Visible to the public Biblio

Found 196 results

Filters: First Letter Of Last Name is X  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W [X] Y Z   [Show ALL]
Xu, Shuiling, Ji, Xinsheng, Liu, Wenyan.  2019.  Enhancing the Reliability of NFV with Heterogeneous Backup. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :923–927.
Virtual network function provides tenant with flexible and scalable end-to-end service chaining in the cloud computing and data center environments. However, comparing with traditional hardware network devices, the uncertainty caused by software and virtualization of Network Function Virtualization expands the attack surface, making the network node vulnerable to a certain types of attacks. The existing approaches for solving the problem of reliability are able to reduce the impact of failure of physical devices, but pay little attention to the attack scenario, which could be persistent and covert. In this paper, a heterogeneous backup strategy is brought up, enhancing the intrusion tolerance of NFV SFC by dynamically switching the VNF executor. The validity of the method is verified by simulation and game theory analysis.
Xu, Tangwei, Lu, Xiaozhen, Xiao, Liang, Tang, Yuliang, Dai, Huaiyu.  2019.  Voltage Based Authentication for Controller Area Networks with Reinforcement Learning. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–5.
Controller area networks (CANs) are vulnerable to spoofing attacks such as frame falsifying attacks, as electronic control units (ECUs) send and receive messages without any authentication and encryption. In this paper, we propose a physical authentication scheme that exploits the voltage features of the ECU signals on the CAN bus and applies reinforcement learning to choose the authentication mode such as the protection level and test threshold. This scheme enables a monitor node to optimize the authentication mode via trial-and-error without knowing the CAN bus signal model and spoofing model. Experimental results show that the proposed authentication scheme can significantly improve the authentication accuracy and response compared with a benchmark scheme.
Xu, W., Cheung, S. c S., Soares, N..  2015.  Affect-preserving privacy protection of video. 2015 IEEE International Conference on Image Processing (ICIP). :158–162.

The prevalence of wireless networks and the convenience of mobile cameras enable many new video applications other than security and entertainment. From behavioral diagnosis to wellness monitoring, cameras are increasing used for observations in various educational and medical settings. Videos collected for such applications are considered protected health information under privacy laws in many countries. At the same time, there is an increasing need to share such video data across a wide spectrum of stakeholders including professionals, therapists and families facing similar challenges. Visual privacy protection techniques, such as blurring or object removal, can be used to mitigate privacy concern, but they also obliterate important visual cues of affect and social behaviors that are crucial for the target applications. In this paper, we propose a method of manipulating facial expression and body shape to conceal the identity of individuals while preserving the underlying affect states. The experiment results demonstrate the effectiveness of our method.

Xu, W., Yan, Z., Tian, Y., Cui, Y., Lin, J..  2017.  Detection with compressive measurements corrupted by sparse errors. 2017 9th International Conference on Wireless Communications and Signal Processing (WCSP). :1–5.

Compressed sensing can represent the sparse signal with a small number of measurements compared to Nyquist-rate samples. Considering the high-complexity of reconstruction algorithms in CS, recently compressive detection is proposed, which performs detection directly in compressive domain without reconstruction. Different from existing work that generally considers the measurements corrupted by dense noises, this paper studies the compressive detection problem when the measurements are corrupted by both dense noises and sparse errors. The sparse errors exist in many practical systems, such as the ones affected by impulse noise or narrowband interference. We derive the theoretical performance of compressive detection when the sparse error is either deterministic or random. The theoretical results are further verified by simulations.

Xu, W., Peng, Y..  2018.  SharaBLE: A Software Framework for Shared Usage of BLE Devices over the Internet. 2018 IEEE 29th Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC). :381—385.

With the development of Internet of Things, numerous IoT devices have been brought into our daily lives. Bluetooth Low Energy (BLE), due to the low energy consumption and generic service stack, has become one of the most popular wireless communication technologies for IoT. However, because of the short communication range and exclusive connection pattern, a BLE-equipped device can only be used by a single user near the device. To fully explore the benefits of BLE and make BLE-equipped devices truly accessible over the Internet as IoT devices, in this paper, we propose a cloud-based software framework that can enable multiple users to interact with various BLE IoT devices over the Internet. This framework includes an agent program, a suite of services hosting in cloud, and a set of RESTful APIs exposed to Internet users. Given the availability of this framework, the access to BLE devices can be extended from local to the Internet scale without any software or hardware changes to BLE devices, and more importantly, shared usage of remote BLE devices over the Internet is also made available.

