Complex engineered systems that can adapt to their environments while maintaining safety guarantees are crucial in many applications including Internet-of-Things, transportation, and electric power systems. The primary objective of this project is to develop a scalable design methodology to control very large collections of systems to achieve common objectives despite cyber and physical constraints. As an application, the electric load control problem, in which the goal is to coordinate the power consumption of thousands of small electric loads like air conditioners and refrigerators to help the grid balance supply and demand without inconveniencing electricity consumers and while respecting the physical limitations of the power distribution network, will be considered. The research results will support the integration of more wind and solar power, improving the grid's environmental and health impacts. Education and outreach activities will involve K-12, undergraduate, and graduate students along with stakeholders from local power companies. The key characteristics of the problems considered are a large number of dynamically almost decoupled systems. Each system has their local requirements and constraints and they are coupled through requirements about their collective behavior. A bi-level control architecture will be developed that can handle soft performance requirements and allow adaptability at the upper-level, and that guarantees the satisfaction of hard safety requirements at the lower-level. The lower-level will exploit structural properties symmetries of the systems and requirements, in particular, permutation invariance, to enable highly scalable synthesis methods to ensure safety. The upper-level will leverage adaptation/learning to improve system performance when control inputs are overridden for the purpose of safety.

This research examines the scientific foundations for modeling security and privacy trade-offs in cyber-physical systems, focusing in particular on settings where privacy-protection technologies might be abused by malicious parties to hide their attacks. The goal is to provide both security and privacy guarantees for a variety of cyber-physical systems including intelligent transportation systems, smart energy, and autonomous vehicles. Privacy and security in cyber-physical systems have been studied independently before, but often they have not been addressed jointly. This project will study privacy-protection mechanisms such as differential privacy, and explore how using such mechanisms can affect the state-of-art integrity and attack-detection mechanisms. The project will also develop novel defenses including: 1) Identifying fundamental trade-offs between privacy and security based theoretical analyses of privacy, control theory, and optimization methods, with applications such as traffic-density estimation and smart grids; 2) incorporating game-theoretic considerations in analyzing adversarial strategies; and 3) Proposing new privacy-preserving techniques applicable in cyber-physical systems and beyond.

This project tackles the following question: "Can a network of mutually-distrusting devices perform resilient inference and computation while detecting anomalous behaviors despite heterogeneity in the types of data they sense, the networking technologies they use and their computational capabilities?" The context is the increasingly pervasive Internet of Things (IoT) with low-power end users or sensors relying on edge devices to process their data, and possibly the cloud. However, IoT brings forth a unique challenge, namely, the extreme heterogeneity at multiple levels: data sensed, communication technologies used (WiFi, Bluetooth, Zigbee), and computational capabilities, making it particularly vulnerable to security threats. The goal of this project is to develop a resilient IoT system and applications, with a focus on distributed inference and computing in the presence of threats, from injection of anomalous data to impersonation of the sensors themselves. The system will be demonstrated at scale through a heterogeneous and sensor-rich campus-scale IoT deployment. The proposed testbed offers a rich platform to engage Masters and undergraduate students as well as high-schoolers through outreach programs at the Carnegie Mellon University, e.g., Engineering@CMU, SPARK Saturday, and Project Ignite. Specifically, the project aims to develop novel methodological foundations and a cross-layer system design for secure distributed computing and inference and anomaly detection in the IoT. The proposed approach exploits heterogeneous sensing data at the end-user agents and their interaction with edge devices, to provide resilience to broad classes of Byzantine adversarial scenarios and Sybil attacks. The proposed distributed algorithms yield guarantees on attaining desired computation and inference objectives under broad conditions on the data and sensing models and inter-agent connectivity. To defend against Sybil attacks that violate standard assumptions for Byzantine fault tolerance, the project aims to develop a technology-agnostic wireless fingerprinting based solution to detect anomalous devices and transmissions. The proposed solution involves a novel design of a deep neural network to extract wireless fingerprints cutting across radio technologies.

Due to low operating cost and patient safety, ultrasound is widely accepted as one of the best forms of medical imaging compared to similar technologies, such as Computer Tomography (CT) scans or Magnetic Resonance Imaging (MRI). Still, there can be large variability in image quality obtained by different experts imaging the same patient, which can affect successful diagnosis and patient treatment. This problem becomes even more pronounced across patients. Consequently, to decrease this variability this project will develop imaging techniques that are not passive but are based on real-time ultrasound beam control and adaptation, while facilitating best use of operator expertise to obtain the most informative images. Such new active ultrasound systems, where expert users with varying levels of training interact with a smart ultrasound device to improve medical imaging and facilitate diagnosis, will provide significant performance gains compared to present systems that are only manually controlled. This project will also have a significant societal impact in accurate, safe, and cost-effective diagnosis of many medical conditions, such as cancers or liver fibrosis. For instance, the use of such systems for breast cancer diagnosis will significantly reduce the number of unnecessary biopsies, which currently cost more than $1 billion annually in the US alone. At the same time this technology can enable a variety of other imaging applications that rely on different forms of ultrasound, such as mapping of the heart chambers using Doppler ultrasound or identifying the mechanical properties of materials in structures for failure prognosis. Specifically, the goal of this project is the development of an active ultrasound system where user expertise is employed to refine the control process, while autonomous elasticity (or viscoelasticity) mapping improves image quality and allows human operator to best use their skills for both optimization and diagnosis. The project's research products include: (i) data fusion techniques for ultrasound elastography; (ii) methods for interactive ultrasound elastography; and (iii) framework for safe and efficient device implementation. The ultrasound system will be validated on a test-bed based on suitable laboratory phantoms and real-time control of existing ultrasound devices. Investigators will focus on the unique aspects of this novel paradigm that, compared to existing methods, include: (1) new active, user-machine, imaging techniques improving on the characterization of the mechanical properties of tissue; and (2) the systematic transition of algorithms and user interfaces to embedded computers for safe execution by the device. This requires overcoming intellectual challenges related to the integration of visco-elastography mapping and human-on-the-loop ultrasound control, as well as synthesis of new theoretical results drawing from computational mechanics, controls and estimation, and embedded systems design. The project also has extensive education and outreach components, including curriculum development focused on design of safety-critical medical cyber-physical systems that exhibit highly dynamical system behaviors and plant uncertainty, human interactions, and the need for real-time implementation. The outreach component of this project will also improve the pre-college students' awareness of the potential and attractiveness of a research and engineering career.

