Your search keyword '"Cyber-physical systems"' showing total 222 results

1. Safety in Autonomous Driving: Can Tools Offer Guarantees?

Author

Fremont, Daniel J, Sangiovanni-Vincentelli, Alberto L, and Seshia, Sanjit A

Subjects

Autonomous vehicles, formal verification, design methodology, cyber-physical systems, machine learning

Abstract

Persistent challenges in making autonomous vehicles safe and reliable have hampered their widespread deployment. We believe that formal methods will play an essential role in the enterprise of ensuring AV safety by providing tools for the modeling, verification, synthesis, and runtime assurance of AV systems. In this paper, we outline the progress we and others have made towards this goal, and the challenges that remain.

Published

2021

2. Virtualized Environments to Analyze Cyber-Physical Attacks and Defenses

Author

Salazar, Luis Eduardo

Subjects

Computer science, Information technology, Cyber-Physical Systems, Cybersecurity, Malware Analysis, Virtualization

Abstract

The ever-increasing ubiquity of cyber-physical systems is creating an attractive target for developing malware and cyber attacks. From consumer-grade IoT devices like drones to specialized industrial equipment in critical infrastructure, many new and varied attacks and malware emerge to afflict these systems, impacting the physical environment and processes handled by the devices.A fundamental part of protecting a system against malware and cyber attacks involves understanding the nature of the attack to devise an effective countermeasure. However, due to the nature of some of these systems, a comprehensive analysis might be unfeasible or outright dangerous. To overcome this limitation, we propose using a virtualized scenario, emulating the system's behavior, more specifically the physical and networking behavior, to dynamically analyze cyber-attacks and malware without compromising the physical integrity of the systems and their environment.We first test the feasibility of this idea by simulating cyber-attacks against a virtual quadcopter drone before testing the attacks on its physical counterpart once the attacks are deemed "safe" for the user and the drone. Then, we emulate an industrial process using software-defined networks to evaluate the feasibility of implementing defense mechanisms against attacks with some features provided by software-defined networks. Finally, we combine the virtualization of cyber-physical systems and the use of software-defined networks to simulate a power grid system to dynamically analyze the behavior of an actual malware known as "Win32.Industroyer" by infecting a virtual machine in an isolated virtual environment. Our ultimate goal is to refine a framework to allow researchers to safely simulate cyber-physical systems to test attacks, defenses, and malware against a virtual avatar of the existing system.

Published

2024

3. Parallel and Multi-objective Falsification with Scenic and VerifAI

Author

Viswanadha, Kesav, Kim, Edward, Indaheng, Francis, Fremont, Daniel J, and Seshia, Sanjit A

Subjects

Runtime verification, Formal methods, Falsification, Cyber-physical systems, Autonomous systems, Parallelization, Artificial Intelligence & Image Processing

Abstract

Falsification has emerged as an important tool for simulation-based verification of autonomous systems. In this paper, we present extensions to the Scenic scenario specification language and VerifAI toolkit that improve the scalability of sampling-based falsification methods by using parallelism and extend falsification to multi-objective specifications. We first present a parallelized framework that is interfaced with both the simulation and sampling capabilities of Scenic and the falsification capabilities of VerifAI, reducing the execution time bottleneck inherently present in simulation-based testing. We then present an extension of VerifAI ’s falsification algorithms to support multi-objective optimization during sampling, using the concept of rulebooks to specify a preference ordering over multiple metrics that can be used to guide the counterexample search process. Lastly, we evaluate the benefits of these extensions with a comprehensive set of benchmarks written in the Scenic language.

Published

2021

4. Real-Time Attack-Recovery for Cyber-Physical Systems Using Linear Approximations

Author

Zhang, Lin, Chen, Xin, Kong, Fanxin, and Cardenas, Alvaro A

Subjects

cyber-physical systems, security, sensor attacks, recovery, real-time

Abstract

Attack detection and recovery are fundamental elements for the operation of safe and resilient cyber-physical systems. Most of the literature focuses on attack-detection, while leaving attack-recovery as an open problem. In this paper, we propose novel attack-recovery control for securing cyber-physical systems. Our recovery control consists of new concepts required for a safe response to attacks, which includes the removal of poisoned data, the estimation of the current state, a prediction of the reachable states, and the online design of a new controller to recover the system. The synthesis of such recovery controllers for cyber-physical systems has barely investigated so far. To fill this void, we present a formal method-based approach to online compute a recovery control sequence that steers a system under an ongoing sensor attack from the current state to a target state such that no unsafe state is reachable on the way. The method solves a reach-avoid problem on a Linear Time-Invariant (LTI) model with the consideration of an error bound ? = 0. The obtained recovery control is guaranteed to work on the original system if the behavioral difference between the LTI model and the system's plant dynamics is not larger than ?. Since a recovery control should be obtained and applied at the runtime of the system, in order to keep its computational time cost as low as possible, our approach firstly builds a linear programming restriction with the accordingly constrained safety and target specifications for the given reach-avoid problem, and then uses a linear programming solver to find a solution. To demonstrate the effectiveness of our method, we provide (a) the comparison to the previous work over 5 system models under 3 sensor attack scenarios: modification, delay, and reply; (b) a scalability analysis based on a scalable model to evaluate the performance of our method on large-scale systems.

Published

2020

5. Real-Time Attack-Recovery for Cyber-Physical Systems Using Linear Approximations

Author

Zhang, L, Chen, X, Kong, F, and Cardenas, AA

Subjects

cyber-physical systems, security, sensor attacks, recovery, real-time

Abstract

Attack detection and recovery are fundamental elements for the operation of safe and resilient cyber-physical systems. Most of the literature focuses on attack-detection, while leaving attack-recovery as an open problem. In this paper, we propose novel attack-recovery control for securing cyber-physical systems. Our recovery control consists of new concepts required for a safe response to attacks, which includes the removal of poisoned data, the estimation of the current state, a prediction of the reachable states, and the online design of a new controller to recover the system. The synthesis of such recovery controllers for cyber-physical systems has barely investigated so far. To fill this void, we present a formal method-based approach to online compute a recovery control sequence that steers a system under an ongoing sensor attack from the current state to a target state such that no unsafe state is reachable on the way. The method solves a reach-avoid problem on a Linear Time-Invariant (LTI) model with the consideration of an error bound ? = 0. The obtained recovery control is guaranteed to work on the original system if the behavioral difference between the LTI model and the system's plant dynamics is not larger than ?. Since a recovery control should be obtained and applied at the runtime of the system, in order to keep its computational time cost as low as possible, our approach firstly builds a linear programming restriction with the accordingly constrained safety and target specifications for the given reach-avoid problem, and then uses a linear programming solver to find a solution. To demonstrate the effectiveness of our method, we provide (a) the comparison to the previous work over 5 system models under 3 sensor attack scenarios: modification, delay, and reply; (b) a scalability analysis based on a scalable model to evaluate the performance of our method on large-scale systems.

Published

2020

6. DARIA: Designing Actuators to Resist Arbitrary Attacks Against Cyber-Physical Systems

Author

Giraldo, Jairo, Kafash, Sahand Hadizadeh, Ruths, Justin, and Cardenas, Alvaro A

Subjects

Distributed Computing and Systems Software, Information and Computing Sciences, Engineering, Cybersecurity and Privacy, Cyber-Physical Systems, Optimal Defense, Security-by-Design

Abstract

In the past decade we have seen an active research community proposing attacks and defenses to Cyber-Physical Systems (CPS). Most of these attacks and defenses have been heuristic in nature, limiting the attacker to a set of predefined operations, and proposing defenses with unclear security guarantees. In this paper, we propose a generic adversary model that can capture any type of attack (our attacker is not constrained to follow specific attacks such as replay, delay, or bias) and use it to design security mechanisms with provable security guarantees. In particular, we propose a new secure design paradigm we call DARIA: Designing Actuators to Resist arbItrary Attacks. The main idea behind DARIA is the design of physical limits to actuators in order to prevent attackers from arbitrarily manipulating the system, irrespective of their point of attack (sensors or actuators) or the specific attack algorithm (bias, replay, delays, etc.). As far as we are aware, we are the first research team to propose the design of physical limits to actuators in a control loop in order to keep the system secure against attacks. We demonstrate the generality of our proposal on simulations of vehicular platooning and industrial processes.

Published

2020

7. Learning Behavior of Distribution System Discrete Control Devices for Cyber-Physical Security

Author

Roberts, Ciaran, Scaglione, Anna, Jamei, Gentz, Reinhard, Peisert, Sean, Stewart, Emma M, McParland, Chuck, McEachern, Alex, and Arnold, Daniel

Subjects

Information and Computing Sciences, Engineering, Cybersecurity and Privacy, Affordable and Clean Energy, Cyber-physical systems, power system security, power distribution, data analysis, network security, Electrical and Electronic Engineering, Interdisciplinary Engineering, Electrical engineering, Electronics, sensors and digital hardware, Distributed computing and systems software

Abstract

Conventional cyber-security intrusion detection systems monitor network traffic for malicious activity and indications that an adversary has gained access to the system. The approach discussed here expands the idea of a traditional intrusion detection system within electrical power systems, specifically power distribution networks, by monitoring the physical behavior of the grid. This is achieved through the use of high-rate distribution Phasor Measurement Units (PMUs), alongside SCADA packets analysis, for the purpose of monitoring the behavior of discrete control devices. In this work we present a set of algorithms for passively learning the control logic of voltage regulators and switched capacitor banks. Upon detection of an abnormal operation, the operator is alerted and further action can be taken. The proposed learning algorithms are validated on both simulated data and on measured PMU data from a utility pilot deployment site.