Xu, Wen, Kashyap, Sanidhya, Min, Changwoo, Kim, Taesoo.  2017.  Designing New Operating Primitives to Improve Fuzzing Performance. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. :2313–2328.

Fuzzing is a software testing technique that finds bugs by repeatedly injecting mutated inputs to a target program. Known to be a highly practical approach, fuzzing is gaining more popularity than ever before. Current research on fuzzing has focused on producing an input that is more likely to trigger a vulnerability. In this paper, we tackle another way to improve the performance of fuzzing, which is to shorten the execution time of each iteration. We observe that AFL, a state-of-the-art fuzzer, slows down by 24x because of file system contention and the scalability of fork() system call when it runs on 120 cores in parallel. Other fuzzers are expected to suffer from the same scalability bottlenecks in that they follow a similar design pattern. To improve the fuzzing performance, we design and implement three new operating primitives specialized for fuzzing that solve these performance bottlenecks and achieve scalable performance on multi-core machines. Our experiment shows that the proposed primitives speed up AFL and LibFuzzer by 6.1 to 28.9x and 1.1 to 735.7x, respectively, on the overall number of executions per second when targeting Google's fuzzer test suite with 120 cores. In addition, the primitives improve AFL's throughput up to 7.7x with 30 cores, which is a more common setting in data centers. Our fuzzer-agnostic primitives can be easily applied to any fuzzer with fundamental performance improvement and directly benefit large-scale fuzzing and cloud-based fuzzing services.

Xu, X., Pautasso, C., Zhu, L., Gramoli, V., Ponomarev, A., Tran, A. B., Chen, S..  2016.  The Blockchain as a Software Connector. 2016 13th Working IEEE/IFIP Conference on Software Architecture (WICSA). :182–191.

Blockchain is an emerging technology for decentralized and transactional data sharing across a large network of untrusted participants. It enables new forms of distributed software architectures, where components can find agreements on their shared states without trusting a central integration point or any particular participating components. Considering the blockchain as a software connector helps make explicitly important architectural considerations on the resulting performance and quality attributes (for example, security, privacy, scalability and sustainability) of the system. Based on our experience in several projects using blockchain, in this paper we provide rationales to support the architectural decision on whether to employ a decentralized blockchain as opposed to other software solutions, like traditional shared data storage. Additionally, we explore specific implications of using the blockchain as a software connector including design trade-offs regarding quality attributes.

Xu, X., Ruan, Z., Yang, L..  2020.  Facial Expression Recognition Based on Graph Neural Network. 2020 IEEE 5th International Conference on Image, Vision and Computing (ICIVC). :211—214.

Facial expressions are one of the most powerful, natural and immediate means for human being to present their emotions and intensions. In this paper, we present a novel method for fully automatic facial expression recognition. The facial landmarks are detected for characterizing facial expressions. A graph convolutional neural network is proposed for feature extraction and facial expression recognition classification. The experiments were performed on the three facial expression databases. The result shows that the proposed FER method can achieve good recognition accuracy up to 95.85% using the proposed method.

Xu, Xiaojun, Liu, Chang, Feng, Qian, Yin, Heng, Song, Le, Song, Dawn.  2017.  Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. :363–376.

The problem of cross-platform binary code similarity detection aims at detecting whether two binary functions coming from different platforms are similar or not. It has many security applications, including plagiarism detection, malware detection, vulnerability search, etc. Existing approaches rely on approximate graph-matching algorithms, which are inevitably slow and sometimes inaccurate, and hard to adapt to a new task. To address these issues, in this work, we propose a novel neural network-based approach to compute the embedding, i.e., a numeric vector, based on the control flow graph of each binary function, then the similarity detection can be done efficiently by measuring the distance between the embeddings for two functions. We implement a prototype called Gemini. Our extensive evaluation shows that Gemini outperforms the state-of-the-art approaches by large margins with respect to similarity detection accuracy. Further, Gemini can speed up prior art's embedding generation time by 3 to 4 orders of magnitude and reduce the required training time from more than 1 week down to 30 minutes to 10 hours. Our real world case studies demonstrate that Gemini can identify significantly more vulnerable firmware images than the state-of-the-art, i.e., Genius. Our research showcases a successful application of deep learning on computer security problems.

Xu, Xing, Shen, Fumin, Yang, Yang, Shen, Heng Tao.  2016.  Discriminant Cross-modal Hashing. Proceedings of the 2016 ACM on International Conference on Multimedia Retrieval. :305–308.

