CPS: Medium: Security Certification of Autonomous Cyber-Physical Systems

CPS：中：自主网络物理系统的安全认证

• 批准号: 1818500
• 负责人: Shuo Wang
• 金额: $ 83.06万
• 依托单位: University of Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-10-26 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1818500&HistoricalAwards=false
• 关键词: CPS; Medium; Security; Certification; Autonomous

Automation is being increasingly introduced into every man-made system. The thrust to achieve trustworthy autonomous systems, which can attain goals independently in the presence of significant uncertainties and for long periods of time without any human intervention, has always been enticing. Significant progress has been made in the avenues of both software and hardware for meeting these objectives. However, technological challenges still exist and particularly in terms of decision making under uncertainty. In an autonomous system, uncertainties can arise from the operating environment, adversarial attacks, and from within the system. While a lot of work has been done on ensuring safety of systems under standard sensing errors, much less attention has been given on securing it and its sensors from attacks. As such, autonomous cyber-physical systems (CPS), which rely heavily on sensing units for decision making, remain vulnerable to such attacks. Given the fact that the age of autonomous CPS is upon us and their influence is gradually increasing, it becomes an urgent task to develop effective solutions to ensure the security and trustworthiness of autonomous CPS under adversarial attacks. The researchers of this project provide a comprehensive real-time, resource-aware solution for detection and recovery of autonomous CPS from physical and cyber-attacks. This project also includes effort to educate and prepare the community for the potential cyber and physical threats on autonomous CPS.With the observation that a thorough security certification of autonomous CPS will provide formal evaluation of autonomous CPS, the researchers in this project intend to develop methods to facilitate manufacturers for certifying security solutions. Toward this goal, the researchers will first develop new theories to understand the impact of physical and cyber-attack on system level properties such as controllability, stability, and safety. They will then develop algorithms for detection and recovery of CPS from physical attacks on active sensors. The proposed recovery method will ensure the integrity of sensor measurements when the system is under attack. Furthermore, a new analysis framework will be constructed that uses platform-based design methodology to represent the CPS and verifies it against design metric constraints such as security, timing, resource, and performance. The key contributions of this project towards autonomous CPS security certification include 1) a comprehensive study of relationship between attacks and system-level properties; 2) algorithms and their optimization for detection and automatic recovery of autonomous CPS from attacks; and 3) systematically quantifying impact of security on design metrics.

自动化正越来越多地被引入每一个人造系统。实现可信赖的自主系统的推动力一直是诱人的，这种系统可以在存在重大不确定性的情况下独立实现目标，并且在很长一段时间内不需要任何人为干预。为实现这些目标，在软件和硬件方面都取得了重大进展。然而，技术挑战仍然存在，特别是在不确定性下的决策方面。在自治系统中，不确定性可能来自操作环境、对抗性攻击和系统内部。虽然在确保系统在标准传感误差下的安全方面已经做了大量的工作，但在保护系统及其传感器免受攻击方面却很少受到关注。因此，严重依赖传感单元进行决策的自主网络物理系统（CPS）仍然容易受到此类攻击。随着自主CPS时代的到来，自主CPS的影响力日益增强，如何制定有效的解决方案，确保自主CPS在对抗性攻击下的安全性和可信度，已成为一项紧迫的任务。该项目的研究人员提供了一种全面的实时、资源感知的解决方案，用于检测和恢复自主CPS免受物理和网络攻击。该项目还包括努力教育和准备社区对自主CPS的潜在网络和物理威胁。考虑到对自主CPS进行彻底的安全认证将提供对自主CPS的正式评估，本项目研究人员打算开发有助于制造商认证安全解决方案的方法。为了实现这一目标，研究人员将首先开发新的理论来理解物理和网络攻击对系统级属性（如可控性、稳定性和安全性）的影响。然后，他们将开发算法，用于从主动传感器的物理攻击中检测和恢复CPS。所提出的恢复方法可以保证系统受到攻击时传感器测量的完整性。此外，将构建一个新的分析框架，该框架使用基于平台的设计方法来表示CPS，并根据设计度量约束（如安全性、时间、资源和性能）对其进行验证。该项目对自主CPS安全认证的主要贡献包括：1)全面研究攻击与系统级属性之间的关系；2)自主CPS攻击检测与自动恢复算法及其优化；3)系统地量化安全性对设计度量的影响。

项目成果

RADM: a risk-aware DER management framework with real-time DER trustworthiness evaluation

• DOI: 10.1145/3450267.3450536
• 发表时间: 2021-05
• 期刊: Proceedings of the ACM/IEEE 12th International Conference on Cyber-Physical Systems
• 作者: Yaodan Hu;Xiaochen Xian;Yier Jin

Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices

看不见的手指：对基于触摸屏的电子设备的实用电磁干扰攻击

• DOI: 10.1109/sp46214.2022.9833718
• 发表时间: 2022
• 期刊: IEEE Symposium on Security and Privacy (SP
• 作者: Shan, Haoqi;Zhang, Boyi;Zhan, Zihao;Sullivan, Dean;Wang, Shuo;Jin, Yier
• 通讯作者: Jin, Yier

Phase retrieval of complex-valued objects via a randomized Kaczmarz method

通过随机 Kaczmarz 方法进行复值对象的相位检索

• 发表时间: 2021
• 期刊: Information and inference
• 作者: Zhang, T.;Feng, Yu.
• 通讯作者: Feng, Yu.

Adaptive Sampling and Quick Anomaly Detection in Large Networks

• DOI: 10.1109/tase.2022.3214193
• 发表时间: 2023-10
• 期刊: IEEE Transactions on Automation Science and Engineering
• 影响因子: 5.6
• 作者: Xiaochen Xian;A. Semenov;Yaodan Hu;An Wang;Yier Jin

Protecting Platoons from Stealthy Jamming Attack

保护排免受隐形干扰攻击

• DOI: 10.1109/asianhost51057.2020.9358269
• 发表时间: 2020
• 期刊: 2020 Asian Hardware Oriented Security and Trust Symposium (AsianHOST
• 作者: Hu, Yaodan;Shan, Haoqi;Dutta, Raj Gautam;Jin, Yier
• 通讯作者: Jin, Yier