Published

2020

8. Compositional Falsification of Cyber-Physical Systems with Machine Learning Components

Author

Dreossi, Tommaso, Donzé, Alexandre, and Seshia, Sanjit A

Subjects

Cyber-physical systems, Machine learning, Falsification, Temporal logic, Deep learning, Neural networks, Autonomous driving, Artificial Intelligence and Image Processing, Computation Theory and Mathematics, Cognitive Sciences, Computation Theory & Mathematics

Abstract

Cyber-physical systems (CPS), such as automotive systems, are starting to include sophisticated machine learning (ML) components. Their correctness, therefore, depends on properties of the inner ML modules. While learning algorithms aim to generalize from examples, they are only as good as the examples provided, and recent efforts have shown that they can produce inconsistent output under small adversarial perturbations. This raises the question: can the output from learning components lead to a failure of the entire CPS? In this work, we address this question by formulating it as a problem of falsifying signal temporal logic specifications for CPS with ML components. We propose a compositional falsification framework where a temporal logic falsifier and a machine learning analyzer cooperate with the aim of finding falsifying executions of the considered model. The efficacy of the proposed technique is shown on an automatic emergency braking system model with a perception component based on deep neural networks.

Published

2019

9. Detecting control system misbehavior by fingerprinting programmable logic controller functionality

Author

Stockman, Melissa, Dwivedi, Dipankar, Gentz, Reinhard, and Peisert, Sean

Subjects

Information and Computing Sciences, Engineering, Engineering Practice and Education, programmable logic controller, cybersecurity, side channels, cyber-physical systems, machine learning, Computation Theory and Mathematics, Civil Engineering

Abstract

In recent years, attacks such as the Stuxnet malware have demonstrated that cyberattacks against control systems cause extensive damage. These attacks can result in physical damage to the networked systems under their control. In this paper, we discuss our approach for detecting such attacks by distinguishing between programs running on a programmable logic controller (PLC) without having to monitor communications. Using power signatures generated by an attached, high-frequency power measurement device, we can identify what a PLC is doing and when an attack may have altered what the PLC should be doing. To accomplish this, we generated labeled data for testing our methods and applied feature engineering techniques and machine learning models. The results demonstrate that Random Forests and Convolutional Neural Networks classify programs with up to 98% accuracy for major program differences and 84% accuracy for minor differences. Our results can be used for both online and offline applications.

Published

2019

10. Detecting control system misbehavior by fingerprinting programmable logic controller functionality

Author

Stockman, M, Dwivedi, D, Gentz, R, and Peisert, S

Subjects

programmable logic controller, cybersecurity, side channels, cyber-physical systems, machine learning, Computation Theory and Mathematics, Civil Engineering

Abstract

In recent years, attacks such as the Stuxnet malware have demonstrated that cyberattacks against control systems cause extensive damage. These attacks can result in physical damage to the networked systems under their control. In this paper, we discuss our approach for detecting such attacks by distinguishing between programs running on a programmable logic controller (PLC) without having to monitor communications. Using power signatures generated by an attached, high-frequency power measurement device, we can identify what a PLC is doing and when an attack may have altered what the PLC should be doing. To accomplish this, we generated labeled data for testing our methods and applied feature engineering techniques and machine learning models. The results demonstrate that Random Forests and Convolutional Neural Networks classify programs with up to 98% accuracy for major program differences and 84% accuracy for minor differences. Our results can be used for both online and offline applications.

Published

2019

11. VerifAI: A Toolkit for the Formal Design and Analysis of Artificial Intelligence-Based Systems

Author

Dreossi, Tommaso, Fremont, Daniel J, Ghosh, Shromona, Kim, Edward, Ravanbakhsh, Hadi, Vazquez-Chanlatte, Marcell, and Seshia, Sanjit A

Subjects

Mental health, Formal methods, Falsification, Simulation, Cyber-physical systems, Machine learning, Artificial intelligence, Autonomous vehicles, cs.AI, Artificial Intelligence & Image Processing

Abstract

We present VerifAI, a software toolkit for the formal design and analysis of systems that include artificial intelligence (AI) and machine learning (ML) components. VerifAI particularly addresses challenges with applying formal methods to ML components such as perception systems based on deep neural networks, as well as systems containing them, and to model and analyze system behavior in the presence of environment uncertainty. We describe the initial version of VerifAI, which centers on simulation-based verification and synthesis, guided by formal models and specifications. We give examples of several use cases, including temporal-logic falsification, model-based systematic fuzz testing, parameter synthesis, counterexample analysis, and data set augmentation.

Published

2019

12. A Framework for Privacy-Preserving Data Publishing with Enhanced Utility for Cyber-Physical Systems

Author

Sangogboye, Fisayo Caleb, Jia, Ruoxi, Hong, Tianzhen, Spanos, Costas, and Kjærgaard, Mikkel Baun

Subjects

Engineering, Electronics, Sensors and Digital Hardware, Networking and Information Technology R&D (NITRD), Privacy preservation, k-anonymity, smart buildings, deep learning, cyber-physical systems, Distributed Computing, Electrical and Electronic Engineering, Communications Technologies, Networking & Telecommunications, Electronics, sensors and digital hardware

Abstract

Cyber-physical systems have enabled the collection of massive amounts of data in an unprecedented level of spatial and temporal granularity. Publishing these data can prosper big data research, which, in turn, helps improve overall system efficiency and resiliency. The main challenge in data publishing is to ensure the usefulness of published data while providing necessary privacy protection. In our previous work (Jia et al. 2017a), we presented a privacy-preserving data publishing framework (referred to as PAD hereinafter), which can guarantee k-anonymity while achieving better data utility than traditional anonymization techniques. PAD learns the information of interest to data users or features from their interactions with the data publishing system and then customizes data publishing processes to the intended use of data. However, our previous work is only applicable to the case where the desired features are linear in the original data record. In this article, we extend PAD to nonlinear features. Our experiments demonstrate that for various data-driven applications, PAD can achieve enhanced utility while remaining highly resilient to privacy threats.

Published

2018

13. A framework for privacy-preserving data publishing with enhanced utility for cyber-physical systems

Author

Caleb Sangogboye, F, Jia, R, Hong, T, Spanos, C, and Baun Kjærgaard, M

Subjects

Privacy preservation, k-anonymity, smart buildings, deep learning, cyber-physical systems, Networking and Information Technology R&D, Distributed Computing, Networking & Telecommunications, Communications Technologies, Electrical and Electronic Engineering

Abstract

Cyber-physical systems have enabled the collection of massive amounts of data in an unprecedented level of spatial and temporal granularity. Publishing these data can prosper big data research, which, in turn, helps improve overall system efficiency and resiliency. The main challenge in data publishing is to ensure the usefulness of published data while providing necessary privacy protection. In our previous work (Jia et al. 2017a), we presented a privacy-preserving data publishing framework (referred to as PAD hereinafter), which can guarantee k-anonymity while achieving better data utility than traditional anonymization techniques. PAD learns the information of interest to data users or features from their interactions with the data publishing system and then customizes data publishing processes to the intended use of data. However, our previous work is only applicable to the case where the desired features are linear in the original data record. In this article, we extend PAD to nonlinear features. Our experiments demonstrate that for various data-driven applications, PAD can achieve enhanced utility while remaining highly resilient to privacy threats.

Published

2018

14. SMC: Satisfiability Modulo Convex Programming

Author

Shoukry, Yasser, Nuzzo, Pierluigi, Sangiovanni-Vincentelli, Alberto L, Seshia, Sanjit A, Pappas, George J, and Tabuada, Paulo

Subjects

Engineering, Electronics, Sensors and Digital Hardware, Cyber-physical systems, system-level design, system verification, Artificial Intelligence and Image Processing, Biomedical Engineering, Electrical and Electronic Engineering, Electronics, sensors and digital hardware

Abstract

The design of cyber-physical systems (CPSs) requires methods and tools that can efficiently reason about the interaction between discrete models, e.g., representing the behaviors of 'cyber' components, and continuous models of physical processes. Boolean methods such as satisfiability (SAT) solving are successful in tackling large combinatorial search problems for the design and verification of hardware and software components. On the other hand, problems in control, communications, signal processing, and machine learning often rely on convex programming as a powerful solution engine. However, despite their strengths, neither approach would work in isolation for CPSs. In this paper, we present a new satisfiability modulo convex programming (SMC) framework that integrates SAT solving and convex optimization to efficiently reason about Boolean and convex constraints at the same time. We exploit the properties of a class of logic formulas over Boolean and nonlinear real predicates, termed monotone satisfiability modulo convex formulas, whose satisfiability can be checked via a finite number of convex programs. Following the lazy satisfiability modulo theory (SMT) paradigm, we develop a new decision procedure for monotone SMC formulas, which coordinates SAT solving and convex programming to provide a satisfying assignment or determine that the formula is unsatisfiable. A key step in our coordination scheme is the efficient generation of succinct infeasibility proofs for inconsistent constraints that can support conflict-driven learning and accelerate the search. We demonstrate our approach on different CPS design problems, including spacecraft docking mission control, robotic motion planning, and secure state estimation. We show that SMC can handle more complex problem instances than state-of-the-art alternative techniques based on SMT solving and mixed integer convex programming.