Hashing based methods have attracted considerable attention for efficient cross-modal retrieval on large-scale multimedia data. The core problem of cross-modal hashing is how to effectively integrate heterogeneous features from different modalities to learn hash functions using available supervising information, e.g., class labels. Existing hashing based methods generally project heterogeneous features to a common space for hash codes generation, and the supervising information is incrementally used for improving performance. However, these methods may produce ineffective hash codes, due to the failure to explore the discriminative property of supervising information and to effectively bridge the semantic gap between different modalities. To address these challenges, we propose a novel hashing based method in a linear classification framework, in which the proposed method learns modality-specific hash functions for generating unified binary codes, and these binary codes are viewed as representative features for discriminative classification with class labels. An effective optimization algorithm is developed for the proposed method to jointly learn the modality-specific hash function, the unified binary codes and a linear classifier. Extensive experiments on three benchmark datasets highlight the advantage of the proposed method and show that it achieves the state-of-the-art performance.

Xu, Y., Wang, H. M., Yang, Q., Huang, K. W., Zheng, T. X..  2017.  Cooperative Transmission for Physical Layer Security by Exploring Social Awareness. 2017 IEEE Globecom Workshops (GC Wkshps). :1–6.

Social awareness and social ties are becoming increasingly fashionable with emerging mobile and handheld devices. Social trust degree describing the strength of the social ties has drawn lots of research interests in many fields including secure cooperative communications. Such trust degree reflects the users' willingness for cooperation, which impacts the selection of the cooperative users in the practical networks. In this paper, we propose a cooperative relay and jamming selection scheme to secure communication based on the social trust degree under a stochastic geometry framework. We aim to analyze the involved secrecy outage probability (SOP) of the system's performance. To achieve this target, we propose a double Gamma ratio (DGR) approach through Gamma approximation. Based on this, the SOP is tractably obtained in closed form. The simulation results verify our theoretical findings, and validate that the social trust degree has dramatic influences on the network's secrecy performance.

