business.industry, Reliability (computer networking), 020208 electrical & electronic engineering, Microfluidics, 02 engineering and technology, Lab-on-a-chip, Chip, 020202 computer hardware & architecture, law.invention, chemistry.chemical_compound, chemistry, Hardware and Architecture, law, Embedded system, Hardware_INTEGRATEDCIRCUITS, 0202 electrical engineering, electronic engineering, information engineering, Digital microfluidics, business, Biochip, Software, MEDA
Abstract

A digital microfluidic biochip (DMFB) is an attractive technology platform for various biomedical applications. However, a conventional DMFB is limited by: (i) the number of electrical connections that can be practically realized, (ii) constraints on droplet size and volume, and (iii) the need for special fabrication processes and the associated reliability/yield concerns. To overcome the above challenges, DMFBs based on a micro-electrode-dot-array (MEDA) architecture have been proposed and fabricated recently. Error recovery is of key interest for MEDA biochips due to the need for system reliability. Errors are likely to occur during droplet manipulation due to defects, chip degradation, and the uncertainty inherent in biochemical experiments. In this paper, we first formalize error-recovery objectives, and then synthesize optimal error-recovery protocols using a model based on Stochastic Multiplayer Games (SMGs). We also present a global error-recovery technique that can update the schedule of fluidic operations in an adaptive manner. Using three representative real-life bioassays, we show that the proposed approach can effectively reduce the bioassay completion time and increase the probability of success for error recovery.

Published
2017
Full Text
View/download PDF

31. Security of Cyber-Physical Systems in the Presence of Transient Sensor Faults

Author

Radoslav Ivanov, Sang H. Son, Miroslav Pajic, James Weimer, Insup Lee, and Junkil Park

Subjects
021110 strategic, defence & security studies, 0209 industrial biotechnology, Control and Optimization, Unmanned ground vehicle, Computer Networks and Communications, Computer science, Real-time computing, 0211 other engineering and technologies, Cyber-physical system, Fault tolerance, 02 engineering and technology, Sensor fusion, Fault (power engineering), Human-Computer Interaction, 020901 industrial engineering & automation, Artificial Intelligence, Hardware and Architecture, Transient (computer programming), Pairwise comparison, Fault model
Abstract

This article is concerned with the security of modern Cyber-Physical Systems in the presence of transient sensor faults. We consider a system with multiple sensors measuring the same physical variable, where each sensor provides an interval with all possible values of the true state. We note that some sensors might output faulty readings and others may be controlled by a malicious attacker. Differing from previous works, in this article, we aim to distinguish between faults and attacks and develop an attack detection algorithm for the latter only. To do this, we note that there are two kinds of faults—transient and permanent; the former are benign and short-lived, whereas the latter may have dangerous consequences on system performance. We argue that sensors have an underlying transient fault model that quantifies the amount of time in which transient faults can occur. In addition, we provide a framework for developing such a model if it is not provided by manufacturers. Attacks can manifest as either transient or permanent faults depending on the attacker’s goal. We provide different techniques for handling each kind. For the former, we analyze the worst-case performance of sensor fusion over time given each sensor’s transient fault model and develop a filtered fusion interval that is guaranteed to contain the true value and is bounded in size. To deal with attacks that do not comply with sensors’ transient fault models, we propose a sound attack detection algorithm based on pairwise inconsistencies between sensor measurements. Finally, we provide a real-data case study on an unmanned ground vehicle to evaluate the various aspects of this article.