Published

2018

15. Kestrel: Video Analytics for Augmented Multi-Camera Vehicle Tracking

Author

Qiu, Hang, Liu, Xiaochen, Rallapalli, Swati, Bency, Archith J, Chan, Kevin, Urgaonkar, Rahul, Manjunath, BS, and Govindan, Ramesh

Subjects

Data Management and Data Science, Distributed Computing and Systems Software, Information and Computing Sciences, Machine Learning and Artificial Intelligence, Networking and Information Technology R&D (NITRD), Cyber-physical Systems, Video Analytics, Vehicle Trajectory Inference, Heterogeneous Camera Network

Published

2018

16. Safe and Secure Optimization in Human-Cyber-Physical Systems

Author

Turan, Berkay

Subjects

Artificial intelligence, Electrical engineering, Mathematics, Cyber-physical Systems, Federated Learning, Network Resource Allocation, Optimization, Reinforcement Learning, Theoretical Machine Learning

Abstract

In our rapidly evolving technological landscape, the proliferation of enabling technologies for autonomous systems has given rise to a burgeoning realm of societal-scale smart systems. One noteworthy category within this domain is Human-Cyber-Physical Systems (H-CPS), which encompass physical systems controlled by a blend of computer-based algorithms and human inputs. Examples of H-CPS include the smart grid and autonomous transportation systems. These systems harness the potential of distributed computing units, fast communication channels, and real-time data collection, offering efficient mechanisms for their management. This requires a synthesis of tools from distributed optimization, machine learning, game theory, and stochastic control.However, the advent of H-CPS also presents novel challenges. Human decisions, often stochastic and beyond direct control, must be factored into the developed mechanisms. Moreover, the dependable operation of H-CPS hinges on secure communication between physical systems and computing units, raising concerns regarding user data privacy and system security. The growing number of humans and devices generates copious amounts of data from sensing units, necessitating computationally efficient data processing to ensure seamless H-CPS operation.This thesis aims to design network control, optimization, and learning frameworks that enhance safety, robustness, and efficiency in H-CPS, with practical applications in smart infrastructure systems like the power grid and transportation networks. Additionally, its relevance extends to diverse Internet of Things applications, emphasizing user data privacy, such as the development of language models from text data. The thesis unfolds in three interconnected chapters. In the first chapter, we introduce provably efficient and adversarially robust multi-agent optimization algorithms tailored for distributed resource allocation and distributed learning scenarios in the presence of malicious agents. Moving forward to the second chapter, we aim to design prices for shared resources that do not violate hard (mainly physical) constraints of the system, without any two-way communications with the users as common in distributed optimization based methods. The third chapter focuses on crafting and analyzing joint ride pricing and fleet management policies for the control of autonomous urban mobility fleets. Throughout these chapters, we not only analyze the theoretical performance of our proposed mechanisms but also substantiate their effectiveness through extensive simulations on real-world problems.

Published

2023

17. Graph Neural Network for Integrated Circuits and Cyber-Physical Systems Security

Author

YASAEI, ROZHIN

Subjects

Computer engineering, Cyber-Physical Systems, Graph Neural Networks, Hardware IP Piracy, Hardware Trojan, Internet of Things, Security

Abstract

This Ph.D. dissertation presents a comprehensive investigation into addressing security and reliability challenges in embedded and Cyber-Physical Systems (CPS). Our research leverages advanced machine learning techniques such as Graph Neural Networks (GNN) to develop novel methodologies for cross-layer security analysis.This dissertation addresses the growing risk posed by the globalization of the Integrated Circuit (IC) supply chain, whereby the majority of the design, fabrication, and testing processes have been outsourced to untrusted third-party entities across the globe. This development has significantly increased the threat of malicious modifications, known as Hardware Trojans (HTs), being inserted into Third-Party Intellectual Property (3PIP). HTs pose a substantial risk to IC integrity, functionality, and performance.Despite numerous HT detection methods proposed in existing literature, most limitations include reliance on a golden reference circuit, lack of generalizability, limited detection scope, low localization resolution, and manual feature extraction and property definition. Furthermore, the equally important task of HT localization has been neglected.This research proposes an innovative, golden reference-free method for HT detection and localization at the pre-silicon stage of IC development, employing models based on GNN. The circuit design is converted into a graph that is an intrinsic data structure for hardware design and captures the computational structure and data dependencies. We develop a graph classification model to distinguish between HT-free and circuits infected with known or even unknown HTs.To push the boundaries further, we extract node attributes from the HDL code and devise a Graph Convolutional Network (GCN) that facilitates automatic feature extraction, enabling the classification of nodes as either Trojan or benign. This methodology offers an automated approach to HT detection and localization, relieving designers of the need for time-consuming manual code review. The developed method achieves exceptional performance in detecting HT-infected circuits and locating the HT. The approach outlined in this dissertation sets a new benchmark for HT detection and localization, offering a scalable, efficient, and highly accurate tool for securing the pre-silicon IC supply chain.This dissertation expands to encompass the challenges facing IP piracy. The productivity gap, coupled with time-to-market pressure, has led to increased interest in hardware Intellectual Property (IP) core design within the semiconductor industry, dramatically reducing design and verification costs. Recognizing these challenges, this dissertation proposes a novel IP piracy detection methodology, modeling circuits and assessing similarity between IP designs. Contrary to traditional methods that embed a signature within the circuit design, our method does not introduce additional hardware overhead, nor is it vulnerable to removal, masking, or forging attacks. This approach effectively exposes IP infringements, even when the original IP is complicated by the adversary to deceive the IP owner. To represent the circuit accurately for modeling, we translate the hardware design into a data-flow graph due to similar data types and properties and subsequently model it using state-of-the-art graph learning methods. This approach effectively complements the GNN-based techniques proposed earlier in this dissertation, presenting a robust and comprehensive suite of solutions for security and reliability challenges in the semiconductor industry. Moving to the CPS domain, the dissertation addresses security challenges in IoT systems through the development of adaptive anomaly detection methods. The first proposed approach utilizes IoT sensor data and fog computing to ensure data integrity and detect anomalous incidents. The proposed methodology incorporates our sensor association algorithm, LSTM neural networks, and Gaussian estimation for real-time anomaly detection. The dissertation further extends the research to multi-modal data fusion, where the integration of sensor and communication data using GNN enables improved anomaly detection, source identification, and recovery in IoT systems.Overall, this dissertation showcases the application of advanced techniques such as GNN and machine learning in enhancing security and reliability in hardware design and IoT systems. The proposed methodologies for anomaly detection, hardware Trojan detection, IP piracy detection, and cross-layer security analysis contribute to advancing the state-of-the-art in ensuring the integrity and security of critical systems in the digital era.

Published

2023

18. Design Automation of Cyber-Physical Systems: Challenges, Advances, and Opportunities

Author

Seshia, SA, Hu, S, Li, W, and Zhu, Q

Subjects

Cyber-physical systems, design automation, formal verification, formal specification, machine learning, synthesis, human-robot interaction, security, privacy, energy management, automotive engineering, Computer Hardware & Architecture, Electrical and Electronic Engineering, Computer Hardware

Abstract

A cyber-physical system (CPS) is an integration of computation with physical processes whose behavior is defined by both computational and physical parts of the system. In this paper, we present a view of the challenges and opportunities for design automation of CPS. We identify a combination of characteristics that define the challenges unique to the design automation of CPS. We then present selected promising advances in depth, focusing on four foundational directions: combining model-based and data-driven design methods; design for human-in-the-loop systems; component-based design with contracts, and design for security and privacy. These directions are illustrated with examples from two application domains: smart energy systems and next-generation automotive systems.

Published

2017

19. Systems Engineering for Industrial Cyber-Physical Systems Using Aspects

Author

Akkaya, I, Derler, P, Emoto, S, and Lee, EA

Subjects

Actor-oriented modeling, aspect-oriented modeling, cyber-physical systems, model-based design, robotic swarms, Artificial Intelligence and Image Processing, Biomedical Engineering, Electrical and Electronic Engineering

Abstract

One of the biggest challenges in cyber-physical system (CPS) design is their intrinsic complexity, heterogeneity, and multidisciplinary nature. Emerging distributed CPSs integrate a wide range of heterogeneous aspects such as physical dynamics, control, machine learning, and error handling. Furthermore, system components are often distributed over multiple physical locations, hardware platforms, and communication networks. While model-based design (MBD) has tremendously improved the design process, CPS design remains a difficult task. Models are meant to improve understanding of a system, yet this quality is often lost when models become too complicated. In this paper, we show how to use aspect-oriented (AO) modeling techniques in MBD as a systematic way to segregate domains of expertise and cross-cutting concerns within the model. We demonstrate these concepts on actor-oriented models of an industrial robotic swarm application and illustrate the use of AO modeling techniques to manage the complexity. We also show how to use AO modeling for design-space exploration.

Published

2016

20. Computationally Aware Switching Criteria for Hybrid Model Predictive Control of Cyber-Physical Systems

Author

Zhang, Kun, Sprinkle, Jonathan, and Sanfelice, Ricardo G

Subjects

Cyber-physical systems, hybrid control, model predictive control, vehicle control, Electrical and Electronic Engineering, Manufacturing Engineering, Mechanical Engineering, Industrial Engineering & Automation

Abstract

This paper describes hybrid model predictive controllers that switch between two predictor functions based on the uncontrollable divergence metric. The uncontrollable divergence metric relates the computational capabilities of the model predictive controller, to the error of the system due to model mismatch of the predictor function during computation of the solution. The contribution of this paper is in its treatment of the model predictive controller to permit optimization to take multiple timesteps to occur, but still rely on the uncontrollable divergence metric. The results demonstrate the approach for control of a vertical takeoff-and-landing aerial vehicle.

