Visible to the public SaTC: CORE: Medium: Collaborative: Privacy-Aware Trustworthy Control as a Service for the Internet of Things (IoT)Conflict Detection Enabled

Project Details

Performance Period

Sep 01, 2017 - Aug 31, 2021


University of California-Los Angeles

Award Number

The Internet of Things (IoT) includes a variety of devices such as smart appliances, cars, and other physical systems that are deeply embedded in our everyday lives and that are at risk from new kinds of threats to security and privacy from hackers or state actors. In IoT systems, sensors are used to probe the physical state of the system (e.g., temperature in a building or rotational speed of a wheel of a car) and then software control systems use algorithms to determine appropriate adjustments to the system (e.g., run the air conditioning for 5 minutes or apply the brakes). The project is focused on protecting those control systems and algorithms to ensure security and privacy for users.

The research addresses trustworthy and privacy-aware control architectures for IoT through mechanisms drawn from control, cryptography, software, and hardware. These include: (i) A framework for formally reasoning about safety and privacy properties of control software in conjunction with dynamical models of the physical world and associated sensing and actuation channels; (ii) Lightweight domain-specific mechanisms, for policing flow of information through software applications, while leveraging the semantics of machine learning and control algorithms, physics of the system, and numerical properties; (iii) Enforcing desired safety and information leakage properties via a combination of principled sensor data perturbation, control algorithms optimized for efficient computation over encrypted data, and a hardware-supported trusted computing base tailored to protecting sensed data and control algorithm parameters; (iv) A resilient control and timing infrastructure that protects against attacks on timing information through a hybrid use of edge and cloud resources and physical models. The success of the mechanisms is being assessed on experimental testbeds for smart home, industrial automation and smart vehicles, but have broader applicability to many other IoT applications. The project team is also creating a new graduate class on IoT security and developing educational material on IoT security for high-schoolers through the Los Angeles Computing Circle initiative at the University of California - Los Angeles.