skip to main content
research-article

Reliable and Secure Design-Space-Exploration for Cyber-Physical Systems

Published:18 May 2020Publication History
Skip Abstract Section

Abstract

Given the widespread deployment of cyber-physical systems and their safety-critical nature, reliability and security guarantees offered by such systems are of paramount importance. While the security of such systems against sensor attacks have garnered significant attention from researchers in recent times, improving the reliability of a control software implementation against transient environmental disturbances need to be investigated further. Scalable formal methods for verification of actual control performance guarantee offered by software implementations of control laws in the face of sensory faults have been explored in recent work [20]. However, the formal verification of the improvement of system reliability by incorporating sensor fault mitigation techniques like Kalman filtering [29] and sensor fusion [18, 52] remains to be explored. Moreover, system designers face complex tradeoff choices for deciding upon the usage of fault and attack mitigation techniques and scheduling them on available system resources as they incur extra computation load.

In the present work, our contributions are threefold. We formally analyze the actual performance guarantee of control software implementations enabled with additional fault mitigation techniques. We consider task-level models of such implementations enabled with security and fault tolerance primitives and construct a timed automata-based model which checks for schedulability on heterogeneous multi-core platforms. We leverage these methodologies in the context of a novel Design-Space-Exploration (DSE) framework that considers target reliability and security guarantees for a control system and computes schedulable design options while considering well-known platform-level security improvement and fault mitigation techniques. We validate our contributions over several case studies from the automotive domain.

