CPS Events
Towards Compositional Secure Autonomy: From Perception to Control
Abstract
Autonomous systems, such as self-driving cars, drones, and mobile robots, are rapidly becoming ubiquitous in our society. These systems are composed of multiple individual software components for perception, prediction, planning, and control. While these systems are now blurring the lines between traditional computing systems and human intelligence and revolutionizing markets, a significant gap exists in developing theory and practice that indicates how the behavior of each component can be unified to reason about their system-wide security. This gap is exacerbated by the increasing use of learning-enabled components with inputs from diverse sensors and actuators that operate in open and uncontrolled physical environments.
In this talk, I present the challenges in compositional secure autonomy and principles from our recent efforts on vulnerability discovery and security enforcement to address these challenges. I illustrate these challenges and principles with examples and sample results by focusing on robotic vehicles and autonomous driving. I conclude with a discussion of the open problems and opportunities, and outline areas for defensive research in the future.
Speaker Bio
Z. Berkay Celik is an Assistant Professor of Computer Science at Purdue University, where he is the co-director of the Purdue Security (PurSec) laboratory and a member of the Center for Education and Research in Information Assurance and Security (CERIAS). His research investigates the design and evaluation of security for software and systems, specifically on emerging computing platforms and the complex physical environments in which they operate. Through systems design, program analysis, and formal methods, his research seeks to improve security and privacy guarantees in commodity computer systems. His research approach is best illustrated by his extensive work on the Internet of Things (IoT) and Cyber-Physical Systems (CPS), including robotic vehicles, automobiles, and autonomous vehicles. He has received the National Science Foundation CAREER Award in 2022 and Google's ASPIRE Research award in 2021-2023. More information about his research group and publication record is available at https://beerkay.github.io.
Control-theoretic Approaches towards Secure Industrial Control Systems
Abstract
The term "Industrial Control System" (ICS) encompasses various control configurations, including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and programmable logic controllers (PLC). ICSs historically operated in isolation from the internet. However, recent technological development has driven a convergence between ICSs and internet-based environments, such as cloud computing, breaking the isolation. This shift exposes ICSs to the same attack vectors prevalent in cyberattacks. Despite this exposure, ICS devices are inherently less secure against advanced attack scenarios. A compromise to an ICS can result in substantial physical damage and pose threats to human lives.
The first half of this talk reviews fundamental topics about control-theoretic approaches for secure industrial control systems. Our exploration begins with traditional model-based anomaly detection and its adaptation to the security context. Subsequently, we discuss zero-dynamics attack that conceals its existence by exploiting the zero dynamics of the system's dynamics. In the latter half, the speaker provides recent results of his works. In particular, we consider a model-based defense techniques that perform not only detection but also counteractions based on Bayesian inference and mathematically analyze its fundamental properties using game theory. In addition, as another topic, recent findings about vulnerabilities of data-driven control are also exhibited.
Bio
Hampei Sasahara received the Ph.D. degree in engineering from Tokyo Institute of Technology in 2019. He is currently an Assistant Professor with Tokyo Institute of Technology, Tokyo, Japan. From 2019 to 2021, he was a Postdoctoral Scholar with KTH Royal Institute of Technology, Stockholm, Sweden. His main interests include secure control system design and control of large-scale systems.
Mix & Latch: An Optimization Flow for High-Performance Designs with Single-Clock Mixed-Polarity Latches and Flip-Flops
Abstract
Flip-flops (FFs) are the most commonly used sequential elements in synchronous circuits, but their timing requirements limit the operating frequency. Borrowing time with a latch-based approach can increase operating frequency, but traditional back-end optimization tools struggle to manage hold time requirements. The Mix & Latch technique achieves higher frequencies and often lower area than commercial state-of-the-art retiming by exploiting four types of synchronous sequential gates, namely positive and negative edge-triggered FFs and positive and negative transparent latches, all using a single clock tree. The effectiveness of Mix & Latch is demonstrated on both standard logic synthesis benchmarks and on a RISC-V processor core from the Pulp platform using 28 nm CMOS FDSOI technology. The results are compared to retiming performed with a state-of-the-art tool, showing a 25 % frequency improvement over the traditional design flow and 7.5 % over the retiming flow. Compared to the retiming flow, we achieve comparable or lower power and area, while preserving the original registers and allowing logic equivalence checking.
