CPS Events
Addressing Security And Privacy Challenges In Internet Of Things
Abstract:
Internet of Things (IoT) is envisioned as a holistic and transformative approach for providing numerous services. Smart things, that can sense, store, and process electrical, thermal, optical, chemical, and other signals to extract user-/environment-related information, have enabled services only limited by human imagination. Despite picturesque promises of IoT-enabled systems, the integration of smart things into the standard Internet introduces several security and privacy challenges because the majority of Internet technologies, communication protocols, and sensors were not designed to support IoT.
In this presentation, I will shed light on fundamental security challenges in IoT paradigm and argue that we need to rethink the development of multiple IoT-enabled systems while taking security requirements into account. Bridging concepts from information security, machine learning, and signal processing, I will demonstrate that the threat of unintended private information leakage from seemingly non-critical data is far beyond what is currently thought possible. In particular, I will describe PinMe, a novel user-location mechanism that exploits non-sensory/sensory data collected from smartphones or Internet-connected vehicles, along with publicly-available auxiliary information, e.g., elevation maps, to estimate the user's location when all location services, e.g., Global Positioning System (GPS), are turned off.
Next, I will present a novel framework that integrates programmability and security into isolated vehicles and enables rapid development of new vehicular applications for already-in-market vehicles, significantly enhancing the vehicle security, passenger safety, and driving experience. The proposed framework is formed around a security/privacy-friendly programmable dongle (known as SmartCore) and a middlware that enables developers to interact with the vehicle's built-in components in a safe and secure manner, preventing numerous potential threats against Internet-connected vehicles.
Bio:
Arsalan Mosenia is currently a postdoctoral research associate, jointly working with Profs. Mung Chiang (Purdue University) and Prateek Mittal (Princeton University). He received the B.Sc. degree in Computer Engineering from Sharif University of Technology in 2012, and the M.A. and Ph.D. in Electrical Engineering from Princeton University, in 2014 and 2016, respectively, under the supervision of Prof. Niraj K. Jha.
He is broadly interested in investigating and addressing emerging security and privacy challenges in Internet of Things (IoT) and cyber-physical systems. His interests lie at the intersection of information security, IoT, embedded systems, and machine learning. His work has uncovered fundamental security/privacy flaws in the design of multiple widely-used Internet-connected systems. His research impact includes several publications that are among the most popular papers of top-tier IEEE Transactions, multiple prestigious awards (including Princeton X, Princeton Innovation Fund, French-American Doctoral Exchange Fellowship, and Princeton IP Accelerator Fund), and extensive press coverage. Furthermore, at OpenFog Consortium, he is actively collaborating with Security Work Group, where he defines domain-specific security standards for fog computing, and Testbed Work Group, where he designs, builds, and examines novel fog-inspired real-world systems.
The Science Of Cyber-Physical System Design
Abstract:
Science is knowledge that allows us to make predictions. What is the science of system design? What predictions can we make about the systems we build and deploy? Using examples from our own research, we advocate a formal approach to tackling these questions. In particular, we present some of our recent work on: (1) the Refinement Calculus of Reactive Systems, a compositional modeling and formal reasoning framework; (2) synthesis from scenarios and requirements, a powerful combination of learning from examples and synthesis from specifications; and (3) synthesis of platform mappings with applications to security.
Bio:
Stavros Tripakis is a Full Professor at Aalto University, and an Adjunct Associate Professor at the University of California, Berkeley. He received a Ph.D. degree in Computer Science in 1998 at the Verimag Laboratory, Joseph Fourier University, Grenoble, France. He was a Postdoc at UC Berkeley from 1999 to 2001, a CNRS Research Scientist at Verimag from 2001 to 2006, and a Research Scientist at Cadence Research Labs, Berkeley, from 2006 to 2008. His research interests include cyber-physical systems, computer-aided verification, and the foundations of software and system design. Dr. Tripakis was co-Chair of the 10th ACM & IEEE Conference on Embedded Software (EMSOFT 2010), and Secretary/Treasurer (2009-2011) and Vice-Chair (2011-2013) of ACM SIGBED. His h-index is 45.
A Decade Of Research In CPS Security: An Unconsummated Union Between Control Theory And Information Security
Abstract:
Advances in embedded computers and networks that monitor and control physical systems are improving our productivity, sustainability, and well-being, but they also introduce security risks associated with information technology. To fully understand the risks of these technologies, and to develop resilient security and privacy mechanisms in cyber-physical systems, we need concepts from control as well as information security. In the last decade, the control community has proposed fundamental advances in Cyber-Physical Systems (CPS) security; in parallel, the computer security community has also achieved significant advances in practical implementation aspects for CPS security and privacy. While both of these fields have made significant progress independently, there is still a large language and conceptual barrier between the two fields, and as a result, computer security experts have developed a parallel and independent research agenda from control theory researchers. In order to design future CPS security and privacy mechanisms, the two communities need to come closer together and leverage the insights that each has developed. In this talk I will discuss our efforts to facilitate the integration of these two communities by leveraging the physical properties of the system under control for designing novel security and privacy algorithms, tools, and metrics for CPS. I will also discuss our ongoing research on the tradeoffs between security and privacy in cyber-physical systems, and conclude the talk with practical examples of the new threat vectors and vulnerabilities in Internet of Things devices.
