Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems

协同：协作：安全和隐私意识的网络物理系统

• 批准号: 1505701
• 负责人: Miroslav Pajic
• 金额: $ 15万
• 依托单位: Duke University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-09-01 至 2019-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1505701&HistoricalAwards=false
• 关键词: Synergy; Collaborative; Security; Privacy; Aware

Security and privacy concerns in the increasingly interconnected world are receiving much attention from the research community, policymakers, and general public. However, much of the recent and on-going efforts concentrate on security of general-purpose computation and on privacy in communication and social interactions. The advent of cyber-physical systems (e.g., safety-critical IoT), which aim at tight integration between distributed computational intelligence, communication networks, physical world, and human actors, opens new horizons for intelligent systems with advanced capabilities. These systems may reduce number of accidents and increase throughput of transportation networks, improve patient safety, mitigate caregiver errors, enable personalized treatments, and allow older adults to age in their places. At the same time, cyber-physical systems introduce new challenges and concerns about safety, security, and privacy. The proposed project will lead to safer, more secure and privacy preserving CPS. As our lives depend more and more on these systems, specifically in automotive, medical, and Internet-of-Things domains, results obtained in this project will have a direct impact on the society at large. The study of emerging legal and ethical aspects of large-scale CPS deployments will inform future policy decision-making. The educational and outreach aspects of this project will help us build a workforce that is better prepared to address the security and privacy needs of the ever-more connected and technologically oriented society.Cyber-physical systems (CPS) involve tight integration of computational nodes, connected by one or more communication networks, the physical environment of these nodes, and human users of the system, who interact with both the computational part of the system and the physical environment. Attacks on a CPS system may affect all of its components: computational nodes and communication networks are subject to malicious intrusions, and physical environment may be maliciously altered. CPS-specific security challenges arise from two perspectives. On the one hand, conventional information security approaches can be used to prevent intrusions, but attackers can still affect the system via the physical environment. Resource constraints, inherent in many CPS domains, may prevent heavy-duty security approaches from being deployed. This proposal will develop a framework in which the mix of prevention, detection and recovery, and robust techniques work together to improve the security and privacy of CPS. Specific research products will include techniques providing: 1) accountability-based detection and bounded-time recovery from malicious attacks to CPS, complemented by novel preventive techniques based on lightweight cryptography; 2) security-aware control design based on attack resilient state estimator and sensor fusions; 3) privacy of data collected and used by CPS based on differential privacy; and, 4) evidence-based framework for CPS security and privacy assurance, taking into account the operating context of the system and human factors. Case studies will be performed in applications with autonomous features of vehicles, internal and external vehicle networks, medical device interoperability, and smart connected medical home.

日益相互联系的世界中的安全和隐私问题正受到研究界、政策制定者和普通公众的极大关注。然而，最近和正在进行的许多努力都集中在通用计算的安全性以及通信和社交中的隐私问题上。网络物理系统(如安全关键物联网)的出现，旨在将分布式计算智能、通信网络、物理世界和人类行为者紧密集成在一起，为具有高级功能的智能系统开辟了新的视野。这些系统可以减少事故数量，增加交通网络的吞吐量，改善患者安全，减少照顾者错误，实现个性化治疗，并允许老年人在他们的位置上变老。与此同时，网络物理系统带来了新的挑战和对安全、安保和隐私的担忧。拟议的项目将导致更安全、更有保障和保护隐私的CPS。随着我们的生活越来越依赖这些系统，特别是在汽车、医疗和物联网领域，这个项目取得的成果将对整个社会产生直接影响。对大规模CPS部署的新出现的法律和伦理问题的研究将为未来的政策决策提供信息。该项目的教育和推广方面将帮助我们建立一支更好地准备好满足日益互联和以技术为导向的社会的安全和隐私需求的劳动力队伍。网络物理系统(CPS)涉及通过一个或多个通信网络连接的计算节点、这些节点的物理环境以及系统的人类用户的紧密集成，这些用户与系统的计算部分和物理环境进行交互。对CPS系统的攻击可能会影响其所有组件：计算节点和通信网络受到恶意入侵，物理环境可能被恶意更改。CPS特有的安全挑战来自两个方面。一方面，传统的信息安全方法可以用来防止入侵，但攻击者仍然可以通过物理环境影响系统。许多CPS域中固有的资源限制可能会阻止部署重型安全方法。这项提议将制定一个框架，在该框架中，预防、检测和恢复以及强大的技术相结合，以改善CP的安全和隐私。具体的研究产品将包括以下技术：1)基于责任的检测和对CPS的恶意攻击的有限时间恢复，辅之以基于轻量级密码学的新型预防技术；2)基于攻击弹性状态估计器和传感器融合的安全感知控制设计；3)基于差异隐私的CPS收集和使用的数据隐私；以及4)基于证据的CPS安全和隐私保证框架，考虑到系统的操作环境和人为因素。将在具有车辆自主功能、内外车载网络、医疗设备互操作性和智能互联医疗家居的应用程序中进行案例研究。

项目成果

Secure State Estimation with Cumulative Message Authentication

通过累积消息验证进行安全状态估计

• DOI: 10.1109/cdc.2018.8619250
• 发表时间: 2018
• 期刊: 2018 IEEE Conference on Decision and Control (CDC
• 作者: Jovanov, Ilija;Pajic, Miroslav
• 通讯作者: Pajic, Miroslav

Security-Aware Scheduling of Embedded Control Tasks

• DOI: 10.1145/3126518
• 发表时间: 2017-09
• 期刊: ACM Transactions on Embedded Computing Systems (TECS)
• 作者: Vuk Lesi;Ilija Jovanov;Miroslav Pajic

Network Scheduling for Secure Cyber-Physical Systems

• DOI: 10.1109/rtss.2017.00012
• 发表时间: 2017-12
• 期刊: 2017 IEEE Real-Time Systems Symposium (RTSS)
• 作者: Vuk Lesi;Ilija Jovanov;Miroslav Pajic

Relaxing Integrity Requirements for Attack-Resilient Cyber-Physical Systems

放宽抗攻击网络物理系统的完整性要求

• DOI: 10.1109/tac.2019.2898510
• 发表时间: 2019
• 期刊: IEEE Transactions on Automatic Control
• 影响因子: 6.8
• 作者: Jovanov, Ilija;Pajic, Miroslav
• 通讯作者: Pajic, Miroslav

Continuous Estimation Using Context-Dependent Discrete Measurements

使用上下文相关的离散测量进行连续估计

• DOI: 10.1109/tac.2018.2797839
• 发表时间: 2018
• 期刊: IEEE Transactions on Automatic Control
• 影响因子: 6.8
• 作者: Ivanov, Radoslav;Atanasov, Nikolay;Pajic, Miroslav;Weimer, James;Pappas, George J.;Lee, Insup
• 通讯作者: Lee, Insup