Xu, Y., Chen, H., Zhao, Y., Zhang, W., Shen, Q., Zhang, X., Ma, Z..  2019.  Neural Adaptive Transport Framework for Internet-scale Interactive Media Streaming Services. 2019 IEEE International Symposium on Broadband Multimedia Systems and Broadcasting (BMSB). :1–6.
Network dynamics, such as bandwidth fluctuation and unexpected latency, hurt users' quality of experience (QoE) greatly for media services over the Internet. In this work, we propose a neural adaptive transport (NAT) framework to tackle the network dynamics for Internet-scale interactive media services. The entire NAT system has three major components: a learning based cloud overlay routing (COR) scheme for the best delivery path to bypass the network bottlenecks while offering the minimal end-to-end latency simultaneously; a residual neural network based collaborative video processing (CVP) system to trade the computational capability at client-end for QoE improvement via learned resolution scaling; and a deep reinforcement learning (DRL) based adaptive real-time streaming (ARS) strategy to select the appropriate video bitrate for maximal QoE. We have demonstrated that COR could improve the user satisfaction from 5% to 43%, CVP could reduce the bandwidth consumption more than 30% at the same quality, and DRL-based ARS can maintain the smooth streaming with \textbackslashtextless; 50% QoE improvement, respectively.
Xu, Yanli, Jiang, Shengming, Liu, Feng.  2016.  A LTE-based Communication Architecture for Coastal Networks. Proceedings of the 11th ACM International Conference on Underwater Networks & Systems. :6:1–6:2.
Currently, the coastal communication is mainly provided by satellite networks, which are expensive with low transmission rate and unable to support underwater communication efficiently. In this work, we propose a communication architecture for coastal network based on long term evolution (LTE) cellular networks in which a cellular network architecture is designed for the maritime communication scenario. Some key technologies of next-generation cellular networks such as device-to-device (D2D) and multiple input multiple output (MIMO) are integrated into the proposed architecture to support more efficient data transmission. In addition, over-water nodes aid the transmission of underwater network to improve the communication quality. With the proposed communication architecture, the coastal network can provide high-quality communication service to traffics with different quality-of-service (QoS) requirements.
Xu, Ye, Li, Fengying, Cao, Bin.  2019.  Privacy-Preserving Authentication Based on Pseudonyms and Secret Sharing for VANET. 2019 Computing, Communications and IoT Applications (ComComAp). :157—162.
In this paper, we propose a conditional privacy-preserving authentication scheme based on pseudonyms and (t,n) threshold secret sharing, named CPPT, for vehicular communications. To achieve conditional privacy preservation, our scheme implements anonymous communications based on pseudonyms generated by hash chains. To prevent bad vehicles from conducting framed attacks on honest ones, CPPT introduces Shamir (t,n) threshold secret sharing technique. In addition, through two one-way hash chains, forward security and backward security are guaranteed, and it also optimize the revocation overhead. The size of certificate revocation list (CRL) is only proportional to the number of revoked vehicles and irrelated to how many pseudonymous certificates are held by the revoked vehicles. Extensive simulations demonstrate that CPPT outperforms ECPP, DCS, Hybrid and EMAP schemes in terms of revocation overhead, certificate updating overhead and authentication overhead.
Xu, Yilin, Ge, Weimin, Li, Xiaohong, Feng, Zhiyong, Xie, Xiaofei, Bai, Yude.  2019.  A Co-Occurrence Recommendation Model of Software Security Requirement. 2019 International Symposium on Theoretical Aspects of Software Engineering (TASE). :41–48.
To guarantee the quality of software, specifying security requirements (SRs) is essential for developing systems, especially for security-critical software systems. However, using security threat to determine detailed SR is quite difficult according to Common Criteria (CC), which is too confusing and technical for non-security specialists. In this paper, we propose a Co-occurrence Recommend Model (CoRM) to automatically recommend software SRs. In this model, the security threats of product are extracted from security target documents of software, in which the related security requirements are tagged. In order to establish relationships between software security threat and security requirement, semantic similarities between different security threat is calculated by Skip-thoughts Model. To evaluate our CoRM model, over 1000 security target documents of 9 types software products are exploited. The results suggest that building a CoRM model via semantic similarity is feasible and reliable.
Xu, Yizheng.  2020.  Application Research Based on Machine Learning in Network Privacy Security. 2020 International Conference on Computer Information and Big Data Applications (CIBDA). :237—240.
As the hottest frontier technology in the field of artificial intelligence, machine learning is subverting various industries step by step. In the future, it will penetrate all aspects of our lives and become an indispensable technology around us. Among them, network security is an area where machine learning can show off its strengths. Among many network security problems, privacy protection is a more difficult problem, so it needs more introduction of new technologies, new methods and new ideas such as machine learning to help solve some problems. The research contents for this include four parts: an overview of machine learning, the significance of machine learning in network security, the application process of machine learning in network security research, and the application of machine learning in privacy protection. It focuses on the issues related to privacy protection and proposes to combine the most advanced matching algorithm in deep learning methods with information theory data protection technology, so as to introduce it into biometric authentication. While ensuring that the loss of matching accuracy is minimal, a high-standard privacy protection algorithm is concluded, which enables businesses, government entities, and end users to more widely accept privacy protection technology.
Xu, Yonggan, Luo, Jian, Tang, Kunming, Jiang, Jie, Gou, Xin, Shi, Jiawei, Lu, Bingwen.  2019.  Control Strategy Analysis of Grid-connected Energy Storage Converter Based on Harmonic Decomposition. 2019 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia). :1324—1329.

The three-phase grid-connected converter control strategy, which applies to the battery energy storage system, generally ignores the interference of harmonic components in the grid voltage. As a result, it is difficult to meet the practical application requirements. To deal with this problem, it is necessary to optimize and improve the traditional control strategy, taking harmonics into consideration. And its bases are analysis of the harmonic characteristics and study of its control mechanism in the grid-connected converter. This paper proposes a method of harmonic decomposition, classifies the grid voltage harmonics and explores the control mechanism in the grid-connected converter. With the help of the simulation model built by Matlab/Simulink, the comparative simulation of the energy storage control system carried out under the control of the ideal grid voltage input and the actual one, verifies the correctness of the analytical method proposed in the article.

Xu, Z., Zhu, Q..  2018.  Cross-Layer Secure and Resilient Control of Delay-Sensitive Networked Robot Operating Systems. 2018 IEEE Conference on Control Technology and Applications (CCTA). :1712—1717.