Published
2017
Full Text
View/download PDF

32. Design and Implementation of Attack-Resilient Cyberphysical Systems: With a Focus on Attack-Resilient State Estimators

Author

Nicola Bezzo, George J. Pappas, James Weimer, Insup Lee, Oleg Sokolsky, and Miroslav Pajic

Subjects
Control system security, 0209 industrial biotechnology, Engineering, business.industry, 020208 electrical & electronic engineering, Cyber-physical system, 02 engineering and technology, Stuxnet, Computer security, computer.software_genre, Critical infrastructure, Drone, 020901 industrial engineering & automation, SCADA, Control and Systems Engineering, Modeling and Simulation, Control system, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, Resilience (network), business, computer
Abstract

Recent years have witnessed a significant increase in the number of securityrelated incidents in control systems. These include high-profile attacks in a wide range of application domains, from attacks on critical infrastructure, as in the case of the Maroochy Water breach [1], and industrial systems (such as the StuxNet virus attack on an industrial supervisory control and data acquisition system [2], [3] and the German Steel Mill cyberattack [4], [5]), to attacks on modern vehicles [6]-[8]. Even high-assurance military systems were shown to be vulnerable to attacks, as illustrated in the highly publicized downing of the RQ-170 Sentinel U.S. drone [9]-[11]. These incidents have greatly raised awareness of the need for security in cyberphysical systems (CPSs), which feature tight coupling of computation and communication substrates with sensing and actuation components. However, the complexity and heterogeneity of this next generation of safety-critical, networked, and embedded control systems have challenged the existing design methods in which security is usually consider as an afterthought.

Published
2017
Full Text
View/download PDF

33. Model-Free Reinforcement Learning for Stochastic Games with Linear Temporal Logic Objectives

Author

Michael M. Zavlanos, Alper Kamil Bozkurt, Miroslav Pajic, and Yu Wang

Subjects
FOS: Computer and information sciences, Computer Science - Logic in Computer Science, Mathematical optimization, Learning automata, Computer science, Stochastic process, Stochastic game, Upper and lower bounds, Automaton, Logic in Computer Science (cs.LO), Computer Science - Robotics, Linear temporal logic, Control theory, Computer Science::Logic in Computer Science, Reinforcement learning, Robotics (cs.RO), Computer Science::Formal Languages and Automata Theory
Abstract

We study the problem of synthesizing control strategies for Linear Temporal Logic (LTL) objectives in unknown environments. We model this problem as a turn-based zero-sum stochastic game between the controller and the environment, where the transition probabilities and the model topology are fully unknown. The winning condition for the controller in this game is the satisfaction of the given LTL specification, which can be captured by the acceptance condition of a deterministic Rabin automaton (DRA) directly derived from the LTL specification. We introduce a model-free reinforcement learning (RL) methodology to find a strategy that maximizes the probability of satisfying a given LTL specification when the Rabin condition of the derived DRA has a single accepting pair. We then generalize this approach to LTL formulas for which the Rabin condition has a larger number of accepting pairs, providing a lower bound on the satisfaction probability. Finally, we illustrate applicability of our RL method on two motion planning case studies.

Published
2020
Full Text
View/download PDF

34. Learning Monotone Dynamics by Neural Networks

Author

Yu Wang, Qitong Gao, and Miroslav Pajic

Subjects
FOS: Computer and information sciences, Computer Science - Machine Learning, Optimization and Control (math.OC), FOS: Mathematics, Dynamical Systems (math.DS), Mathematics - Dynamical Systems, Mathematics - Optimization and Control, Machine Learning (cs.LG)
Abstract

Feed-forward neural networks (FNNs) work as standard building blocks in applying artificial intelligence (AI) to the physical world. They allow learning the dynamics of unknown physical systems (e.g., biological and chemical) {to predict their future behavior}. However, they are likely to violate the physical constraints of those systems without proper treatment. This work focuses on imposing two important physical constraints: monotonicity (i.e., a partial order of system states is preserved over time) and stability (i.e., the system states converge over time) when using FNNs to learn physical dynamics. For monotonicity constraints, we propose to use nonnegative neural networks and batch normalization. For both monotonicity and stability constraints, we propose to learn the system dynamics and corresponding Lyapunov function simultaneously. As demonstrated by case studies, our methods can preserve the stability and monotonicity of FNNs and significantly reduce their prediction errors.

