Collaborative Research: CPS: Medium: Timeliness vs. Trustworthiness: Balancing Predictability and Security in Time-Sensitive CPS Design
Lead PI:
Cong Liu
Abstract

Many cyber-physical systems (CPS) have real-time (RT) requirements. For these RT-CPS, such as a network of unmanned aerial vehicles that deliver packages to customers? homes or a robot that performs/aides in cardiac surgery, deadline misses may result in economic losses or even fatal consequences. At the same time, as these RT-CPS interact with, and are depended on by, humans, they must also be trustworthy. The goal of this research is to design secure RT-CPS that are less complex, easier to analyze, and reliable for critical application domains such as defense, medicine, transportation, manufacturing, and agriculture, to name just a few. Since RT-CPS now permeate most aspects of our daily lives, especially in the smart city and internet-of-things (IoT) context, this research will improve confidence in automated systems by users. Research results will be disseminated to both academia and industry, and permit timely adoption since the hardware required in this research is already publicly available. This project will result in a pipeline of engineers and computer scientists who are well-versed in the interdisciplinary nature of securing RT-CPS, as well as course modules and red-teaming exercises for undergraduate students in all engineering disciplines and interactive learning modules and internship experience for K-12 students in D.C., Detroit, Dallas, and St. Louis.

The goal of this research is to design secure RT-CPS from the ground up while explicitly accounting for physical dynamics of said RT-CPS at runtime to achieve resilience via prevention and detection of, and recovery from, attacks. This will be accomplished by (i) securing the scheduling infrastructure from the ground up, (ii) using a formal framework for trading off security against timeliness while accounting for system dynamics, and for the cost of security to be explicitly quantified, and (iii) performing state- and function-dependent on-demand recovery. Said RT-CPS will be able to proactively prevent attacks using moving target defenses, as well as detect and recover from attacks that cannot be avoided. This research will pave the way for RT-CPS and internet-of-things (IoT) to be implemented with confidence: their timely and correct operation guaranteed. Specific contributions of this research are: (i) a trusted scheduling infrastructure that can protect the integrity of the real-time tasks, the scheduler, its task queues, and I/O, and which can recover from (intentional) errors, (ii) a probabilistic real-time/security co-design framework that exploits trusted execution to protect the security of the real-time tasks, (iii) novel schedulability analysis techniques, (iv) an incremental recovery mechanism for continuous operation, and (v) validation on automated ground vehicles, drones, and robot arms. Contributions expanding the knowledge base will be made to the fields of CPS, IoT, real-time systems, security, and control systems.

Performance Period: 07/01/2022 - 01/31/2024
Institution: University of California-Riverside
Award Number: 2230969