Showing 1–3 of 3 results for author: Lesi, V

A Framework for Checkpointing and Recovery of Hierarchical Cyber-Physical Systems

Authors: Kaustubh Sridhar, Radoslav Ivanov, Vuk Lesi, Marcio Juliato, Manoj Sastry, Lily Yang, James Weimer, Oleg Sokolsky, Insup Lee

Abstract: This paper tackles the problem of making complex resource-constrained cyber-physical systems (CPS) resilient to sensor anomalies. In particular, we present a framework for checkpointing and roll-forward recovery of state-estimates in nonlinear, hierarchical CPS with anomalous sensor data. We introduce three checkpointing paradigms for ensuring different levels of checkpointing consistency across t… ▽ More This paper tackles the problem of making complex resource-constrained cyber-physical systems (CPS) resilient to sensor anomalies. In particular, we present a framework for checkpointing and roll-forward recovery of state-estimates in nonlinear, hierarchical CPS with anomalous sensor data. We introduce three checkpointing paradigms for ensuring different levels of checkpointing consistency across the hierarchy. Our framework has algorithms implementing the consistent paradigm to perform accurate recovery in a time-efficient manner while managing the tradeoff with system resources and handling the interplay between diverse anomaly detection systems across the hierarchy. Further in this work, we detail bounds on the recovered state-estimate error, maximum tolerable anomaly duration and the accuracy-resource gap that results from the aforementioned tradeoff. We explore use-cases for our framework and evaluate it on a case study of a simulated ground robot to show that it scales to multiple hierarchies and performs better than an extended Kalman filter (EKF) that does not incorporate a checkpointing procedure during sensor anomalies. We conclude the work with a discussion on extending the proposed framework to distributed systems. △ Less

Submitted 17 May, 2022; originally announced May 2022.

Intrusion Detection and Localization for Networked Embedded Control Systems

Authors: Vuk Lesi, Marcio Juliato, Shabbir Ahmed, Christopher Gutierrez, Qian Wang, Manoj Sastry

Abstract: Closed-loop control systems employ continuous sensing and actuation to maintain controlled variables within preset bounds and achieve the desired system output. Intentional disturbances in the system, such as in the case of cyberattacks, can compromise reachability of control goals, and in several cases jeopardize safety. The increasing connectivity and exposure of networked control to external ne… ▽ More Closed-loop control systems employ continuous sensing and actuation to maintain controlled variables within preset bounds and achieve the desired system output. Intentional disturbances in the system, such as in the case of cyberattacks, can compromise reachability of control goals, and in several cases jeopardize safety. The increasing connectivity and exposure of networked control to external networks has enabled attackers to compromise these systems by exploiting security vulnerabilities. Attacks against safety-critical control loops can not only drive the system over a trajectory different from the desired, but also cause fatal consequences to humans. In this paper we present a physics-based Intrusion Detection System (IDS) aimed at increasing the security in control systems. In addition to conventional process state estimation for intrusion detection, since the controller cannot be trusted, we introduce a controller state estimator. Additionally, we make our detector context-aware by utilizing sensor measurements from other control loops, which allows to distinguish and characterize disturbances from attacks. We introduce adaptive thresholding and adaptive filtering as means to achieve context-awareness. Together, these methodologies allow detection and localization of attacks in closed-loop controls. Finally, we demonstrate feasibility of the approach by mounting a series of attacks against a networked Direct Current (DC) motor closed-loop speed control deployed on an ECU testbed, as well as on a simulated automated lane keeping system. Among other application domains, this set of approaches is key to support security in automotive systems, and ultimately increase road and passenger safety. △ Less

Submitted 17 June, 2021; originally announced June 2021.

Comments: Embedded Security in Cars (ESCAR) USA 2021

Security Analysis for Distributed IoT-Based Industrial Automation

Authors: Vuk Lesi, Zivana Jakovljevic, Miroslav Pajic

Abstract: With ever-expanding computation and communication capabilities of modern embedded platforms, Internet of Things (IoT) technologies enable development of Reconfigurable Manufacturing Systems---a new generation of highly modularized industrial equipment suitable for highly-customized manufacturing. Sequential control in these systems is largely based on discrete events, while their formal execution… ▽ More With ever-expanding computation and communication capabilities of modern embedded platforms, Internet of Things (IoT) technologies enable development of Reconfigurable Manufacturing Systems---a new generation of highly modularized industrial equipment suitable for highly-customized manufacturing. Sequential control in these systems is largely based on discrete events, while their formal execution semantics is specified as Control Interpreted Petri Nets (CIPN). Despite industry-wide use of programming languages based on the CIPN formalism, formal verification of such control applications in the presence of adversarial activity is not supported. Consequently, in this paper we focus on security-aware modeling and verification challenges for CIPN-based sequential control applications. Specifically, we show how CIPN models of networked industrial IoT controllers can be transformed into Time Petri Net (TPN)-based models, and composed with plant and security-aware channel models in order to enable system-level verification of safety properties in the presence of network-based attacks. Additionally, we introduce realistic channel-specific attack models that capture adversarial behavior using nondeterminism. Moreover, we show how verification results can be utilized to introduce security patches and motivate design of attack detectors that improve overall system resiliency, and allow satisfaction of critical safety properties. Finally, we evaluate our framework on an industrial case study. △ Less

Submitted 29 May, 2020; originally announced June 2020.