Published
2020
Full Text
View/download PDF

36. Secure Planning Against Stealthy Attacks via Model-Free Reinforcement Learning

Author

Alper Kamil Bozkurt, Yu Wang, and Miroslav Pajic

Subjects
FOS: Computer and information sciences, business.industry, Computer science, Stochastic process, Stochastic game, Intrusion detection system, Automation, Computer Science - Robotics, Linear temporal logic, Control theory, Computer Science - Computer Science and Game Theory, Reinforcement learning, Robot, business, Robotics (cs.RO), Computer Science and Game Theory (cs.GT)
Abstract

We consider the problem of security-aware planning in an unknown stochastic environment, in the presence of attacks on control signals (i.e., actuators) of the robot. We model the attacker as an agent who has the full knowledge of the controller as well as the employed intrusion-detection system and who wants to prevent the controller from performing tasks while staying stealthy. We formulate the problem as a stochastic game between the attacker and the controller and present an approach to express the objective of such an agent and the controller as a combined linear temporal logic (LTL) formula. We then show that the planning problem, described formally as the problem of satisfying an LTL formula in a stochastic game, can be solved via model-free reinforcement learning when the environment is completely unknown. Finally, we illustrate and evaluate our methods on two robotic planning case studies.

Published
2020
Full Text
View/download PDF

37. Context-Aware Temporal Logic for Probabilistic Systems

Author

Miroslav Pajic, Mahmoud Elfar, and Yu Wang

Subjects
Model checking, Structure (mathematical logic), 050101 languages & linguistics, Theoretical computer science, Syntax (programming languages), Computer science, 05 social sciences, Probabilistic logic, Context (language use), 02 engineering and technology, Semantics, System requirements, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, Temporal logic
Abstract

In this paper, we introduce the context-aware probabilistic temporal logic (CAPTL) that provides an intuitive way to formalize system requirements by a set of PCTL objectives with a context-based priority structure. We formally present the syntax and semantics of CAPTL and propose a synthesis algorithm for CAPTL requirements. We also implement the algorithm based on the PRISM-games model checker. Finally, we demonstrate the usage of CAPTL on two case studies: a robotic task planning problem, and synthesizing error-resilient scheduler for micro-electrode-dot-array digital microfluidic biochips.

Published
2020
Full Text
View/download PDF

38. Attack-Resilient Supervisory Control with Intermittently Secure Communication

Author

Yu Wang and Miroslav Pajic

Subjects
Supervisor, Regular language, Secure communication, Supervisory control, Event (computing), Computer science, business.industry, Bounded function, business, Word (computer architecture), Computer network
Abstract

In this work, we study supervisory control of discrete event systems in the presence of network-based attacks on information delivered to and from the supervisors. The attacks are modeled by finite state transducers (FSTs), having the ability to nondeterministically rewrite a word to any word of a regular language. A desired language is called controllable if there exists a security-aware supervisor that ensures that the restricted language executed by the plant for any possible attack behavior is the desired one – we refer to such supervisors as attack-resilient. First, we solve the problem of computing the maximal controllable sub-language (MCSL) of a desired language and propose the design algorithm for an attack-resilient supervisor, in scenarios where no security guarantees exists for communication between the plant and the supervisor. Then, we consider the case where the supervisor has active but intermittent access to a size-limited secure channel, which ensures integrity and availability of the data transmitted over it. Specifically, we propose the notion of accessibility as a measure of distance between a language and its sub-language, and show that a desired language is controllable with intermittently secure communication if and only if its difference from its MCSL without secure channel is bounded by the accessibility measure. Finally, we illustrate our approach on several examples.

Published
2019
Full Text
View/download PDF

39. Supervisory Control of Discrete Event Systems in the Presence of Sensor and Actuator Attacks

Author

Yu Wang and Miroslav Pajic

Subjects
Nondeterministic algorithm, Controllability, 0209 industrial biotechnology, Class (computer programming), 020901 industrial engineering & automation, Supervisory control, Event (computing), Computer science, 020208 electrical & electronic engineering, 0202 electrical engineering, electronic engineering, information engineering, Control engineering, 02 engineering and technology, Actuator
Abstract

This work focuses on control of discrete event systems (DES) in the presence of attacks on their inputs and outputs. We propose to model such attacks as nondeterministic finite state transducers (FSTs) and show how FSTs can be used to capture a very wide class of attacks including all previously considered attacks on DES, as well as additional attacks and attack features reported in recent security incidents. We study the supervisory control problem in cases when attacks occur: (i) only on the sensors, (ii) only on the actuators, and (iii) both on the actuators and sensors of the plant. For each case, we present new sets of controllability theorems and synthesizing algorithms for attack-resilient supervisors. On a series of examples, we illustrate the use of our approach for modeling and design of such security-aware supervisory control.