Published

2016

21. Computationally aware control of autonomous vehicles: a hybrid model predictive control approach

Author

Zhang, Kun, Sprinkle, Jonathan, and Sanfelice, Ricardo G

Subjects

Vehicle control, Model predictive control, Hybrid control, Model error evaluation, Cyber-physical systems, Artificial Intelligence and Image Processing, Mechanical Engineering, Cognitive Sciences, Industrial Engineering & Automation

Abstract

© 2015 Springer Science+Business Media New York Model predictive control (MPC) is a common approach to the control of trajectory-following systems. For nonlinear plants such as car-like robots, methods for path planning and following have the advantage of concurrently solving problems of obstacle avoidance, feasible trajectory selection, and trajectory following. A prediction function for the plant is used to simulate the trajectory with a candidate stream of inputs. Constraints on control inputs and state values, used to ensure safe trajectories and to avoid obstacles, are encoded into a cost function, and optimization routines (at runtime) compute the trajectories and their corresponding control inputs. Such approaches are computationally intensive, and in the nonlinear case the computational burden generally grows as a predictive model more closely approximates a nonlinear plant. In situations where system safety is paramount, guaranteeing model accuracy (in order to achieve more accurate behavior) comes at the cost of increased computation time, which results in increased travel time without a new solution. While the computational burden of predictive methods can be addressed through model reduction, the cost of modeling error over the prediction horizon is high and can lead to unfeasible results. In this paper, we consider the problem of controlling a ground vehicle under constraints and propose an algorithm that employs two models of the vehicle for model predictive control, one coarse and the other more accurate. We introduce a metric called uncontrollable divergence and, using this metric, propose a mechanism to select the model to use in the predictive controller. The novel property of the metric is that it reveals the divergence between predicted and true states caused by return time and model mismatch. More precisely, a map of uncontrollable divergence plotted over the state space gives the criterion to judge where coarse models can be tolerated when a high update rate is preferred (e.g., at high speed and small steering angles), and where high-fidelity models are required to avoid obstacles or make tighter curves (e.g., at large steering angles). With this metric, we design a controller that switches at runtime between predictive controllers in which respective models are deployed. The algorithm is a hybrid controller, which evaluates the proposed metric to select the discrete vehicle model to use for prediction and optimization. We say that the approach is computationally aware, in that the optimization time of each predictive model is dependent on the computation substrate used (chipset, machine architecture, etc.); if a different computational platform is used, then the uncontrollable divergence calculations will lead to a hybrid controller suitable to meet the computation demands for that platform. While the ideas are presented for the solution of a vehicle control problem, the approach has the potential to impact other computationally-demanding cyber-physical systems. The paper extends (Zhang et al., Proceedings of the international conference on cyber-physical system, Seattle, 2015) in a significant way, by demonstrating the calculation of uncontrollable divergence on a physical platform, by characterizing MPC return time as a function of the number of obstacles, and by simulating performance with trajectories that must navigate more obstacles.

Published

2015

22. Combining Induction, Deduction, and Structure for Verification and Synthesis

Author

Seshia, SA

Subjects

Automated deduction, cyber-physical systems, electronic design automation, formal methods, machine learning, security, software engineering, specification, synthesis, verification, Artificial Intelligence and Image Processing, Biomedical Engineering, Electrical and Electronic Engineering

Abstract

Even with impressive advances in formal methods, certain major challenges remain. Chief among these are environment modeling, incompleteness in specifications, and the hardness of underlying decision problems. In this paper, we characterize two trends that show great promise in meeting these challenges. The first trend is to perform verification by reduction to synthesis. The second is to solve the resulting synthesis problem by integrating traditional, deductive methods with inductive inference (learning from examples) using hypotheses about system structure. We present a formalization of such an integration, show how it can tackle hard problems in verification and synthesis, and outline directions for future work.

Published

2015

23. Learning-enabled Cyber-Physical Systems: Challenges and Strategies

Author

Sandha, Sandeep Singh

Subjects

Computer science, Cyber-physical systems, Delay Awareness, End-to-end Control, Hyperparameter Tuning, Reinforcement Learning, Timing Uncertainty

Abstract

Cyber-physical systems (CPS) are increasingly adopting learning-enabled components having deep neural networks in their decision-making pipelines. Deep neural networks show the promise to simplify the CPS pipelines for high-dimensional sensors as they require little pre-processing of data and are shown to be more accurate than their traditional counterparts. However, integrating neural networks into the sense-infer-actuate pipeline of CPS faces several challenges. In this dissertation, we study the following challenges in the context of learning-enabled CPS and propose new algorithms and system design strategies to address them. First, we study the challenge of characterizing uncertainty in sensor data timestamps and its impact on multimodal fusion applications. Motivated by smartphones' integration in several CPS applications, we quantify the data timestamp uncertainty across modern smartphone devices. To our surprise, we find drastic timestamping errors ranging up to multiple seconds in Android devices. Then, we explore if these timing errors are significant enough to impact the neural network's performance. Our evaluation shows that the observed timing errors can cripple the deep neural networks doing multimodal fusion due to data misalignments. Our finding signifies the need to rethink the shared notion of time on smartphones. To mitigate timestamp errors, we introduce approaches to improve time across smartphones having up to 200 microseconds of timing accuracy. We also propose a novel time-shift data augmentation technique to train time-resilient neural networks robust to the inevitability of timing errors and, as such, degrade gracefully in the face of timing errors.As a second challenge, we explore the impact of variable delays on the emerging deep reinforcement learning (RL) controllers, which are preferred due to their capability to handle high-dimensional data. Conventional controllers can model and account for delay variations in their design. However, handling variable delays in deep-RL is challenging as a black-box neural network represents the controller policy. Researchers currently use domain randomization and worst-case delay modeling to train deep-RL policies on a spread of expected delay variations. We demonstrate a significant performance degradation in applications even when using the state-of-the-art domain randomization approach. To address this, we propose Time-in-State RL, a delay-aware deep RL approach that augments the agent's state with temporal properties (sampling interval and execution latency). Time-in-State RL trains policies that show superior performance by adapting to the variable timing characteristics at runtime. We further show the superior performance of Time-in-State to the worst-case delay controllers when worst-case delays are significant. We demonstrate the efficacy of Time-in-State RL on HalfCheetah, Ant, and car in simulation and on a real scaled car robot.Thirdly, we study the challenge of modeling the CPS environment to train end-to-end controllers using deep-RL for closed-loop systems.We specifically consider the example of autonomous pan-tilt-zoom (PTZ) controllers. Existing autonomous PTZ controllers have multiple stages: detecting objects of interest, short-term tracking, and control of pan, tilt and zoom parameters to keep objects in the field of view. The multiple stages suffer from performance bottlenecks as it is difficult to optimize each step. Further, these multiple stages are computationally intensive to be realized in real-time on embedded camera platforms. Despite these shortcomings, developers adopt existing multi-stage solutions due to the lack of simulators needed to develop end-to-end controller policies.We propose Eagle, an end-to-end deep-RL approach using raw images to control a PTZ camera. To enable successful training of Eagle, we also introduce EagleSim, a simulation framework to study PTZ cameras in photo-realistic virtual worlds. Our evaluation across a suite of PTZ tracking scenarios shows that Eagle outperforms current multi-stage approaches by providing superior tracking performance. Further, we also show that Eagle policies are transferable to real-scene videos and are lightweight to enable real-time deployment on Raspberry PI and Jetson Nano class devices.Finally, we study the challenge of developing machine learning classifiers having optimal accuracy within the desired resource budget of CPS applications. Selecting an optimal classifier is becoming increasingly complex, with many choices for classifiers and their rich hyperparameter parameter spaces. Although several hyperparameter tuning frameworks exist, their practical adoption is hindered due to inferior search algorithms, inflexible architecture, software dependencies, or closed source nature. As a solution, we propose designing a lightweight library with a flexible architecture and state-of-the-art parallel optimization algorithms. We present Mango, a parallel hyperparameter tuning library, to realize the proposed design. Mango is currently used in production at Arm for more than 30 months and is available open-source. We evaluate Mango on several benchmarks to highlight its superior performance.We discuss production use cases of Mango in an AutoML framework and commercial CPU design pipeline. We also showcase another advantage of Mango in enabling hardware-aware neural architecture search to transfer deep neural networks to TinyML platforms (microcontroller class devices) used by CPS/IoT applications.

Published

2022

24. A Real-Time Testbed Environment for Cyber-Physical Security on the Power Grid

Author

Koutsandria, Georgia, Gentz, Reinhard, Jamei, Mahdi, Peisert, Sean, Scaglione, Anna, and McParland, Chuck

Subjects

Testbed, power grid, cyber-physical systems, intrusion de- tection systems, cyber-physical security

Abstract

The trustworthiness and security of cyber-physical systems (CPSs), such as the power grid, are of paramount importance to ensure their safe operation, performance, and economic efficiency. The aim of many cyber-physical security techniques, such as network intrusion detection systems (NIDSs) for CPSs, is to ensure continuous reliable operation even in exposed network environments. But the validation of such methods goes well beyond standard network analysis, since meaningful tests must also integrate realistic understanding of the physical systems behavior and response to the network activity. Our goal in this paper is to showcase an example of a testbed environment that can support such validation. In it, real network traffic, emulating and industrial control network, interacts with simulated physical models in real-time, extending and leveraging "hardware-in-the-loop" and "cyber-in-the-loop" capabilities. The testbed is a bridge between theory and practice and offers a number of features, including network communications, data management, as well as the virtualization of cyber-physical state analytics performed by the NIDS. The traffic is captured by real network taps and is forwarded to a real data management environment, receiving also the data reports from the simulated industrial control environment. To illustrate the capabilities of our testbed we show how the data are cross-checked by a "physics aware" NIDS, identifying network traffic that does not comply with its cyber-physical security rules.