Speaker Bio
Luciano Lavagno received his Ph.D. in EECS from U.C. Berkeley (California, USA) in 1992 and from Politecnico di Torino (Italy) in 1993. He co-authored two books on asynchronous circuit design, a book on hardware/software co-design of embedded systems, the CRC Handbook on Electronic Design Automation, and over 250 scientific papers. He has been granted 13 US patents. Between 1993 and 2000 he was the architect of the POLIS project, a cooperation between U.C. Berkeley, Cadence Design Systems, Magneti Marelli and Politecnico di Torino, which developed a complete hardware/software co-design environment for control-dominated embedded systems. Between 2003 and 2014 he has been one of the creators and architects of the Cadence C-to-Silicon high-level synthesis system. Between 2015 and 2017 he has worked, with the Calypto group of Mentor Graphics, on their high level synthesis tool, called Catapult. Since 2018 he has been leading the back-end team working on the Vitis HLS tool from Xilinx/AMD. Since 2011 he is also a full professor with Politecnico di Torino, Italy. Luciano has been serving for many years on the technical committees of the main international conferences in his field (e.g. DAC, DATE, ICCAD, ICCD, ASYNC, CODES) and of various workshops and symposia. He has been the technical program chair of DAC, and the TPC and general chair of CODES. A senior member of IEEE, Luciano has been also associate editor of IEEE TCAS and ACM TECS. His research interests include the high-level synthesis of digital circuits, in particular for acceleration of Machine Learning tasks, performance optimization of digital circuits, including asynchronous and Razor-like design techniques, as well as circuits and algorithms for indoor localization and tracking.
Hierarchical Contract Nets and Automatic Assurance Case Environment
Abstract:
An automatic synthesis problem is often characterized by an overall goal or specification to be satisfied, the set of all possible outcomes, called the design space, and an algorithm for the automatic selection of one or more members from the design space that are provably guaranteed to satisfy the overall specification. A key challenge in automatic synthesis is the complexity of the design space.
In the first half of the talk, we introduce a formal model, termed hierarchical contract nets (HCN), and a framework for the efficient automatic synthesis of hierarchical contract nets, based on a library of conditional refinement relations between contracts and contract nets. Assurance cases (ACs) have gained attention in the aerospace, medical, and other heavily-regulated industries as a means for providing structured arguments on why a product, typically a complex cyber-physical system, is dependable (i.e., safe, secure, etc.) for its intended application. Challenges in AC construction stem from the complexity, uniqueness and the heterogeneous nature of the CPS and the supporting evidence, and the need to assess the quality of the argument and evidence.
In the second half of the talk, we present an application of HCN in the DARPA program Automatic Rapid Certification of Software (ARCOS) for an automated AC creation framework that facilitates the synthesis, validation, and confidence assessment of ACs based on dependability argument patterns and confidence patterns capturing domain knowledge.
Speaker Bio:
Dr. Timothy E. Wang is currently at RTX Technologies Research Center (formerly Raytheon/United Technologies Research Center). He earned his B.S., M.S., and PhD all from the Department of Aerospace Engineering at Georgia Institute of Technology. He has been working on various aspects of the modeling, analysis, verification, and validation (V&V) and certification of complex cyber-physical systems. This includes application of formal methods to industrial systems such as Pratt & Whitney engine FADEC, compositional modeling and formal verification of human-machine systems, formal verification of on-board helicopter autonomy, and also machine learning with formal robustness guarantees. He has participated and led several government-sponsored research programs from DARPA, ONR and NASA.
Autonomy for Space Exploration
Abstract: Over the past two decades, several autonomous functions and system-level capabilities have successfully been demonstrated and used in deep-space operations. In spite of that, spacecraft today remain largely reliant on ground in the loop to assess situations and plan next actions, using pre-scripted command sequences. Advances have been made across mission phases including spacecraft navigation; proximity operations; entry, descent, and landing; surface mobility and manipulation; and data handling. But past practices may not be sustainable for future exploration. The ability of ground operators to predict the outcome of their plans seriously diminishes when platforms physically interact with planetary bodies, as has been experienced in two decades of Mars surface operations. This results from uncertainties that arise due to limited knowledge, complex physical interaction with the environment, and limitations of associated models.
In this talk, Dr. Nesnas will share advances in the architecture, development, and deployment of autonomous systems for space applications, highlighting recent advances in entry descent and landing, rover navigation, and extreme terrain mobility. He will also describe progress toward future architecting of autonomous system and summarize anticipated needs based on recommendations from the Planetary Science and Astrobiology Decadal Survey.
Speaker Bio: Issa Nesnas is a principal technologist in the Autonomous Systems Division at the Jet Propulsion Laboratory, where he worked for over 25 years after several years in the robotics industry. He is currently an associate director of Caltech’s CAST (Center for Autonomous Systems and Technologies and JPL’s lead on NASA’s Capability Leadership Team for Autonomous Systems. At JPL, he led the Robotics Mobility and the Robotics Software Systems Groups across a span of thirteen years. His research included architectures for autonomous systems, perception-based navigation and manipulation, and extreme-terrain and microgravity mobility. He has served in multiple roles on three JPL rover missions. He is the recipient of the Magellan Award, JPL’s highest award for an individual scientific or technical accomplishment for his work on extreme terrain mobility.
Issa received a B.E. degree in Electrical Engineering from Manhattan College in 1991, and earned the M.S. and Ph.D. degrees in robotics from the Mechanical Engineering Department at the University of Notre Dame in 1993 and 1995 respectively.