Published
2019
Full Text
View/download PDF

40. Detection of cyber-attacks in electro-pneumatic positioning system with distributed control

Author

Dusan M. Nedeljkovic, Miroslav Pajic, Zoran Dj. Miljkovic, and Zivana Jakovljevic

Subjects
0209 industrial biotechnology, Positioning system, business.industry, Computer science, Control (management), Cyber-physical system, 020206 networking & telecommunications, 02 engineering and technology, Industrial control system, Computer security, computer.software_genre, Support vector machine, 020901 industrial engineering & automation, 0202 electrical engineering, electronic engineering, information engineering, False positive paradox, Wireless, business, Resilience (network), computer
Abstract

Concept of Industry 4.0 and implementation of Cyber Physical Systems (CPS) and Internet of Things (IoT) in industrial plants are changing the way we manufacture. Introduction of industrial IoT leads to ubiquitous communication (usually wireless) between devices in industrial control systems, thus introducing numerous security concerns and opening up wide space for potential malicious threats and attacks. As a consequence of various cyber-attacks, fatal failures can occur on system parts or the system as a whole. Therefore, security mechanisms must be developed to provide sufficient resilience to cyber-attacks and keep the system safe and protected. In this paper we present a method for detection of attacks on signals in continuous time controlled electro-pneumatic positioning system that is implemented using smart devices with wireless communication capabilities. The method is based on $\varepsilon$ insensitive support vector regression ($\varepsilon$-SVR); it is implemented on real-world system, and it successfully detected all considered attacks (without false positives) in real-time.

Published
2019
Full Text
View/download PDF

41. Synchronization of Distributed Controllers in Cyber-Physical Systems

Author

Miroslav Pajic, Vuk Lesi, and Zivana Jakovljevic

Subjects
Scheme (programming language), 0209 industrial biotechnology, Computer science, Distributed computing, Automatic frequency control, Cyber-physical system, 02 engineering and technology, Motion control, Synchronization, 020901 industrial engineering & automation, Synchronization (computer science), 0202 electrical engineering, electronic engineering, information engineering, Robot, Systems design, Overhead (computing), 020201 artificial intelligence & image processing, computer, computer.programming_language
Abstract

Due to misaligned clock sources, distributed control in Cyber-Physical Systems (CPS) requires not only synchronous execution of control algorithms on distributed system components, which we refer to as cyber-synchronization, but also appropriate generation of actuation signals—we refer to this as physical-synchronization. In this paper, we define general requirements for cyber-physical synchronization, as well as show their use on a specific real-world application—distributed motion control for reconfigurable manufacturing systems. We present synchronization challenges in such systems and investigate effects of synchronization errors on the overall system functionality (i.e., machining accuracy). Furthermore, we introduce a low-cost synchronization scheme that can be implemented with of-the-shelf components and validate it on standardized accuracy tests with 2D configurations of industry-grade single-axis robots. We show that our cyber-physical synchronization techniques ensure minimal accuracy impairment of distributed motion control without introducing significant cost/overhead to system design.