A Robot Operating System (ROS) plays a significant role in organizing industrial robots for manufacturing. With an increasing number of the robots, the operators integrate a ROS with networked communication to share the data. This cyber-physical nature exposes the ROS to cyber attacks. To this end, this paper proposes a cross-layer approach to achieve secure and resilient control of a ROS. In the physical layer, due to the delay caused by the security mechanism, we design a time-delay controller for the ROS agent. In the cyber layer, we define cyber states and use Markov Decision Process to evaluate the tradeoffs between physical and security performance. Due to the uncertainty of the cyber state, we extend the MDP to a Partially Observed Markov Decision Process (POMDP). We propose a threshold solution based on our theoretical results. Finally, we present numerical examples to evaluate the performance of the secure and resilient mechanism.

Xu, Z., Shi, C., Cheng, C. C., Gong, N. Z., Guan, Y..  2018.  A Dynamic Taint Analysis Tool for Android App Forensics. 2018 IEEE Security and Privacy Workshops (SPW). :160-169.

The plethora of mobile apps introduce critical challenges to digital forensics practitioners, due to the diversity and the large number (millions) of mobile apps available to download from Google play, Apple store, as well as hundreds of other online app stores. Law enforcement investigators often find themselves in a situation that on the seized mobile phone devices, there are many popular and less-popular apps with interface of different languages and functionalities. Investigators would not be able to have sufficient expert-knowledge about every single app, sometimes nor even a very basic understanding about what possible evidentiary data could be discoverable from these mobile devices being investigated. Existing literature in digital forensic field showed that most such investigations still rely on the investigator's manual analysis using mobile forensic toolkits like Cellebrite and Encase. The problem with such manual approaches is that there is no guarantee on the completeness of such evidence discovery. Our goal is to develop an automated mobile app analysis tool to analyze an app and discover what types of and where forensic evidentiary data that app generate and store locally on the mobile device or remotely on external 3rd-party server(s). With the app analysis tool, we will build a database of mobile apps, and for each app, we will create a list of app-generated evidence in terms of data types, locations (and/or sequence of locations) and data format/syntax. The outcome from this research will help digital forensic practitioners to reduce the complexity of their case investigations and provide a better completeness guarantee of evidence discovery, thereby deliver timely and more complete investigative results, and eventually reduce backlogs at crime labs. In this paper, we will present the main technical approaches for us to implement a dynamic Taint analysis tool for Android apps forensics. With the tool, we have analyzed 2,100 real-world Android apps. For each app, our tool produces the list of evidentiary data (e.g., GPS locations, device ID, contacts, browsing history, and some user inputs) that the app could have collected and stored on the devices' local storage in the forms of file or SQLite database. We have evaluated our tool using both benchmark apps and real-world apps. Our results demonstrated that the initial success of our tool in accurately discovering the evidentiary data.

Xu, Z., Easwaran, A..  2020.  A Game-Theoretic Approach to Secure Estimation and Control for Cyber-Physical Systems with a Digital Twin. 2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS). :20–29.
Cyber-Physical Systems (CPSs) play an increasingly significant role in many critical applications. These valuable applications attract various sophisticated attacks. This paper considers a stealthy estimation attack, which aims to modify the state estimation of the CPSs. The intelligent attackers can learn defense strategies and use clandestine attack strategies to avoid detection. To address the issue, we design a Chi-square detector in a Digital Twin (DT), which is an online digital model of the physical system. We use a Signaling Game with Evidence (SGE) to find the optimal attack and defense strategies. Our analytical results show that the proposed defense strategies can mitigate the impact of the attack on the physical estimation and guarantee the stability of the CPSs. Finally, we use an illustrative application to evaluate the performance of the proposed framework.
Xu, Zhang, Wu, Zhenyu, Li, Zhichun, Jee, Kangkook, Rhee, Junghwan, Xiao, Xusheng, Xu, Fengyuan, Wang, Haining, Jiang, Guofei.  2016.  High Fidelity Data Reduction for Big Data Security Dependency Analyses. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :504–516.

Intrusive multi-step attacks, such as Advanced Persistent Threat (APT) attacks, have plagued enterprises with significant financial losses and are the top reason for enterprises to increase their security budgets. Since these attacks are sophisticated and stealthy, they can remain undetected for years if individual steps are buried in background "noise." Thus, enterprises are seeking solutions to "connect the suspicious dots" across multiple activities. This requires ubiquitous system auditing for long periods of time, which in turn causes overwhelmingly large amount of system audit events. Given a limited system budget, how to efficiently handle ever-increasing system audit logs is a great challenge. This paper proposes a new approach that exploits the dependency among system events to reduce the number of log entries while still supporting high-quality forensic analysis. In particular, we first propose an aggregation algorithm that preserves the dependency of events during data reduction to ensure the high quality of forensic analysis. Then we propose an aggressive reduction algorithm and exploit domain knowledge for further data reduction. To validate the efficacy of our proposed approach, we conduct a comprehensive evaluation on real-world auditing systems using log traces of more than one month. Our evaluation results demonstrate that our approach can significantly reduce the size of system logs and improve the efficiency of forensic analysis without losing accuracy.