Published

2015

25. A Platform-Based Design Methodology With Contracts and Related Tools for the Design of Cyber-Physical Systems

Author

Nuzzo, P, Sangiovanni-Vincentelli, AL, Bresolin, D, Geretti, L, and Villa, T

Subjects

Cyber-physical systems, contract-based design, horizontal and vertical contracts, platform-based design methodology, system design automation, Artificial Intelligence and Image Processing, Biomedical Engineering, Electrical and Electronic Engineering

Abstract

We introduce a platform-based design methodology that uses contracts to specify and abstract the components of a cyber-physical system (CPS), and provide formal support to the entire CPS design flow. The design is carried out as a sequence of refinement steps from a high-level specification to an implementation built out of a library of components at the lower level. We review formalisms and tools that can be used to specify, analyze, or synthesize the design at different levels of abstraction. For each level, we highlight how the contract operations can be concretely computed as well as the research challenges that should be faced to fully implement them. We illustrate our approach on the design of embedded controllers for aircraft electric power distribution systems.

Published

2015

26. Formal methods for semi-autonomous driving

Author

Seshia, Sanjit A, Sadigh, Dorsa, and Sastry, S Shankar

Subjects

Formal verification, synthesis, control, cyber-physical systems, automotive systems, semi-autonomous driving

Abstract

We give an overview of the main challenges in the specification, design, and verification of human cyber-physical systems, with a special focus on semi-autonomous vehicles. We identify unique characteristics of formal modeling, specification, verification and synthesis in this domain. Some initial results and design princIPles are presented along with directions for future work.

Published

2015

27. The Past, Present and Future of Cyber-Physical Systems: A Focus on Models

Author

Lee, Edward A

Subjects

cyber-physical systems, real-time systems, clock synchronization, time synchronization, PRET machines, distributed systems, Analytical Chemistry, Environmental Science and Management, Ecology, Distributed Computing, Electrical and Electronic Engineering

Abstract

This paper is about better engineering of cyber-physical systems (CPSs) through better models. Deterministic models have historically proven extremely useful and arguably form the kingpin of the industrial revolution and the digital and information technology revolutions. Key deterministic models that have proven successful include differential equations, synchronous digital logic and single-threaded imperative programs. Cyber-physical systems, however, combine these models in such a way that determinism is not preserved. Two projects show that deterministic CPS models with faithful physical realizations are possible and practical. The first project is PRET, which shows that the timing precision of synchronous digital logic can be practically made available at the software level of abstraction. The second project is Ptides (programming temporally-integrated distributed embedded systems), which shows that deterministic models for distributed cyber-physical systems have practical faithful realizations. These projects are existence proofs that deterministic CPS models are possible and practical.

Published

2015

28. Formal methods for semi-autonomous driving

Author

Seshia, SA, Sadigh, D, and Sastry, SS

Subjects

Formal verification, synthesis, control, cyber-physical systems, automotive systems, semi-autonomous driving

Abstract

We give an overview of the main challenges in the specification, design, and verification of human cyber-physical systems, with a special focus on semi-autonomous vehicles. We identify unique characteristics of formal modeling, specification, verification and synthesis in this domain. Some initial results and design princIPles are presented along with directions for future work.

Published

2015

29. Designed-in Security for Cyber-Physical Systems

Author

Peisert, Sean, Margulies, Jonathan, Nicol, David M, Khurana, Himanshu, and Sawall, Chris

Subjects

Interviews, Network security, Computer security, Security of data, security, designed-in security, cyber-physical systems, smart-grid security

Abstract

An expert from academia, one from a cyber-physical system (CPS) provider, and one from an end asset owner and user offer their different perspectives on the meaning and challenges of "designed-in security." The academic highlights foundational issues and talks about emerging technology that can help us design and implement secure software in CPSs. The vendor's view includes components of the academic view but emphasizes the secure system development process and the standards that the system must satisfy. The user issues a call to action and offers ideas that will ensure progress.

Published

2014

30. Aspect-oriented modeling of attacks in automotive cyber-physical systems

Author

Wasicek, Armin, Derler, Patricia, and Lee, Edward A

Subjects

Aspect-oriented Modeling, Security, Cyber-Physical Systems

Abstract

This paper introduces aspect-oriented modeling (AOM) as a powerful, model-based design technique to assess the secu- rity of Cyber-Physical Systems (CPS). Particularly in safety- critical CPS such as automotive control systems, the pro- tection against malicious design and interaction faults is paramount to guaranteeing correctness and reliable opera- tion. Essentially, attack models are associated with the CPS in an aspect-oriented manner to evaluate the system under attack. This modeling technique requires minimal changes to the model of the CPS. Using application-specic metrics, the designer can gain insights into the behavior of the CPS under attack. Copyright 2014 ACM.

Published

2014

31. A Contract-Based Methodology for Aircraft Electric Power System Design

Author

Nuzzo, Pierluigi, Xu, Huan, Ozay, Necmiye, Finn, John B, Sangiovanni-Vincentelli, Alberto L, Murray, Richard M, Donzé, Alexandre, and Seshia, Sanjit A

Subjects

Affordable and Clean Energy, Design methodology, design automation, aircraft, power systems, control system synthesis, contract-based design, platform-based design, cyber-physical systems, Information and Computing Sciences, Engineering, Technology

Abstract

In an aircraft electric power system, one or more supervisory control units actuate a set of electromechanical switches to dynamically distribute power from generators to loads, while satisfying safety, reliability, and real-time performance requirements. To reduce expensive redesign steps, this control problem is generally addressed by minor incremental changes on top of consolidated solutions. A more systematic approach is hindered by a lack of rigorous design methodologies that allow estimating the impact of earlier design decisions on the final implementation. To achieve an optimal implementation that satisfies a set of requirements, we propose a platform-based methodology for electric power system design, which enables independent implementation of system topology (i.e., interconnection among elements) and control protocol by using a compositional approach. In our flow, design space exploration is carried out as a sequence of refinement steps from the initial specification toward a final implementation by mapping higher level behavioral and performance models into a set of either existing or virtual library components at the lower level of abstraction. Specifications are first expressed using the formalisms of linear temporal logic, signal temporal logic, and arithmetic constraints on Boolean variables. To reason about different requirements, we use specialized analysis and synthesis frameworks and formulate assume guarantee contracts at the articulation points in the design flow. We show the effectiveness of our approach on a proof-of-concept electric power system design. © 2013 IEEE.

Published

2014

32. Let’s Get Physical: Computer Science Meets Systems

Author

Nuzzo, Pierluigi and Sangiovanni-Vincentelli, Alberto

Subjects

Information and Computing Sciences, Cyber-physical systems, embedded systems, VLSI systems, electronic design automation, platform-based design, contract-based design, assume-guarantee contracts, aircraft electric power system, Artificial Intelligence & Image Processing, Information and computing sciences

Abstract

In cyber-physical systems (CPS) computing, networking and control (typically regarded as the "cyber" part of the system) are tightly intertwined with mechanical, electrical, thermal, chemical or biological processes (the "physical" part). The increasing sophistication and heterogeneity of these systems requires radical changes in the way sense-and-control platforms are designed to regulate them. In this paper, we highlight some of the design challenges due to the complexity and heterogeneity of CPS. We argue that such challenges can be addressed by leveraging concepts that have been instrumental in fostering electronic design automation while dealing with complexity in VLSI system design. Based on these concepts, we introduce a design methodology whereby platform-based design is combined with assume-guarantee contracts to formalize the design process and enable realization of CPS architectures and control software in a hierarchical and compositional manner. We demonstrate our approach on a prototype design of an aircraft electric power system. © 2014 Springer-Verlag Berlin Heidelberg.

Published

2014

33. Constructive Models of Discrete and Continuous Physical Phenomena

Author

Lee, Edward A

Subjects

Modeling, simulation, cyber-physical systems, Information and Computing Sciences, Engineering, Technology

Abstract

This paper studies the semantics of models for discrete physical phenomena, such as rigid body collisions and switching in electronic circuits. This paper combines generalized functions (specifically the Dirac delta function), superdense time, modal models, and constructive semantics to get a rich, flexible, efficient, and rigorous approach to modeling such systems. It shows that many physical scenarios that have been problematic for modeling techniques manifest as nonconstructive models, and that constructive versions of some of the models properly reflect uncertainty in the behavior of the physical systems that plausibly arise from the principles of the underlying physics. This paper argues that these modeling difficulties are not reasonably solved by more detailed continuous models of the underlying physical phenomena. Such more detailed models simply shift the uncertainty to other aspects of the model. Since such detailed models come with a high computational cost, there is little justification in using them unless the goal of modeling is specifically to understand these more detailed physical processes. All models in this paper are implemented in the Ptolemy II modeling and simulation environment and made available online.