Published
2019
Full Text
View/download PDF

42. Security-Aware Synthesis of Human-UAV Protocols

Author

Mary L. Cummings, Haibei Zhu, Mahmoud Elfar, and Miroslav Pajic

Subjects
Protocol (science), 0209 industrial biotechnology, Task (computing), Geolocation, 020901 industrial engineering & automation, Computer science, Distributed computing, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 02 engineering and technology
Abstract

In this work, we synthesize collaboration protocols for human-unmanned aerial vehicle (H-UAV) command and control systems, where the human operator aids in securing the UAV by intermittently performing geolocation tasks to confirm its reported location. We first present a stochastic game-based model for the system that accounts for both the operator and an adversary capable of launching stealthy false-data injection attacks, causing the UAV to deviate from its path. We also describe a synthesis challenge due to the UAV’s hidden-information constraint. Next, we perform human experiments using a developed RESCHU-SA testbed to recognize the geolocation strategies that operators adopt. Furthermore, we deploy machine learning techniques on the collected experimental data to predict the correctness of a geolocation task at a given location based on its geographical features. By representing the model as a delayed-action game and formalizing the system objectives, we utilize off-the-shelf model checkers to synthesize protocols for the human-UAV coalition that satisfy these objectives. Finally, we demonstrate the usefulness of the H-UAV protocol synthesis through a case study where the protocols are experimentally analyzed and further evaluated by human operators.

Published
2019
Full Text
View/download PDF

43. Reliable industrial IoT-based distributed automation

Author

Vuk Lesi, Miroslav Pajic, and Zivana Jakovljevic

Subjects
0209 industrial biotechnology, business.industry, Process (engineering), Computer science, Distributed computing, Runtime verification, 020207 software engineering, 02 engineering and technology, Modular design, Petri net, Automation, System model, 020901 industrial engineering & automation, Component (UML), 0202 electrical engineering, electronic engineering, information engineering, business
Abstract

Reconfigurable manufacturing systems supported by Industrial Internet-of-Things (IIoT) are modular and easily integrable, promoting efficient system/component reconfigurations with minimal downtime. Industrial systems are commonly based on sequential controllers described with Control Interpreted Petri Nets (CIPNs). Existing design methodologies to distribute centralized automation/control tasks focus on maintaining functional properties of the system during the process, while disregarding failures that may occur during execution (e.g., communication packet drops, sensing or actuation failures). Consequently, in this work, we provide a missing link for reliable IIoT-based distributed automation. We introduce a method to transform distributed control models based on CIPNs into Stochastic Reward Nets that enable integration of realistic fault models (e.g., probabilistic link models). We show how to specify desired system properties to enable verification under the adopted communication/fault models, both at design- and run-time; we also show feasibility of runtime verification on the edge, with a continuously updated system model. Our approach is used on real industrial systems, resulting in modifications of local controllers to guarantee reliable system operation in realistic IIoT environments.

Published
2019
Full Text
View/download PDF

44. Automated Identification of Referable Retinal Pathology in Teleophthalmology Setting

Author

Qitong Gao, Scott W. Cousins, Majda Hadziahmetovic, Miroslav Pajic, and Joshua Amason

Subjects
0301 basic medicine, medicine.medical_specialty, automated diagnosis, genetic structures, teleophthalmology, Biomedical Engineering, Teleophthalmology, Retina, Article, 03 medical and health sciences, chemistry.chemical_compound, 0302 clinical medicine, Text mining, Optical coherence tomography, image analysis, Ophthalmology, medicine, Medical imaging, Humans, Retinal pathology, Retrospective Studies, retinal pathology, Modality (human–computer interaction), medicine.diagnostic_test, Receiver operating characteristic, business.industry, deep learning, Retinal, Telemedicine, 030104 developmental biology, chemistry, 030221 ophthalmology & optometry, business, Tomography, Optical Coherence
Abstract

