CPS: Medium: Security Certification of Autonomous Cyber-Physical Systems

CPS：中：自主网络物理系统的安全认证

• 批准号: 1818500
• 负责人: Shuo Wang
• 金额: $ 83.06万
• 依托单位: University of Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-10-26 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1818500&HistoricalAwards=false
• 关键词: CPS; Medium; Security; Certification; Autonomous

Automation is being increasingly introduced into every man-made system. The thrust to achieve trustworthy autonomous systems, which can attain goals independently in the presence of significant uncertainties and for long periods of time without any human intervention, has always been enticing. Significant progress has been made in the avenues of both software and hardware for meeting these objectives. However, technological challenges still exist and particularly in terms of decision making under uncertainty. In an autonomous system, uncertainties can arise from the operating environment, adversarial attacks, and from within the system. While a lot of work has been done on ensuring safety of systems under standard sensing errors, much less attention has been given on securing it and its sensors from attacks. As such, autonomous cyber-physical systems (CPS), which rely heavily on sensing units for decision making, remain vulnerable to such attacks. Given the fact that the age of autonomous CPS is upon us and their influence is gradually increasing, it becomes an urgent task to develop effective solutions to ensure the security and trustworthiness of autonomous CPS under adversarial attacks. The researchers of this project provide a comprehensive real-time, resource-aware solution for detection and recovery of autonomous CPS from physical and cyber-attacks. This project also includes effort to educate and prepare the community for the potential cyber and physical threats on autonomous CPS.With the observation that a thorough security certification of autonomous CPS will provide formal evaluation of autonomous CPS, the researchers in this project intend to develop methods to facilitate manufacturers for certifying security solutions. Toward this goal, the researchers will first develop new theories to understand the impact of physical and cyber-attack on system level properties such as controllability, stability, and safety. They will then develop algorithms for detection and recovery of CPS from physical attacks on active sensors. The proposed recovery method will ensure the integrity of sensor measurements when the system is under attack. Furthermore, a new analysis framework will be constructed that uses platform-based design methodology to represent the CPS and verifies it against design metric constraints such as security, timing, resource, and performance. The key contributions of this project towards autonomous CPS security certification include 1) a comprehensive study of relationship between attacks and system-level properties; 2) algorithms and their optimization for detection and automatic recovery of autonomous CPS from attacks; and 3) systematically quantifying impact of security on design metrics.

自动化正越来越多地被引入每一个人造系统。实现可信赖的自主系统的推动力一直是诱人的，这种系统可以在存在重大不确定性的情况下独立地实现目标，并且长时间不需要任何人为干预。在实现这些目标的软件和硬件方面都取得了重大进展。然而，技术挑战仍然存在，特别是在不确定性下的决策方面。在自治系统中，不确定性可能来自操作环境、对抗性攻击和系统内部。虽然已经做了大量的工作来确保系统在标准传感误差下的安全性，但对保护系统及其传感器免受攻击的关注要少得多。因此，严重依赖传感单元进行决策的自主网络物理系统（CPS）仍然容易受到此类攻击。鉴于自主CPS的时代已经到来，其影响力正在逐渐增加，因此开发有效的解决方案以确保自主CPS在对抗性攻击下的安全性和可信性成为一项紧迫的任务。该项目的研究人员提供了一个全面的实时，资源感知的解决方案，用于检测和恢复来自物理和网络攻击的自主CPS。该项目还包括努力教育和准备社区对自主CPS的潜在网络和物理威胁。观察到自主CPS的彻底安全认证将提供对自主CPS的正式评估，该项目的研究人员打算开发方法，以方便制造商认证安全解决方案。为了实现这一目标，研究人员将首先开发新的理论，以了解物理和网络攻击对系统级属性（如可控性、稳定性和安全性）的影响。然后，他们将开发算法，用于从对主动传感器的物理攻击中检测和恢复CPS。所提出的恢复方法将确保传感器测量的完整性，当系统受到攻击。此外，将构建一个新的分析框架，使用基于平台的设计方法来表示CPS和验证它对设计指标的约束，如安全性，时间，资源和性能。该项目对自主CPS安全认证的主要贡献包括：1）全面研究攻击与系统级属性之间的关系; 2）用于检测和自动恢复自主CPS的算法及其优化;以及3）系统地量化安全对设计指标的影响。

项目成果

RADM: a risk-aware DER management framework with real-time DER trustworthiness evaluation

• DOI: 10.1145/3450267.3450536
• 发表时间: 2021-05
• 期刊: Proceedings of the ACM/IEEE 12th International Conference on Cyber-Physical Systems
• 作者: Yaodan Hu;Xiaochen Xian;Yier Jin

Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices

看不见的手指：对基于触摸屏的电子设备的实用电磁干扰攻击

• DOI: 10.1109/sp46214.2022.9833718
• 发表时间: 2022
• 期刊: IEEE Symposium on Security and Privacy (SP
• 作者: Shan, Haoqi;Zhang, Boyi;Zhan, Zihao;Sullivan, Dean;Wang, Shuo;Jin, Yier
• 通讯作者: Jin, Yier

Phase retrieval of complex-valued objects via a randomized Kaczmarz method

通过随机 Kaczmarz 方法进行复值对象的相位检索

• 发表时间: 2021
• 期刊: Information and inference
• 作者: Zhang, T.;Feng, Yu.
• 通讯作者: Feng, Yu.

Adaptive Sampling and Quick Anomaly Detection in Large Networks

• DOI: 10.1109/tase.2022.3214193
• 发表时间: 2023-10
• 期刊: IEEE Transactions on Automation Science and Engineering
• 影响因子: 5.6
• 作者: Xiaochen Xian;A. Semenov;Yaodan Hu;An Wang;Yier Jin

Protecting Platoons from Stealthy Jamming Attack

保护排免受隐形干扰攻击

• DOI: 10.1109/asianhost51057.2020.9358269
• 发表时间: 2020
• 期刊: 2020 Asian Hardware Oriented Security and Trust Symposium (AsianHOST
• 作者: Hu, Yaodan;Shan, Haoqi;Dutta, Raj Gautam;Jin, Yier
• 通讯作者: Jin, Yier