Published

2014

34. Let's get physical: Computer science meets systems

Author

Nuzzo, P and Sangiovanni-Vincentelli, A

Subjects

Cyber-physical systems, embedded systems, VLSI systems, electronic design automation, platform-based design, contract-based design, assume-guarantee contracts, aircraft electric power system, Artificial Intelligence & Image Processing

Abstract

In cyber-physical systems (CPS) computing, networking and control (typically regarded as the "cyber" part of the system) are tightly intertwined with mechanical, electrical, thermal, chemical or biological processes (the "physical" part). The increasing sophistication and heterogeneity of these systems requires radical changes in the way sense-and-control platforms are designed to regulate them. In this paper, we highlight some of the design challenges due to the complexity and heterogeneity of CPS. We argue that such challenges can be addressed by leveraging concepts that have been instrumental in fostering electronic design automation while dealing with complexity in VLSI system design. Based on these concepts, we introduce a design methodology whereby platform-based design is combined with assume-guarantee contracts to formalize the design process and enable realization of CPS architectures and control software in a hierarchical and compositional manner. We demonstrate our approach on a prototype design of an aircraft electric power system. © 2014 Springer-Verlag Berlin Heidelberg.

Published

2014

35. Aspect-oriented modeling of attacks in automotive cyber-physical systems

Author

Wasicek, A, Derler, P, and Lee, EA

Subjects

Aspect-oriented Modeling, Security, Cyber-Physical Systems

Abstract

This paper introduces aspect-oriented modeling (AOM) as a powerful, model-based design technique to assess the secu- rity of Cyber-Physical Systems (CPS). Particularly in safety- critical CPS such as automotive control systems, the pro- tection against malicious design and interaction faults is paramount to guaranteeing correctness and reliable opera- tion. Essentially, attack models are associated with the CPS in an aspect-oriented manner to evaluate the system under attack. This modeling technique requires minimal changes to the model of the CPS. Using application-specic metrics, the designer can gain insights into the behavior of the CPS under attack. Copyright 2014 ACM.

Published

2014

36. Constructive models of discrete and continuous physical phenomena

Author

Lee, EA

Subjects

Modeling, simulation, cyber-physical systems, Information and Computing Sciences, Engineering, Technology

Abstract

This paper studies the semantics of models for discrete physical phenomena, such as rigid body collisions and switching in electronic circuits. This paper combines generalized functions (specifically the Dirac delta function), superdense time, modal models, and constructive semantics to get a rich, flexible, efficient, and rigorous approach to modeling such systems. It shows that many physical scenarios that have been problematic for modeling techniques manifest as nonconstructive models, and that constructive versions of some of the models properly reflect uncertainty in the behavior of the physical systems that plausibly arise from the principles of the underlying physics. This paper argues that these modeling difficulties are not reasonably solved by more detailed continuous models of the underlying physical phenomena. Such more detailed models simply shift the uncertainty to other aspects of the model. Since such detailed models come with a high computational cost, there is little justification in using them unless the goal of modeling is specifically to understand these more detailed physical processes. All models in this paper are implemented in the Ptolemy II modeling and simulation environment and made available online.

Published

2014

37. A contract-based methodology for aircraft electric power system design

Author

Nuzzo, P, Xu, H, Ozay, N, Finn, JB, Sangiovanni-Vincentelli, AL, Murray, RM, Donzé, A, and Seshia, SA

Subjects

Design methodology, design automation, aircraft, power systems, control system synthesis, contract-based design, platform-based design, cyber-physical systems, Information and Computing Sciences, Engineering, Technology

Abstract

In an aircraft electric power system, one or more supervisory control units actuate a set of electromechanical switches to dynamically distribute power from generators to loads, while satisfying safety, reliability, and real-time performance requirements. To reduce expensive redesign steps, this control problem is generally addressed by minor incremental changes on top of consolidated solutions. A more systematic approach is hindered by a lack of rigorous design methodologies that allow estimating the impact of earlier design decisions on the final implementation. To achieve an optimal implementation that satisfies a set of requirements, we propose a platform-based methodology for electric power system design, which enables independent implementation of system topology (i.e., interconnection among elements) and control protocol by using a compositional approach. In our flow, design space exploration is carried out as a sequence of refinement steps from the initial specification toward a final implementation by mapping higher level behavioral and performance models into a set of either existing or virtual library components at the lower level of abstraction. Specifications are first expressed using the formalisms of linear temporal logic, signal temporal logic, and arithmetic constraints on Boolean variables. To reason about different requirements, we use specialized analysis and synthesis frameworks and formulate assume guarantee contracts at the articulation points in the design flow. We show the effectiveness of our approach on a proof-of-concept electric power system design. © 2013 IEEE.

Published

2014

38. Data-Driven Online Optimization and Control with Performance Guarantees

Author

Li, Dan

Subjects

Mechanical engineering, Engineering, Operations research, control theory, cyber-physical systems, data-driven systems, numerical algorithms, optimization

Abstract

This thesis considers the analysis and design of algorithms for the management and control of uncertain intelligent systems which are observable through (limited) online-accessible data. Examples include online equity trading systems under extreme price fluctuations, robotic systems moving in unknown environments, and transportation systems subject to uncertain drivers’ actions and other (accident) events.To ensure safe, reliable, and resilient system behaviors, this thesis studies various theoretical problem scenarios, which focus on reducing uncertainty with performance guarantees via the assimilation of streaming data, the data-driven design of control, and online learning of system models, resilient operations in uncertain environments, and anomaly detection.These formulations are largely rooted in two mechanisms: online optimization and distributionally robust optimization, where the first enables online-tractable formulations of the problem, and the latter accounts for systemic uncertainty with high confidence. Both approaches are applicable beyond the particular systems of study, to virtually any type of dynamic system where sensitive data is progressively available and may be exploited to the advantage of management and control. This work is unique in that it brings together current tools in optimization, control of dynamical systems, data-based modeling and probability theory, significantly advancing the state of the art.

Published

2021

39. Usable Security and Verification for Distributed Robotic Systems

Author

White-Magner, Ruffin James

Subjects

Robotics, Computer science, Computer engineering, Cryptobotics, Cyber-Physical Systems, Middleware Networks, Open Source Software, Robotics, Security

Abstract

Security and usability are often paradoxically portrayed as zero-sum trade-offs; this is especially true of cyber-physical systems. Historically, security has taken a back seat in open source robotic software initiatives, such as Robot Operating System (ROS), which have focused on development productivity instead of deployment hardening, and this has contributed, perhaps inadvertently, to the belated adoption of ROS by industry, impeding technical transfer between industry and academia. This dissertation studies methods for automating and verifying middleware configurations to improve the security for distributed robotic systems.We introduce procedural tooling for automating the setup of authenticated encryption and access control across the distributed data bus network used in robotic middleware frameworks, in a concerted effort to remove sources of errors such as human factors during configuration development. This includes an immutable logging framework with which to record event data used by any tooling in order to continuously profile and/or monitor system security. We then present methods for conducting passive reachability and controllability analysis over the data bus, and for combining that with static information flow control to guarantee isolation between sensitive or mission critical computations over larger integrations. Finally, we propose principles for the design, verification, and deployment of robotic architectures composed of partially distrusting components. We seek to establish a set of automated tools, methods, and design principles to compose and audit multiple robotic subsystems into hardened stacks for service and industry, and we call it "Usable Security and Verification for Distributed Robotic Systems."

Published

2021

40. Data-Driven Modeling and Analysis for Trustworthy Cyber-Physical Systems

Author

Faezi, Sina

Subjects

Computer engineering, Cyber-Physical Systems, DNA synthesizer, Hardware Trojan, Hierarchical Temporal Memory, Machine Learning, Security

Abstract

In the age of digitization, a layer of cyber software sits on a hardware circuit and controls the physical systems around us. The tight integration of cyber and physical components is referred to as Cyber-Physical Systems (CPS). The interactions between cyber and physical components brings unique challenges which traditional modeling tools struggle to resolve. Remarkably, they often fail to model the unintentional physical manifestation of cyber-domain information flows (side-channel signals), resulting in trust issues in the system.This thesis takes a data-driven approach to model CPS behavior when exposed to various information flows. First, we demonstrate how to extract valuable cyber-domain information by recording the acoustic noise generated by a DNA synthesizer. Then, we consider an integrated circuit as a CPS by itself and monitor the chip through electromagnetic and power side-channels to detect hardware Trojans (HT) in the chip.HT is a malicious modification of the hardware implementation of a circuit design which may lead to various security issues over the life-cycle of a chip. One of the major challenges for HT detection is its reliance on a trusted reference chip (a.k.a golden chip). However, in practice, manufacturing a golden chip is costly and often considered infeasible. This thesis investigates a creative neural network design and training methodology which eliminates the need for a golden chip. Furthermore, it proposes using hierarchical temporal memory (HTM) as a data-driven approach which can be updated over the chip's life-cycle and uses that for run-time HT detection.