Purpose This study aims to meet a growing need for a fully automated, learning-based interpretation tool for retinal images obtained remotely (e.g. teleophthalmology) through different imaging modalities that may include imperfect (uninterpretable) images. Methods A retrospective study of 1148 optical coherence tomography (OCT) and color fundus photography (CFP) retinal images obtained using Topcon's Maestro care unit on 647 patients with diabetes. To identify retinal pathology, a Convolutional Neural Network (CNN) with dual-modal inputs (i.e. CFP and OCT images) was developed. We developed a novel alternate gradient descent algorithm to train the CNN, which allows for the use of uninterpretable CFP/OCT images (i.e. ungradable images that do not contain sufficient image biomarkers for the reviewer to conclude absence or presence of retinal pathology). Specifically, a 9:1 ratio to split the training and testing dataset was used for training and validating the CNN. Paired CFP/OCT inputs (obtained from a single eye of a patient) were grouped as retinal pathology negative (RPN; 924 images) in the absence of retinal pathology in both imaging modalities, or if one of the imaging modalities was uninterpretable and the other without retinal pathology. If any imaging modality exhibited referable retinal pathology, the corresponding CFP/OCT inputs were deemed retinal pathology positive (RPP; 224 images) if any imaging modality exhibited referable retinal pathology. Results Our approach achieved 88.60% (95% confidence interval [CI] = 82.76% to 94.43%) accuracy in identifying pathology, along with the false negative rate (FNR) of 12.28% (95% CI = 6.26% to 18.31%), recall (sensitivity) of 87.72% (95% CI = 81.69% to 93.74%), specificity of 89.47% (95% CI = 83.84% to 95.11%), and area under the curve of receiver operating characteristic (AUC-ROC) was 92.74% (95% CI = 87.71% to 97.76%). Conclusions Our model can be successfully deployed in clinical practice to facilitate automated remote retinal pathology identification. Translational Relevance A fully automated tool for early diagnosis of retinal pathology might allow for earlier treatment and improved visual outcomes.

Published
2021
Full Text
View/download PDF

45. Attack-Resilient State Estimation for Noisy Dynamical Systems

Author

George J. Pappas, Insup Lee, and Miroslav Pajic

Subjects
0209 industrial biotechnology, Engineering, Control and Optimization, Dynamical systems theory, Noise measurement, Linear programming, Computer Networks and Communications, business.industry, Estimator, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Identification (information), Noise, 020901 industrial engineering & automation, Control and Systems Engineering, Control theory, Norm (mathematics), Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, business, Computer Science::Cryptography and Security
Abstract

Several recent incidents have clearly illustrated the susceptibility of cyberphysical systems (CPS) to attacks, raising attention to security challenges in these systems. The tight interaction between information technology and the physical world has introduced new vulnerabilities that cannot be addressed with the use of standard cryptographic security techniques. Accordingly, the problem of state estimation in the presence of sensor and actuator attacks has attracted significant attention in the past. Unlike the existing work, in this paper, we consider the problem of attack-resilient state estimation in the presence of bounded-size noise. We focus on the most general model for sensor attacks where any signal can be injected via compromised sensors. Specifically, we present an $l_0$ -based state estimator that can be formulated as a mixed-integer linear program and its convex relaxation based on the $l_1$ norm. For both attack-resilient state estimators, we derive rigorous analytic bounds on the state-estimation errors caused by the presence of noise. Our analysis shows that the worst-case error is linear with the size of the noise and, thus, the attacker cannot exploit the noise to introduce unbounded state-estimation errors. Finally, we show how the $l_0$ and $l_1$ -based attack-resilient state estimators can be used for sound attack detection and identification; we provide conditions on the size of attack vectors that ensure correct identification of compromised sensors.

Published
2017
Full Text
View/download PDF

46. An optimal graph-search method for secure state estimation

Author

Michael M. Zavlanos, Miroslav Pajic, and Xusheng Luo

Subjects
FOS: Computer and information sciences, 0209 industrial biotechnology, Computer Science - Cryptography and Security, Computer science, 020208 electrical & electronic engineering, Systems and Control (eess.SY), 02 engineering and technology, Electrical Engineering and Systems Science - Systems and Control, Execution time, 020901 industrial engineering & automation, Optimization and Control (math.OC), Control and Systems Engineering, Combinatorial complexity, FOS: Mathematics, FOS: Electrical engineering, electronic engineering, information engineering, 0202 electrical engineering, electronic engineering, information engineering, Graph (abstract data type), Search bias, Electrical and Electronic Engineering, Secure state, Estimation methods, Mathematics - Optimization and Control, Cryptography and Security (cs.CR), Algorithm, Computer Science::Cryptography and Security
Abstract