References

  1. Yasmina Abdeddaim, Eugene Asarin, Oded Maler, et al. 2006. Scheduling with timed automata. Theoretical Computer Science 354, 2 (2006), 272--300.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Rajeev Alur and David L. Dill. 1994. A theory of timed automata. Theoretical Computer Science 126, 2 (1994), 183--235.Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Christel Baier, Joost-Pieter Katoen, and Kim Guldstrand Larsen. 2008. Principles of Model Checking. MIT Press, New York, NY.Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Gerd Behrmann, Alexandre David, Kim Guldstrand Larsen, John Hakansson, Paul Petterson, Wang Yi, and Martijn Hendriks. 2006. UPPAAL 4.0. In QEST. IEEE Computer Society, Washington, DC, 125--126.Google ScholarGoogle Scholar
  5. Johan Bengtsson, Kim Larsen, Fredrik Larsson, Paul Pettersson, and Wang Yi. 1995. UPPAAL—A tool suite for automatic verification of real-time systems. In International Hybrid Systems Workshop. Springer, Berlin, 232--243.Google ScholarGoogle Scholar
  6. Cristiana Bolchini and Antonio Miele. 2012. Reliability-driven system-level synthesis for mixed-critical embedded systems. IEEE Transactions on Computers 62, 12 (2012), 2489--2502.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Alvaro Cardenas, Saurabh Amin, Bruno Sinopoli, Annarita Giani, Adrian Perrig, and Shankar Sastry. 2009. Challenges for Securing Cyber Physical Systems. DHS.Google ScholarGoogle Scholar
  8. Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, Tadayoshi Kohno, et al. 2011. Comprehensive experimental analyses of automotive attack surfaces. In USENIX Conference on Security, Vol. 4. USENIX Association, San Francisco, CA, 447--462.Google ScholarGoogle Scholar
  9. Bei Chen, Yugang Niu, and Yuanyuan Zou. 2013. Adaptive sliding mode control for stochastic Markovian jumping systems with actuator degradation. Automatica 49, 6 (2013), 1748--1754.Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. John L. Crassidis and John L. Junkins. 2011. Optimal Estimation of Dynamic Systems. CRC Press, Boca Raton, FL.Google ScholarGoogle Scholar
  11. Pascal Cuoq, Florent Kirchner, Nikolai Kosmatov, Virgile Prevosto, Julien Signoles, and Boris Yakobowski. 2012. Frama-c. In Software Engineering and Formal Methods. Springer, Berlin, 233--247.Google ScholarGoogle Scholar
  12. Jesús A. De Loera, Raymond Hemmecke, Jeremiah Tauzer, and Ruriko Yoshida. 2004. Effective lattice point counting in rational convex polytopes. Journal of Symbolic Computation 38, 4 (2004), 1273--1302.Google ScholarGoogle ScholarCross RefCross Ref
  13. Marco Di Natale and Alberto Luigi Sangiovanni-Vincentelli. 2010. Moving from federated to integrated architectures in automotive: The role of standards, methods and tools. Proceedings of the IEEE 98, 4 (2010), 603--620.Google ScholarGoogle ScholarCross RefCross Ref
  14. Edsger W. Dijkstra. 1975. Guarded commands, nondeterminacy and formal derivation of programs. Communicationsof the ACM 18, 8 (1975), 453--457.Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. John Fearnley and Marcin Jurdziński. 2015. Reachability in two-clock timed automata is PSPACE-complete. Information and Computation 243 (2015), 26--36.Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Ansgar Fehnker. 1999. Scheduling a steel plant with timed automata. In RTCSA. IEEE, New York, NY, 280--286.Google ScholarGoogle Scholar
  17. Elena Fersman, Leonid Mokrushin, Paul Pettersson, and Wang Yi. 2006. Schedulability analysis of fixed-priority systems using timed automata. Theoretical Computer Science. 354, 2 (2006), 301--317.Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Qiang Gan and Chris J. Harris. 2001. Comparison of two measurement fusion methods for Kalman-filter-based multisensor data fusion. IEEE Transactions on Aerospace and Electronic Systems 37, 1 (2001), 273--279.Google ScholarGoogle ScholarCross RefCross Ref
  19. Saurav Kumar Ghosh, Soumyajjit Dey, Dip Goswami, Daniel Mueller-Gritschneder, and Samarjit Chakraborty. 2018. Design and validation of fault-tolerant embedded controllers. In DATE. IEEE, New York, NY, 1283--1288.Google ScholarGoogle Scholar
  20. Saurav Kumar Ghosh, Debasmita Lohar, Dibyendu Das, and Soumyajit Dey. 2017. Work-in-progress: Verifying stability guarantees of control software implementations in the presence of sensor level faults. In EMSOFT. IEEE, New York, NY, 1--2.Google ScholarGoogle Scholar
  21. Dip Goswami, D. Muller-Gritschneder, Twan Basten, Ulf Schlichtmann, and Samarjit Chakraborty. 2014. Fault-tolerant embedded control systems for unreliable hardware. In ISIC. IEEE, New York, NY, 464--467.Google ScholarGoogle Scholar
  22. Dip Goswami, Reinhard Schneider, and Samarjit Chakraborty. 2014. Relaxing signal delay constraints in distributed embedded controllers. IEEE Transactions on Control Systems Technology 22, 6 (2014), 2337--2345.Google ScholarGoogle ScholarCross RefCross Ref
  23. Andy Greenberg. 2015. Hackers remotely kill a jeep on the highway—with me in it. Wired 7 (2015), 21.Google ScholarGoogle Scholar
  24. Nan Guan, Zonghua Gu, Qingxu Deng, Shuaihong Gao, and Ge Yu. 2007. Exact schedulability analysis for static-priority global multiprocessor scheduling using model-checking. In IFIP WG 10.2 International Workshop, SEUS. Springer, Berlin, 263--272.Google ScholarGoogle Scholar
  25. Yanhong Huang, Joao F. Ferreira, Guanhua He, Shengchao Qin, and Jifeng He. 2013. Deadline analysis of AUTOSAR OS periodic tasks in the presence of interrupts. In ICFEM. Springer, Berlin, 165--181.Google ScholarGoogle Scholar
  26. Arshad Jhumka, Stephan Klaus, and Sorin A. Huss. 2005. A dependability-driven system-level design approach for embedded systems. In DATE. IEEE, New York, NY, 372--377.Google ScholarGoogle Scholar
  27. Ke Jiang, Adrian Lifa, Petru Eles, Zebo Peng, and Wei Jiang. 2013. Energy-aware design of secure multi-mode real-time embedded systems with FPGA co-processors. In RTNS. ACM, New York, NY, 109--118.Google ScholarGoogle Scholar
  28. Ilija Jovanov and Miroslav Pajic. 2017. Sporadic data integrity for secure state estimation. In CDC. IEEE, New York, NY, 163--169.Google ScholarGoogle Scholar