Published

2021

41. On the Design and Analysis of Autonomous Real-Time Systems

Author

Choi, Hyunjong

Subjects

Electrical engineering, Computer engineering, Computer science, autonomous real-time systems, cyber-physical systems, embedded systems, end-to-end latency, ros2, self-driving vehicle

Abstract

This dissertation focuses on the challenges arising from real-time autonomous cyber-physical systems. Since many cyber-physical applications increasingly require high performance to run complex functionalities, e.g., self-driving software stacks, it is essential to use limited resources efficiently on resource-constrained embedded platforms. Besides, as real-time autonomy is expected to become more pervasive in various safety-critical application domains, e.g., aerospace and defense, timeliness end-to-end latency of critical computation chains is particularly crucial because the late response or the violation of timing constraints may cause catastrophic consequences. On top of that, any design and analysis methods to fulfill these requirements should be predictable in order to establish a reliable execution foundation.To address the aforementioned challenges, we develop analyzable yet practical scheduling techniques for practical real-time cyber-physical systems, with examples of autonomous vehicles. First, we propose a novel job-class-level scheduler (JCLS) equipped with a low-complexity analysis tool. The key observation behind this work is that many cyber-physical applications can often tolerate a certain degree of timing violations as long as the number of the violations is predictably bounded. By capturing this effect, JCLS exploits application-specific bounding constraints and efficiently manages limited resources, especially, enables overloaded workloads schedulable on embedded platforms. Secondly, we develop a chain-based scheduling method (CBS) to improve the data freshness of real-time tasks with data dependency. This technique provides better quality-of-service outputs by exploiting the effective job-level information flows in the read-execute-write model which is prevalent in automotive systems. Lastly, we propose a new scheduling architecture design Robot Operating System (ROS2), which is the most popular open-source robotic framework. Unlike the default fairness-based resource management methods in ROS2, our priority-driven chain-aware scheduling (PiCAS) enables prioritization of critical computation chains across system layers to minimize end-to-end latency, and its effectiveness has been verified under real-world scenarios. The contributions of this dissertation pave the road towards designing practical autonomous real-time systems with efficient and predictable scheduling and resource management schemes.

Published

2021

42. Detection and Optimization Algorithms for Cyber-Physical Systems

Author

Bastos Hespanhol, Pedro Ivo

Subjects

Operations research, Artificial intelligence, Statistics, Cyber-Physical Systems, Dynamic Watermarking, Mechanism Design, Non-linear Model Predictive Control, Optimization Algorithms, Real-time Optimal Control

Abstract

Cyber-Physical Systems (CPS) play an ubiquitous role in operation and control in many different domains: power systems, finance, robotics, and automation. The complex interplay between cyber components such as software, communication protocols, computer servers and physical components, such as sensors and pieces of dedicated hardware, requires advanced and sophisticated methods and algorithms that ensure safe and efficient operation. In this thesis we tackle both safety and efficiency: We develop novel detection algorithms that are able to identify malicious attacks, sensor corruption and faulty measurements. Our detection mechanisms have provable guarantees based on rigorous asymptotic and non-asymptotic statistical analysis and can be readily implemented in CPS, such as robotic systems and autonomous vehicles. In addition, we developed collusion detection mechanisms that can be used to identify whether two or more CPS are colluding or not. We also design a mechanism that is able to induce selfish systems/agents to behave cooperatively. We showcase the performance of our algorithms with several different case studies. In our analyses, we place emphasis on algorithms that can be implemented in real-time, that is can be used while the system is under operation in the real-world. On the efficiency side, we developed real-time non-linear Model Predictive Control (MPC) Methods that can provide optimal solutions to the Optimal Control problem faced by the CPS during operation. Our algorithm exploits the control structure and is tailored for implementation in embedded hardware and can operate both with memory and computation time constraints. We showcase the performance of our algorithm with a C/C++ implementation and we compare to several current state-of-the-art Optimal Control solvers. We also extend our methodology to be used together with Pseudo-spectral Methods and Hybrid Systems, developing an integrated Mixed-Integer MPC algorithm that can handle complex non-linear dynamics and both continuous and discrete variables. With this thesis, our goal is to provide real-time practical algorithms that have provable guarantees in performance both in the detection task and in the optimal control task. Our algorithms are based on rigorous theoretical analysis and display very good performance and can be readily implemented in practical Cyber-Physical Systems.

Published

2020

43. Safe Real-World Autonomy in Uncertain and Unstructured Environments

Author

Herbert, Sylvia Lee

Subjects

Electrical engineering, Robotics, Artificial intelligence, autonomous systems, autonomy, control systems, cyber-physical systems, reachability, safety guarantees

Abstract

We are captivated by the promise of autonomous systems in our everyday life. However, ensuring that these systems act safely is an immense challenge: introducing complex systems into real-world uncertain environments while guaranteeing safety at all times is impossible in applications like self-driving vehicles, collaborative factory robots, and assistive robots. These systems will inevitably need to make real-time decisions with limited computational resources, and incomplete knowledge of the environment and other agents. This dissertation is an effort towards achieving trustworthy real-world autonomy by enabling autonomous systems to: (1) make theoretical safety guarantees efficiently based on known information, and(2) bridge the safety gap between this theory and the real world by reasoning about uncertainty in the environment and other agents.Towards this goal this dissertation covers various methods for scalable safety and real-time decision-making that draw from control theory, cognitive science, and learning, and are backed by both rigorous theory and physical testing on robotic platforms. We begin with an overview of reachability analysis and its applications for optimal control with safety guarantees. We then tackle the curse of dimensionality associated with reachability computation by decomposing systems or updating previous solutions in a warm-starting fashion. Next we explore planning in a simplified, low-dimensional space online with precomputed safety guarantees and tracking controls offline. This is extended to meta-planning, in which the online algorithm switches between faster/conservative modes and slower/accurate modes. Then we apply all of these tools towards navigating in uncertain environments among hard-to-predict agents such as human pedestrians. We use Bayesian machine learning methods to reason about human intention and navigate in a probabilistically safe manner. Finally, the dissertation ends with information about code bases and reachability tutorial examples.

Published

2020

44. Resource-Aware Predictive Models in Cyber-Physical Systems

Author

AMIR, MARAL

Subjects

Computer science, Cyber-Physical Systems, Neural Networks, Regularization, Switching Predictive Control

Abstract

Cyber-Physical Systems (CPS) are composed of computing devices interacting with physical systems. Model-based design is a powerful methodology in CPS design in the implementation of control systems. For instance, Model Predictive Control (MPC) is typically implemented in CPS applications, e.g., in path tracking of autonomous vehicles. MPC deploys a model to estimate the behavior of the physical system at future time instants for a specific time horizon. Ordinary Differential Equations (ODE) are the most commonly used models to emulate the behavior of continuous-time (non-)linear dynamical systems. A complex physical model may comprise thousands of ODEs that pose scalability, performance and power consumption challenges. One approach to address these model complexity challenges are frameworks that automate the development of model-to-model transformation. In this dissertation, a state-based model with tunable parameters is proposed to operate as a reconfigurable predictive model of the physical system. Moreover, we propose a run-time switching algorithm that selects the best model using machine learning. We employed a metric that formulates the trade-off between the error and computational savings due to model reduction. Building statistical models are constrained to having expert knowledge and an actual understanding of the modeled phenomenon or process. Also, statistical models may not produce solutions that are as robust in a real-world context as factors outside the model, like disruptions would not be taken into account. Machine learning models have emerged as a solution to account for the dynamic behavior of the environment and automate intelligence acquisition and refinement. Neural networks are machine learning models, well-known to have the ability to learn linear and nonlinear relations between input and output variables without prior knowledge. However, the ability to efficiently exploit resource-hungry neural networks in embedded resource-bound settings is a major challenge.Here, we proposed Priority Neuron Network (PNN), a resource-aware neural networks model that can be reconfigured into smaller sub-networks at runtime. This approach enables a trade-off between the model's computation time and accuracy based on available resources. The PNN model is memory efficient since it stores only one set of parameters to account for various sub-network sizes. We propose a training algorithm that applies regularization techniques to constrain the activation value of neurons and assigns a priority to each one. We consider the neuron's ordinal number as our priority criteria in that the priority of the neuron is inversely proportional to its ordinal number in the layer. This imposes a relatively sorted order on the activation values. We conduct experiments to employ our PNN as the predictive model in a CPS application. We can see that not only our technique will resolve the memory overhead of DNN architectures but it also reduces the computation overhead for the training process substantially. The training time is a critical matter especially in embedded systems where many NN models are trained on the fly.

Published

2019

45. Communication and security in cyber-physical systems

Author

Khojasteh, Mohammad Javad

Subjects

Engineering, cloud robotics, Control under communication constraints, cyber-physical systems, cyber-physical systems security, event-triggered control, networked control systems

Abstract

Recent technological advances in networking, communication, and computation technologies have enabled the development of cyber-physical systems and cloud robotics, where computing, communication, and control are tightly coupled and integrated into a single distributed platform. These systems open the door to a myriad of new and exciting applications in transportation, health care, agriculture, energy, and many others. The need for the tight integration of different components, requirements, and time scales means that the modeling, analysis, and design of these systems present new challenges. We focus on two aspects of emerging systems architecture. Firstly, we investigate the presence of finite-rate, digital communication channels with delays in the feedback loop. In this context, we study event-triggering strategies that utilize timing information by transmitting in a state-dependent fashion. The proposed event-triggering strategies utilize the available communication resources more efficiently compared to existed time-triggering setups. Secondly, the distributed nature of cyber-physical systems and cloud robotics is their Achilles’ heel, as it is a source of vulnerability to cyber-attacks. In this regard, we introduce the problem of learning-based attacks in these systems, and we show how the controller can impede these attacks by superimposing a carefully crafted privacy-enhancing signal upon its control policy.