The growing complexity of modern Cyber-Physical Systems (CPS) and the frequent communication between their components make them vulnerable to malicious attacks. As a result, secure state estimation is a critical requirement for the control of these systems. Many existing secure state estimation methods suffer from combinatorial complexity which grows with the number of states and sensors in the system. This complexity can be mitigated using optimization-based methods that relax the original state estimation problem, although at the cost of optimality as these methods often identify attack-free sensors as attacked. In this paper, we propose a new optimal graph-search algorithm to correctly identify malicious attacks and to securely estimate the states even in large-scale CPS modeled as linear time-invariant systems. The graph consists of layers, each one containing two nodes capturing a truth assignment of any given sensor, and directed edges connecting adjacent layers only. Then, our algorithm searches the layers of this graph incrementally, favoring directions at higher layers with more attack-free assignments, while actively managing a repository of nodes to be expanded at later iterations. The proposed search bias and the ability to revisit nodes in the repository and self-correct, allow our graph-search algorithm to reach the optimal assignment faster and tackle larger problems. We show that our algorithm is complete and optimal provided that process and measurement noises do not dominate the attack signal. Moreover, we provide numerical simulations that demonstrate the ability of our algorithm to correctly identify attacked sensors and securely reconstruct the state. Our simulations show that our method outperforms existing algorithms both in terms of optimality and execution time., Comment: 16 pages, 10 figures

Published
2021
Full Text
View/download PDF

47. Security-Aware Synthesis Using Delayed-Action Games

Author

Miroslav Pajic, Mahmoud Elfar, and Yu Wang

Subjects
Model checking, 050101 languages & linguistics, Formalism (philosophy of mathematics), Theoretical computer science, Computer science, 05 social sciences, 0202 electrical engineering, electronic engineering, information engineering, Strategy synthesis, 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, 02 engineering and technology, Reactive system
Abstract

Stochastic multiplayer games (SMGs) have gained attention in the field of strategy synthesis for multi-agent reactive systems. However, standard SMGs are limited to modeling systems where all agents have full knowledge of the state of the game. In this paper, we introduce delayed-action games (DAGs) formalism that simulates hidden-information games (HIGs) as SMGs, where hidden information is captured by delaying a player’s actions. The elimination of private variables enables the usage of SMG off-the-shelf model checkers to implement HIGs. Furthermore, we demonstrate how a DAG can be decomposed into subgames that can be independently explored, utilizing parallel computation to reduce the model checking time, while alleviating the state space explosion problem that SMGs are notorious for. In addition, we propose a DAG-based framework for strategy synthesis and analysis. Finally, we demonstrate applicability of the DAG-based synthesis framework on a case study of a human-on-the-loop unmanned-aerial vehicle system under stealthy attacks, where the proposed framework is used to formally model, analyze and synthesize security-aware strategies for the system.

Published
2019
Full Text
View/download PDF

48. Continuous Estimation Using Context-Dependent Discrete Measurements

Author

Miroslav Pajic, Nikolay Atanasov, James Weimer, Insup Lee, George J. Pappas, and Radoslav Ivanov

Subjects
0209 industrial biotechnology, Computer science, Covariance matrix, Gaussian, Applied Mathematics, Mechanical Engineering, Posterior probability, probit measurement model, Context (language use), Probit, 02 engineering and technology, Filter (signal processing), Computer Science Applications, symbols.namesake, 020901 industrial engineering & automation, Industrial Engineering & Automation, Control and Systems Engineering, Context-aware state estimation, discrete context measurements, Bounded function, estimation of blood oxygen content, symbols, Electrical and Electronic Engineering, Algorithm, Eigenvalues and eigenvectors
Abstract

