Collaborative Research: CPS: Medium: Timeliness vs. Trustworthiness: Balancing Predictability and Security in Time-Sensitive CPS Design

协作研究：CPS：中：及时性与可信度：在时间敏感的 CPS 设计中平衡可预测性和安全性

• 批准号: 2038995
• 负责人: Ning Zhang
• 金额: $ 23.97万
• 依托单位: Washington University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-02-01 至 2025-01-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2038995&HistoricalAwards=false
• 关键词: Collaborative; Research; CPS; Medium; Timeliness

Many cyber-physical systems (CPS) have real-time (RT) requirements. For these RT-CPS, such as a network of unmanned aerial vehicles that deliver packages to customers’ homes or a robot that performs/aides in cardiac surgery, deadline misses may result in economic losses or even fatal consequences. At the same time, as these RT-CPS interact with, and are depended on by, humans, they must also be trustworthy. The goal of this research is to design secure RT-CPS that are less complex, easier to analyze, and reliable for critical application domains such as defense, medicine, transportation, manufacturing, and agriculture, to name just a few. Since RT-CPS now permeate most aspects of our daily lives, especially in the smart city and internet-of-things (IoT) context, this research will improve confidence in automated systems by users. Research results will be disseminated to both academia and industry, and permit timely adoption since the hardware required in this research is already publicly available. This project will result in a pipeline of engineers and computer scientists who are well-versed in the interdisciplinary nature of securing RT-CPS, as well as course modules and red-teaming exercises for undergraduate students in all engineering disciplines and interactive learning modules and internship experience for K-12 students in D.C., Detroit, Dallas, and St. Louis.The goal of this research is to design secure RT-CPS from the ground up while explicitly accounting for physical dynamics of said RT-CPS at runtime to achieve resilience via prevention and detection of, and recovery from, attacks. This will be accomplished by (i) securing the scheduling infrastructure from the ground up, (ii) using a formal framework for trading off security against timeliness while accounting for system dynamics, and for the cost of security to be explicitly quantified, and (iii) performing state- and function-dependent on-demand recovery. Said RT-CPS will be able to proactively prevent attacks using moving target defenses, as well as detect and recover from attacks that cannot be avoided. This research will pave the way for RT-CPS and internet-of-things (IoT) to be implemented with confidence: their timely and correct operation guaranteed. Specific contributions of this research are: (i) a trusted scheduling infrastructure that can protect the integrity of the real-time tasks, the scheduler, its task queues, and I/O, and which can recover from (intentional) errors, (ii) a probabilistic real-time/security co-design framework that exploits trusted execution to protect the security of the real-time tasks, (iii) novel schedulability analysis techniques, (iv) an incremental recovery mechanism for continuous operation, and (v) validation on automated ground vehicles, drones, and robot arms. Contributions expanding the knowledge base will be made to the fields of CPS, IoT, real-time systems, security, and control systems.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

许多信息物理系统（CPS）都有实时（RT）要求。对于这些RT-CPS，例如将包裹递送到客户家中的无人驾驶飞行器网络或执行/辅助心脏手术的机器人，最后期限错过可能导致经济损失甚至致命后果。与此同时，由于这些RT-CPS与人类互动并被人类依赖，它们也必须是值得信赖的。这项研究的目标是设计安全的RT-CPS，这些CPS不那么复杂，更容易分析，并且对于国防，医疗，运输，制造和农业等关键应用领域来说是可靠的。由于RT-CPS现在渗透到我们日常生活的大部分方面，特别是在智能城市和物联网（IoT）背景下，这项研究将提高用户对自动化系统的信心。研究结果将向学术界和工业界传播，并允许及时采用，因为这项研究所需的硬件已经公开。该项目将产生一批精通保护RT-CPS的跨学科性质的工程师和计算机科学家，以及所有工程学科的本科生的课程模块和红队练习，以及华盛顿特区K-12学生的互动学习模块和实习经验，本研究的目标是从头开始设计安全的RT-CPS，同时明确说明所述RT-CPS在运行时的物理动态，以通过预防和检测攻击以及从攻击中恢复来实现弹性。这将通过以下方式实现：（i）从底层开始保护调度基础设施，（ii）使用正式框架来权衡安全性和及时性，同时考虑系统动态，并明确量化安全成本，以及（iii）执行状态和功能依赖的按需恢复。RT-CPS将能够使用移动目标防御来主动预防攻击，并检测无法避免的攻击并从中恢复。这项研究将为RT-CPS和物联网（IoT）的实施铺平道路：保证其及时和正确的操作。这项研究的具体贡献是：（i）可信的调度基础设施，可以保护实时任务、调度器、其任务队列和I/O的完整性，并且可以从（故意）错误，（ii）利用可信执行来保护实时任务的安全性的概率实时/安全协同设计框架，（iii）新颖的可验证性分析技术，（iv）用于连续操作的增量恢复机制，以及（v）对自动地面车辆、无人机和机器人手臂的验证。该奖项反映了NSF的法定使命，通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZone

RT-TEE：使用 ARM TrustZone 的网络物理系统的实时系统可用性

• DOI: 10.1109/sp46214.2022.9833604
• 发表时间: 2022
• 期刊: 2022 IEEE Symposium on Security and Privacy (SP
• 作者: Wang, Jinwen;Li, Ao;Li, Haoran;Lu, Chenyang;Zhang, Ning
• 通讯作者: Zhang, Ning

A Procrastinating Control-Flow Integrity Framework for Periodic Real-Time Systems

• DOI: 10.1145/3575757.3575762
• 发表时间: 2023-06
• 期刊: Proceedings of the 31st International Conference on Real-Time Networks and Systems
• 作者: Tanmaya Mishra;Jinwen Wang;Thidapat Chantem;Ryan M. Gerdes;Ning Zhang