CPS: Medium: Security Certification of Autonomous Cyber-Physical Systems

CPS：中：自主网络物理系统的安全认证

• 批准号: 1818500
• 负责人: Shuo Wang
• 金额: $ 83.06万
• 依托单位: University of Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-10-26 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1818500&HistoricalAwards=false
• 关键词: CPS; Medium; Security; Certification; Autonomous

Automation is being increasingly introduced into every man-made system. The thrust to achieve trustworthy autonomous systems, which can attain goals independently in the presence of significant uncertainties and for long periods of time without any human intervention, has always been enticing. Significant progress has been made in the avenues of both software and hardware for meeting these objectives. However, technological challenges still exist and particularly in terms of decision making under uncertainty. In an autonomous system, uncertainties can arise from the operating environment, adversarial attacks, and from within the system. While a lot of work has been done on ensuring safety of systems under standard sensing errors, much less attention has been given on securing it and its sensors from attacks. As such, autonomous cyber-physical systems (CPS), which rely heavily on sensing units for decision making, remain vulnerable to such attacks. Given the fact that the age of autonomous CPS is upon us and their influence is gradually increasing, it becomes an urgent task to develop effective solutions to ensure the security and trustworthiness of autonomous CPS under adversarial attacks. The researchers of this project provide a comprehensive real-time, resource-aware solution for detection and recovery of autonomous CPS from physical and cyber-attacks. This project also includes effort to educate and prepare the community for the potential cyber and physical threats on autonomous CPS.With the observation that a thorough security certification of autonomous CPS will provide formal evaluation of autonomous CPS, the researchers in this project intend to develop methods to facilitate manufacturers for certifying security solutions. Toward this goal, the researchers will first develop new theories to understand the impact of physical and cyber-attack on system level properties such as controllability, stability, and safety. They will then develop algorithms for detection and recovery of CPS from physical attacks on active sensors. The proposed recovery method will ensure the integrity of sensor measurements when the system is under attack. Furthermore, a new analysis framework will be constructed that uses platform-based design methodology to represent the CPS and verifies it against design metric constraints such as security, timing, resource, and performance. The key contributions of this project towards autonomous CPS security certification include 1) a comprehensive study of relationship between attacks and system-level properties; 2) algorithms and their optimization for detection and automatic recovery of autonomous CPS from attacks; and 3) systematically quantifying impact of security on design metrics.

自动化正越来越多地被引入到每个人造系统中。实现值得信赖的自主系统的努力一直是诱人的，因为它可以在存在重大不确定性的情况下，在很长一段时间内独立实现目标，而不需要任何人的干预。为实现这些目标，在软件和硬件方面都取得了重大进展。然而，技术挑战仍然存在，特别是在不确定情况下的决策方面。在自治系统中，不确定因素可能来自操作环境、对抗性攻击和系统内部。虽然已经做了大量工作来确保系统在标准传感错误下的安全，但对保护系统及其传感器免受攻击的关注要少得多。因此，严重依赖传感单元进行决策的自主网络物理系统(CP)仍然容易受到此类攻击。随着自主CP时代的到来，其影响力日益增大，研究有效的解决方案来保证自主CP在敌意攻击下的安全性和可信性已成为当务之急。该项目的研究人员为自主CP的检测和从物理和网络攻击中恢复提供了一个全面的实时、资源感知的解决方案。该项目还包括教育和准备社区以应对自主CP上的潜在网络和物理威胁。由于观察到自主CP的全面安全认证将提供对自主CP的正式评估，该项目的研究人员打算开发方法来帮助制造商认证安全解决方案。为了实现这一目标，研究人员将首先开发新的理论，以了解物理和网络攻击对系统级属性(如可控性、稳定性和安全性)的影响。然后，他们将开发算法来检测CP，并从对主动传感器的物理攻击中恢复CP。所提出的恢复方法将确保当系统受到攻击时传感器测量的完整性。此外，将构建一个新的分析框架，使用基于平台的设计方法来表示CPS，并根据设计指标约束(如安全、时间、资源和性能)对其进行验证。该项目对自主CPS安全认证的主要贡献包括：1)全面研究攻击与系统级属性之间的关系；2)检测和自动恢复自主CPS的算法及其优化；3)系统地量化安全对设计指标的影响。

项目成果

RADM: a risk-aware DER management framework with real-time DER trustworthiness evaluation

• DOI: 10.1145/3450267.3450536
• 发表时间: 2021-05
• 期刊: Proceedings of the ACM/IEEE 12th International Conference on Cyber-Physical Systems
• 作者: Yaodan Hu;Xiaochen Xian;Yier Jin

Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices

看不见的手指：对基于触摸屏的电子设备的实用电磁干扰攻击

• DOI: 10.1109/sp46214.2022.9833718
• 发表时间: 2022
• 期刊: IEEE Symposium on Security and Privacy (SP
• 作者: Shan, Haoqi;Zhang, Boyi;Zhan, Zihao;Sullivan, Dean;Wang, Shuo;Jin, Yier
• 通讯作者: Jin, Yier

Phase retrieval of complex-valued objects via a randomized Kaczmarz method

通过随机 Kaczmarz 方法进行复值对象的相位检索

• 发表时间: 2021
• 期刊: Information and inference
• 作者: Zhang, T.;Feng, Yu.
• 通讯作者: Feng, Yu.

Adaptive Sampling and Quick Anomaly Detection in Large Networks

• DOI: 10.1109/tase.2022.3214193
• 发表时间: 2023-10
• 期刊: IEEE Transactions on Automation Science and Engineering
• 影响因子: 5.6
• 作者: Xiaochen Xian;A. Semenov;Yaodan Hu;An Wang;Yier Jin

Protecting Platoons from Stealthy Jamming Attack

保护排免受隐形干扰攻击

• DOI: 10.1109/asianhost51057.2020.9358269
• 发表时间: 2020
• 期刊: 2020 Asian Hardware Oriented Security and Trust Symposium (AsianHOST
• 作者: Hu, Yaodan;Shan, Haoqi;Dutta, Raj Gautam;Jin, Yier
• 通讯作者: Jin, Yier