Bio:
Alvaro A. Cardenas is an Assistant Professor at the Department of Computer Science at the University of Texas at Dallas. He holds M.S. (2002) and Ph.D. (2006) degrees in Electrical Engineering from the University of Maryland, College Park. Before joining UT Dallas he was a postdoctoral scholar at the University of California, Berkeley, and a research staff at Fujitsu Laboratories of America in Sunnyvale California. He has also been an intern at INRIA-LORIA in France, and a SCADA intern at Occidental Petroleum Corporation. His research interests focus on cyber-physical systems and IoT security and privacy. He is the recipient of the NSF CAREER award, best paper awards from the IEEE Smart Grid Communications Conference and the U.S. Army Research Conference, and a Fellowship from the University of Maryland.
CPSRC Seminar Series: Uniform Asymptotic Stability of Switched Systems via Reduced Control Systems
Abstract:
The stability of switched systems is a challenging problem of current interest. In this talk we will present some new results for the uniform global asymptotic stability of switched nonlinear systems with time/state-dependent switching constraints. These results are based on the existence of weak Lyapunov functions, i.e. positive definite functions for which the time derivative along the subsystems are only semidefinite negative. As a difference with most of the known criteria based on weak Lyapunov functions, our results do not assume any dwell-time condition, and consequently can be applied to switched systems with arbitrary fast switchings. The approach for obtaining the stability results consists of embedding the switched system into a control system whose outputs are related with the time derivatives of the Lyapunov functions, and then studying the behavior of the solutions of that control systems when its outputs are constrained to be identically zero.
Bio:
José Luis Mancilla Aguilar received the Licenciado en Matemática degree (1994) and his Doctor’s degree in Mathematics (2001) from the Universidad Nacional de Buenos Aires (UBA), Argentina. From 1993 to 1995, he received a Research Fellowship from the Argentine Atomic Energy Commission (CNEA) in the area of nonlinear control. Since 1995, he has been with the Department of Mathematics of the Facultad de Ingeniería (UBA), where he is currently a part-time Associate Professor. Since 2005, Dr. Mancilla-Aguilar has held a Professor position at the Department of Mathematics of the Instituto Tecnológico de Buenos Aires (ITBA) and currently is the head of the Centro de Sistemas y Control (CeSyC). His research interests include hybrid systems and nonlinear control.
Watch the seminar on our YouTube channel: https://youtu.be/QQSHfjnLMbk
CPSRC Seminar Series: Observer Design for Nonlinear Systems
Abstract:
Unlike for linear systems, no systematic method exists for the design of observers for nonlinear systems. In fact, observer design may be more or less straightforward depending on the coordinates we choose to express the system dynamics. In particular, some specific structures, called normal forms, have been identified for allowing a direct and easier observer construction. It follows that one can look for a reversible change of coordinates transforming the expression of the system dynamics into one of those normal forms, design an observer in those coordinates, and finally deduce an estimate of the system state in the initial coordinates via inversion of the transformation. This talk gives contributions to each of those three steps.
First, we show the interest of a new triangular normal form with continuous (non-Lipschitz) nonlinearities. Indeed, some systems may not be transformable into the standard Lipschitz triangular form, but rather into an "only continuous" triangular form. In this case, the famous high gain observer no longer is sufficient, and we propose to use homogeneous observers instead.
We also show how the "Luenberger" design, consisting in transforming the system dynamics into a Hurwitz linear form based on the resolution of PDE, can be extended to time-varying/controlled systems.
As for the inversion of the transformation, this step is far from trivial in practice, in particular when the domain and image spaces have different dimensions. When no explicit expression for a global inverse is available, numerical inversion usually relies on the resolution of a minimization problem with a heavy computational cost. That is why we have developed a method to avoid the explicit inversion of the transformation by bringing the observer dynamics (expressed in the canonical form coordinates) back into the initial system coordinates. This is done by dynamic extension, i.e. by adding some new coordinates to the system and transforming an injective immersion into a surjective diffeomorphism.
Bio:
Pauline Bernard graduated from MINES ParisTech in 2014 with a Master degree in Applied Mathematics and Automatic Control. In 2017, she obtained her Ph.D. in Mathematics and Automatic Control at PSL Reserch University, prepared at the Systems and Control Center, MINES ParisTech. She is now a post-doc at the Computer Engineering Department, University California Santa Cruz. Her research interests focus on the observation problem and observer design for nonlinear systems and recently hybrids systems.
Watch the seminar on our YouTube channel: https://youtu.be/JXh4t_jbiSc