Published

2019

46. Quality of Time: A New Perspective in Designing Cyber-Physical Systems

Author

Anwar, Fatima Muhammad

Subjects

Computer engineering, Clock Synchronization, Cyber-physical systems, embedded operating system, Quality of Time, system design, Time attacks

Abstract

Unprecedented Cyber-Physical Systems (CPS) and Internet of Things (IoT) applications such as health care, connected vehicles, and augmented/virtual reality are revolutionizing smart spaces and change how we build and manage our systems. These applications span the cloud and the edge devices and give birth to new system designs with critical dependence on temporal use cases. As such, cloud services are expected to provide timely responses and schedulable demands, while edge devices are required to synchronize observations and choreograph actions across distributed entities. Both cloud and edge demand time awareness in general, and time-indexed queries, precise timestamping, and dynamic clock synchronization in particular. However, contemporary distributed system designs are inherently “clockless” and becoming increasingly complex. They fail to meet consistency, causality, and scheduling demands of underlying applications yet enabling time awareness for various applications running on commodity platforms and operating systems (OS) is a challenge in itself.In this dissertation, we devise a new way of acquiring time information by introducing the notion of Quality of Time (QoT) that collectively captures various time metrics such as resolution, accuracy, stability, and integrity. Analogous to Quality of Service (QoS) in networking, QoT treats time as a controllable OS primitive with observable performance. To provide QoT to applications, we proposed the first OS abstraction – timeline – that reacts to application timing demands and exposes QoT to applications in an easy-to-use, secure, and scalable way. This degree of richness of information had never been available to coordinated applications whose activities are choreographed across time and space. This flow of information was immediately relevant to the broader field of IoT addressing the emerging temporal use cases for applications at the cloud and the edge in a secure fashion. As such, QoT expanded distributed applications to a global scale with no significant overhead and no performance compromise.This dissertation focuses on covering various aspects of QoT. In the first part of this thesis, we design extensible abstractions to characterize timing uncertainty in the presence of timing variations. In an effort to reduce complexity and overhead of current distributed database designs, our abstractions and systems enable globally replicated lockless transactions with simplified design, low overhead and no loss in performance. The second part exposes timing vulnerabilities in trusted execution technologies and network security mechanisms and provides timing integrity by designing secure time architectures in the presence of vulnerabilities. Thus enabling trusted timestamping in commodity systems to preserve one’s digital rights and digital signals. The third part focuses on redesigning the hardware, OS and network interfaces that help time information flow between applications and systems, and enable timing precision. This precision boosts high-speed measurements at large-scale distributed entities. The final section addresses the inefficacy of testing mechanisms for time synchronization protocols deployed in safety-critical environments. We then propose a customized testbed for testing timing robustness under failures and adversarial attacks.Current designs in distributed systems rely on message-passing based protocols and come at a huge energy and bandwidth cost along with high system complexity. In contrast, our designed systems based on QoT support new temporal use cases of globally distributed applications with low computation and communication overhead. We released our system designs to support various time management and clock synchronization use cases in emerging distributed applications.

Published

2019

47. On Information Theoretic and Distortion-based Security

Author

Agarwal, Gaurav Kumar

Subjects

Engineering, cyber-physical systems, millimeter wave, network coding, security

Abstract

In this thesis, we consider secure communication in the presence of an eavesdropper. With the explosion in the growth of the data produced and communicated, sensitive information such as financial transactions, health records, and control signals for cyber-physical systems, has to be securely exchanged. Today, the ever-increasing computational power of adversaries is challenging the state-of-the-art cryptographic encryption mechanisms, as these mechanisms assume adversaries with limited computational power. Thus, with the advent of the quantum computing era, we require new mechanisms to guarantee a secure exchange of information. Moreover, the growing number of small and energy constrained connected devices involved in data exchange calls for lightweight encryption schemes, as low-complexity devices cannot implement complex schemes. We consider three different scenarios and exploit specific opportunities present in each of these scenarios; we develop lightweight encryption schemes that do not require sharing large keys in advance and are secure against eavesdroppers with unlimited computational capabilities.The first scenario we consider is multiple unicast traffic over wireline networks. In these networks, a single source is connected to m destinations interested in different messages. In designing encryption schemes, we exploit the fact that although the eavesdropper is computationally super-powerful, it might not have capabilities to eavesdrop the entire network. We use the multi-path diversity to securely communicate against the eavesdropper without requiring any pre-shared key.The second scenario we consider consists of millimeter wave (mmWave) networks. mmWave communication requires deploying networks of relays that communicate through directional beams to compensate for the high path-loss and the high blockage. Since we need to use beamforming and align beams to activate links, we cannot use all the underlying links of the network simultaneously. However, the degree of freedom in choosing the links to activate can be leveraged for secure communication against an eavesdropper. We show that we can achieve a secure capacity that in some cases, can be very close to the unsecure capacity. Here, capacity refers to the maximum flow of information over the network.For the third scenario, we consider cyber-physical systems and propose a distortion based security framework where the distortion measures the distance between the eavesdropper's estimates and the ground truth. The primary motivation for this framework is that the messages exchanged in these systems are embedded in a metric space having a notion of distance, and securing raw bits as in traditional encryption schemes might not be necessary. Instead, we show with an example of a linear dynamical system that a carefully designed encryption scheme can significantly distort the eavesdropper's view with just one bit of the pre-shared key.

Published

2019

48. Data-Driven Modeling of Cyber-Physical Systems using Side-Channel Analysis

Author

Rokka Chhetri, Sujit

Subjects

Computer engineering, Cyber-Physical Systems, Data-Driven Modeling, Graph Embedding, Machine Learning, Side-Channel Analysis

Abstract

Cyber-Physical System consists of the integration of computational components in the cyber-domain with the physical-domain processes. In cyber-domain, embedded computers and networks monitor and control the physical processes, and in the physical-domain the sensors and actuators aid in interacting with the physical world. This interaction between the cyber and physical domain brings unique modeling challenges one of which includes the integration of discrete and sequential models in cyber-domain with the continuous and parallel physical domain processes. However, the same cyber-physical interaction also opens new opportunities for modeling. For example, the information flow in the cyber-domain manifests physically in the form of energy flows in the physical domain. Some of these energy flows unintentionally provide information about the cyber-domain through the side-channels. In this thesis, the first part consists of an extensive analysis of the side-channels (such as acoustic, magnetic, thermal, power and vibration) of the cyber-physical system is performed. Based on this analysis data-driven models are estimated. These models are then used to perform security vulnerability analysis (for confidentiality and integrity), whereby, new attack models are explored. Furthermore, the data-driven models are also utilized to create a defensive mechanism to minimize the information leakage from the system and to detect attacks to the integrity of the system. The cyber-physical manufacturing systems are taken as use cases to demonstrate the applicability of the modeling approaches. In the second part, side-channel analysis is performed to aid in modeling digital twins of the cyber-physical systems. Specifically, a novel methodology to utilize low-end sensors to analyze the side-channels and build the digital twins is proposed. These digital twins are used to capture the interaction between the cyber-domain and the physical domain of the manufacturing systems, and aid in process quality inference and fault localization. Using side-channels these digital twins are kept up-to-date, which is one of the fundamental requirements for building digital twins. Finally, challenges relating to performing data-driven modeling using non-Euclidean data in the cyber-physical system are addressed in the third part of the thesis. Moreover, a novel structural graph convolutional neural network and a dynamic graph embedding algorithm are presented to handle non-Euclidean data.

Published

2019

49. VerifAI: A Toolkit for the Formal Design and Analysis of Artificial Intelligence-Based Systems

Author

Dreossi, Tommaso, Fremont, Daniel J, Ghosh, Shromona, Kim, Edward, Ravanbakhsh, Hadi, Vazquez-Chanlatte, Marcell, and Seshia, Sanjit A

Subjects

Artificial intelligence, Formal methods, Cyber-physical systems, Machine learning, Autonomous vehicles, Mental health, Artificial Intelligence & Image Processing, cs.AI, Falsification, Simulation

Abstract

We present VerifAI, a software toolkit for the formal design and analysis of systems that include artificial intelligence (AI) and machine learning (ML) components. VerifAI particularly addresses challenges with applying formal methods to ML components such as perception systems based on deep neural networks, as well as systems containing them, and to model and analyze system behavior in the presence of environment uncertainty. We describe the initial version of VerifAI, which centers on simulation-based verification and synthesis, guided by formal models and specifications. We give examples of several use cases, including temporal-logic falsification, model-based systematic fuzz testing, parameter synthesis, counterexample analysis, and data set augmentation.

Published

2022

50. Hardware Trojan Detection in FPGA through Side-Channel Power Analysis and Machine Learning

Author

Zantout, Salam

Subjects

Computer engineering, Cyber-Physical Systems, Hardware Security, Hardware Trojan Horse, Machine Learning, Side-Channel Analysis, Trojan Detection

Abstract

The security of a cyber-physical system depends on the safety of the handled data, software, and underlying hardware. Securing the hardware is not a simple task because of the globalization of integrated circuits’ manufacturing flow. One hardware attack to be considered is the modification of the design to insert a “backdoor” which maliciously alters the behavior of the original system. Such a malicious and intentional insertion is called a Hardware Trojan Horse (HTH). In this thesis, an HTH detection technique was proposed and implemented. The detection technique made use of side-channel power analysis along with machine learning to detect the presence of an HTH. Power traces from a golden implementation (HTH-free) of the AES encryption algorithm on an FPGA were used to train a logistic regression model. The obtained model was then tested on new power traces collected from the golden implementation and was able to make correct predictions with 95% accuracy. Next, an HTH, of a few gates, was implemented in the AES circuit to carry out a denial-of-service attack along with a breach of plaintext secrecy. The power data from the HTH-infected circuit were collected and tested on the trained logistic regression model. An amount of 81% of the HTH-infected data was detected as flawed by the logistic regression model allowing the detection of the HTH even when it was not triggered. In fact, even when an HTH was dormant, the HTH would constantly be checking its triggering condition and hence consumed power.

Published

2018