This paper considers the problem of continuous state estimation from discrete context-based measurements. Context measurements provide binary information as obtained from the system's environment, e.g., a medical alarm indicating that a vital sign is above a certain threshold. Since they provide state information, these measurements can be used for estimation purposes, similar to standard continuous measurements, especially when standard sensors are biased or attacked. Context measurements are assumed to have a known probability of occurring given the state; in particular, we focus on the probit function to model threshold-based measurements, such as the medical-alarm scenario. We develop a recursive context-aware filter by approximating the posterior distribution with a Gaussian distribution with the same first two moments as the true posterior. We show that the filter's expected uncertainty is bounded when the probability of receiving context measurements is lower bounded by some positive number for all system states. Furthermore, we provide an observability-like result—all eigenvalues of the filter's covariance matrix converge to 0 after repeated updates if and only if a persistence of excitation condition holds for the context measurements. Finally, in addition to simulation evaluations, we applied the filter to the problem of estimating a patient's blood oxygen content during surgery using real-patient data.

Published
2019

49. Statistical Model Checking for Hyperproperties

Author

Siddhartha Nalluri, Yu Wang, Borzoo Bonakdarpour, and Miroslav Pajic

Subjects
Model checking, FOS: Computer and information sciences, Computer Science - Logic in Computer Science, Theoretical computer science, Dining cryptographers problem, Computer Science - Cryptography and Security, Markov chain, Computer science, Formal Languages and Automata Theory (cs.FL), Probabilistic logic, Markov process, Computer Science - Formal Languages and Automata Theory, Logic in Computer Science (cs.LO), symbols.namesake, symbols, Temporal logic, Cache, Cryptography and Security (cs.CR), Vulnerability (computing)
Abstract

Hyperproperties have shown to be a powerful tool for expressing and reasoning about information-flow security policies. In this paper, we investigate the problem of statistical model checking (SMC) for hyperproperties. Unlike exhaustive model checking, SMC works based on drawing samples from the system at hand and evaluate the specification with statistical confidence. The main benefit of applying SMC over exhaustive techniques is its efficiency and scalability. To reason about probabilistic hyperproperties, we first propose the temporal logic HyperPCLT* that extends PCTL* and HyperPCTL. We show that HyperPCLT* can express important probabilistic information-flow security policies that cannot be expressed with HyperPCTL. Then, we introduce SMC algorithms for verifying HyperPCLT* formulas on discrete-time Markov chains, based on sequential probability ratio tests (SPRT) with a new notion of multi-dimensional indifference region. Our SMC algorithms can handle both non-nested and nested probability operators for any desired significance level. To show the effectiveness of our technique, we evaluate our SMC algorithms on four case studies focused on information security: timing side-channel vulnerability in encryption, probabilistic anonymity in dining cryptographers, probabilistic noninterference of parallel programs, and the performance of a randomized cache replacement policy that acts as a countermeasure against cache flush attacks.

Published
2019
Full Text
View/download PDF

50. Hyperproperties for Robotics: Planning via HyperLTL

Author

Siddhartha Nalluri, Yu Wang, and Miroslav Pajic

Subjects
Model checking, FOS: Computer and information sciences, 0209 industrial biotechnology, Theoretical computer science, Scope (project management), Computer science, business.industry, Formal Languages and Automata Theory (cs.FL), Robotics, Computer Science - Formal Languages and Automata Theory, 02 engineering and technology, Formal methods, Automaton, Computer Science - Robotics, 020901 industrial engineering & automation, Linear temporal logic, Robustness (computer science), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Temporal logic, Artificial intelligence, business, Robotics (cs.RO)
Abstract

There is a growing interest on formal methods-based robotic planning for temporal logic objectives. In this work, we extend the scope of existing synthesis methods to hyper-temporal logics. We are motivated by the fact that important planning objectives, such as optimality, robustness, and privacy, (maybe implicitly) involve the interrelation between multiple paths. Such objectives are thus hyperproperties, and cannot be expressed with usual temporal logics like the linear temporal logic (LTL). We show that such hyperproperties can be expressed by HyperLTL, an extension of LTL to multiple paths. To handle the complexity of planning with HyperLTL specifications, we introduce a symbolic approach for synthesizing planning strategies on discrete transition systems. Our planning method is evaluated on several case studies.

Published
2019
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results