  29. Rudolph Emil Kalman. 1960. A new approach to linear filtering and prediction problems. Journal of Basic Engineering 82, 1 (1960), 35--45.Google ScholarGoogle ScholarCross RefCross Ref
  30. Andrew J. Kerns, Daniel P. Shepard, Jahshan A. Bhatti, and Todd E. Humphreys. 2014. Unmanned aircraft capture and control via GPS spoofing. Journal of Field Robotics 31, 4 (2014), 617--636.Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, et al. 2010. Experimental security analysis of a modern automobile. In IEEE Symposium on Security and Privacy. IEEE, New York, NY, 447--462.Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Ralph Langner. 2011. Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security and Privacy 9, 3 (2011), 49--51.Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Vuk Lesi, Ilija Jovanov, and Miroslav Pajic. 2017. Network scheduling for secure cyber-physical systems. In RTSS. IEEE, New York, NY, 45--55.Google ScholarGoogle Scholar
  34. Vuk Lesi, Ilija Jovanov, and Miroslav Pajic. 2017. Security-aware scheduling of embedded control tasks. ACM Transactions on Embedded Computing Systems 16, 5s (2017), 1--21.Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Chung-Wei Lin, Bowen Zheng, Qi Zhu, and Alberto Sangiovanni-Vincentelli. 2015. Security-aware design methodology and optimization for automotive systems. ACM Transactions on Design Automation of Electronic Systems 21, 1 (2015), 1--26.Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. David McNeil Mayhew. 1999. Multi-rate Sensor Fusion for GPS Navigation Using Kalman Filtering. Ph.D. Dissertation. Virginia Tech.Google ScholarGoogle Scholar
  37. MDA. 2020. Measure Data Analyzer. Retrieved on September 10, 2019 from https://www.etas.com/en/products/mda.php.Google ScholarGoogle Scholar
  38. William C. Messner, Dawn M. Tilbury, and Rick Hill. 1999. Control Tutorials for MATLAB® and Simulink®.Google ScholarGoogle Scholar
  39. Yilin Mo and Bruno Sinopoli. 2009. Secure control against replay attacks. In Allerton. IEEE, New York, NY, 911--918.Google ScholarGoogle Scholar
  40. Yilin Mo and Bruno Sinopoli. 2010. False data injection attacks in cyber physical systems. In Preprints of the First Workshop on Secure Control Systems. ACM, New York, NY, 1--6.Google ScholarGoogle Scholar
  41. Aloysius K. Mok and Deji Chen. 1997. A multiframe model for real-time tasks. IEEE Transactions on Software Engineering 23, 10 (1997), 635--645.Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Junkil Park, Radoslav Ivanov, James Weimer, Miroslav Pajic, and Insup Lee. 2015. Sensor attack detection in the presence of transient faults. In ICCPS. ACM, New York, NY, 1--10.Google ScholarGoogle Scholar
  43. Fabio Pasqualetti, Florian Dorfler, and Francesco Bullo. 2015. Control-theoretic methods for cyberphysical security: Geometric principles for optimal cross-layer resilient control systems. IEEE Control Systems Magazine 35, 1 (2015), 110--127.Google ScholarGoogle ScholarCross RefCross Ref
  44. Fabio Pasqualetti and Qi Zhu. 2015. Design and operation of secure cyber-physical systems. IEEE Embedded Systems Letters 7, 1 (2015), 3--6.Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Yasser Shoukry, Paul Martin, Paulo Tabuada, and Mani Srivastava. 2013. Non-invasive spoofing attacks for anti-lock braking systems. In CHES. Springer, Berlin, 55--72.Google ScholarGoogle Scholar
  46. Jill Slay and Michael Miller. 2007. Lessons learned from the maroochy water breach. In IFIP WG 11.10 International Conference, CIP. Springer, Berlin, 73--82.Google ScholarGoogle Scholar
  47. Xidong Tang, Gang Tao, and Suresh M. Joshi. 2007. Adaptive actuator failure compensation for nonlinear MIMO systems with an aircraft control application. Automatica 43, 11 (2007), 1869--1883.Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. André Teixeira, Iman Shames, Henrik Sandberg, and Karl Henrik Johansson. 2015. A secure control framework for resource-limited adversaries. Automatica 51 (2015), 135--148.Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Lothar Thiele, Samarjit Chakraborty, and Martin Naedele. 2000. Real-time calculus for scheduling hard real-time systems. In ISCAS. IEEE, New York, NY, 101--104.Google ScholarGoogle ScholarCross RefCross Ref
  50. Satya Gautam Vadlamudi and Partha Pratim Chakrabarti. 2013. Robustness analysis of embedded control systems with respect to signal perturbations: Finding minimal counterexamples using fault injection. IEEE Transactions on Dependable and Secure Computing 11, 1 (2013), 45--58.Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Tan Chee Wei, Hazlina Selamat, and Ahmad Jais Alimin. 2010. Modeling and control of an engine fuel injection system. International Journal of Simulation--Systems, Science 8 Technology 11, 5 (2010), 48--60.Google ScholarGoogle Scholar
  52. Lin Xiao, Stephen Boyd, and Sanjay Lall. 2005. A scheme for robust distributed sensor fusion based on average consensus. In IPSN. IEEE, New York, NY, 63--70.Google ScholarGoogle Scholar
  53. Bowen Zheng, Peng Deng, Rajasekhar Anguluri, Qi Zhu, and Fabio Pasqualetti. 2016. Cross-layer codesign for secure cyber-physical systems. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 35, 5 (2016), 699--711.Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Reliable and Secure Design-Space-Exploration for Cyber-Physical Systems

            Recommendations

            Comments

            Login options

            Check if you have access through your login credentials or your institution to get full access on this article.

            Sign in

            Full Access

            PDF Format

            View or Download as a PDF file.

            PDF

            eReader

            View online with eReader.

            eReader

            HTML Format

            View this article in HTML Format .

            View HTML Format
            About Cookies On This Site

            We use cookies to ensure that we give you the best experience on our website.

            Learn more

            Got it!