Xu, Zheng, Raschid, Louiqa.  2016.  Probabilistic Financial Community Models with Latent Dirichlet Allocation for Financial Supply Chains. Proceedings of the Second International Workshop on Data Science for Macro-Modeling. :8:1–8:6.

There is a growing interest in modeling and predicting the behavior of financial systems and supply chains. In this paper, we focus on the the analysis of the resMBS supply chain; it is associated with the US residential mortgage backed securities and subprime mortgages that were critical in the 2008 US financial crisis. We develop models based on financial institutions (FI), and their participation described by their roles (Role) on financial contracts (FC). Our models are based on an intuitive assumption that FIs will form communities within an FC, and FIs within a community are more likely to collaborate with other FIs in that community, and play the same role, in another FC. Inspired by the Latent Dirichlet Allocation (LDA) and topic models, we develop two probabilistic financial community models. In FI-Comm, each FC (document) is a mix of topics where a topic is a distribution over FIs (words). In Role-FI-Comm, each topic is a distribution over Role-FI pairs (words). Experimental results over 5000+ financial prospecti demonstrate the effectiveness of our models.

Xu, Zheng, Abraham, Jacob.  2019.  Resilient Reorder Buffer Design for Network-on-Chip. 20th International Symposium on Quality Electronic Design (ISQED). :92–97.

Functionally safe control logic design without full duplication is difficult due to the complexity of random control logic. The Reorder buffer (ROB) is a control logic function commonly used in high performance computing systems. In this study, we focus on a safe ROB design used in an industry quality Network-on-Chip (NoC) Advanced eXtensible Interface (AXI) Network Interface (NI) block. We developed and applied area efficient safe design techniques including partial duplication, Error Detection Code (EDC) and invariance checking with formal proofs and showed that we can achieve a desired safe Diagnostic Coverage (DC) requirement with small area and power overheads and no performance degradation.

Xu, Zhiheng, Ng, Daniel Jun Xian, Easwaran, Arvind.  2019.  Automatic Generation of Hierarchical Contracts for Resilience in Cyber-Physical Systems. 2019 IEEE 25th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA). :1–11.

With the growing scale of Cyber-Physical Systems (CPSs), it is challenging to maintain their stability under all operating conditions. How to reduce the downtime and locate the failures becomes a core issue in system design. In this paper, we employ a hierarchical contract-based resilience framework to guarantee the stability of CPS. In this framework, we use Assume Guarantee (A-G) contracts to monitor the non-functional properties of individual components (e.g., power and latency), and hierarchically compose such contracts to deduce information about faults at the system level. The hierarchical contracts enable rapid fault detection in large-scale CPS. However, due to the vast number of components in CPS, manually designing numerous contracts and the hierarchy becomes challenging. To address this issue, we propose a technique to automatically decompose a root contract into multiple lower-level contracts depending on I/O dependencies between components. We then formulate a multi-objective optimization problem to search the optimal parameters of each lower-level contract. This enables automatic contract refinement taking into consideration the communication overhead between components. Finally, we use a case study from the manufacturing domain to experimentally demonstrate the benefits of the proposed framework.

Xu, Zhiheng, Zhu, Quanyan.  2017.  A Game-Theoretic Approach to Secure Control of Communication-Based Train Control Systems Under Jamming Attacks. Proceedings of the 1st International Workshop on Safe Control of Connected and Autonomous Vehicles. :27–34.

To meet the growing railway-transportation demand, a new train control system, communication-based train control (CBTC) system, aims to maximize the ability of train lines by reducing the headway of each train. However, the wireless communications expose the CBTC system to new security threats. Due to the cyber-physical nature of the CBTC system, a jamming attack can damage the physical part of the train system by disrupting the communications. To address this issue, we develop a secure framework to mitigate the impact of the jamming attack based on a security criterion. At the cyber layer, we apply a multi-channel model to enhance the reliability of the communications and develop a zero-sum stochastic game to capture the interactions between the transmitter and jammer. We present analytical results and apply dynamic programming to find the equilibrium of the stochastic game. Finally, the experimental results are provided to evaluate the performance of the proposed secure mechanism.