This research examines the scientific foundations for modeling security and privacy trade-offs in cyber-physical systems, focusing in particular on settings where privacy-protection technologies might be abused by malicious parties to hide their attacks. The goal is to provide both security and privacy guarantees for a variety of cyber-physical systems including intelligent transportation systems, smart energy, and autonomous vehicles. Privacy and security in cyber-physical systems have been studied independently before, but often they have not been addressed jointly. This project will study privacy-protection mechanisms such as differential privacy, and explore how using such mechanisms can affect the state-of-art integrity and attack-detection mechanisms. The project will also develop novel defenses including: 1) Identifying fundamental trade-offs between privacy and security based theoretical analyses of privacy, control theory, and optimization methods, with applications such as traffic-density estimation and smart grids; 2) incorporating game-theoretic considerations in analyzing adversarial strategies; and 3) Proposing new privacy-preserving techniques applicable in cyber-physical systems and beyond.

Nowadays, anyone can buy and put together sensors, actuators, and computation components, but typically only highly trained engineers are able to compose systems that can autonomously perform complex tasks. This project makes the design of cyber-physical systems (CPS) accessible to anyone by creating computational tools that enable people to choose a set of building blocks and define what a system should do. The tools then automatically create a simple and easy to understand description of how to assemble the components and provide the control needed to accomplish the task. If the task cannot be done with a single system, the tools provide either multiple systems that need to be assembled and/or explanations as to why the task cannot be done, for example due to physical constraints. The project includes designing a competition to accelerate the development of design tools, and mentoring of students from underrepresented groups. Inspired by advances in program synthesis, control synthesis and modular CPS, this project (i) defines formal specifications and synthesis processes for CPS whose task requires motion in the physical environment, and (ii) creates automated design tools that synthesize both the structure and control of the CPS and that guarantee either full or partial task satisfaction. The formalisms and tools are based on the Syntax-Guided Synthesis (SyGuS) paradigm where the design space is reduced by considering additional structure and leverages computational methods from satisfiability-modulo-theories (SMT) solvers to program synthesis tools, inverse kinematics solvers, motion planners and design optimization. The tools are evaluated on two physical and two simulated platforms.

Due to low operating cost and patient safety, ultrasound is widely accepted as one of the best forms of medical imaging compared to similar technologies, such as Computer Tomography (CT) scans or Magnetic Resonance Imaging (MRI). Still, there can be large variability in image quality obtained by different experts imaging the same patient, which can affect successful diagnosis and patient treatment. This problem becomes even more pronounced across patients. Consequently, to decrease this variability this project will develop imaging techniques that are not passive but are based on real-time ultrasound beam control and adaptation, while facilitating best use of operator expertise to obtain the most informative images. Such new active ultrasound systems, where expert users with varying levels of training interact with a smart ultrasound device to improve medical imaging and facilitate diagnosis, will provide significant performance gains compared to present systems that are only manually controlled. This project will also have a significant societal impact in accurate, safe, and cost-effective diagnosis of many medical conditions, such as cancers or liver fibrosis. For instance, the use of such systems for breast cancer diagnosis will significantly reduce the number of unnecessary biopsies, which currently cost more than $1 billion annually in the US alone. At the same time this technology can enable a variety of other imaging applications that rely on different forms of ultrasound, such as mapping of the heart chambers using Doppler ultrasound or identifying the mechanical properties of materials in structures for failure prognosis. Specifically, the goal of this project is the development of an active ultrasound system where user expertise is employed to refine the control process, while autonomous elasticity (or viscoelasticity) mapping improves image quality and allows human operator to best use their skills for both optimization and diagnosis. The project's research products include: (i) data fusion techniques for ultrasound elastography; (ii) methods for interactive ultrasound elastography; and (iii) framework for safe and efficient device implementation. The ultrasound system will be validated on a test-bed based on suitable laboratory phantoms and real-time control of existing ultrasound devices. Investigators will focus on the unique aspects of this novel paradigm that, compared to existing methods, include: (1) new active, user-machine, imaging techniques improving on the characterization of the mechanical properties of tissue; and (2) the systematic transition of algorithms and user interfaces to embedded computers for safe execution by the device. This requires overcoming intellectual challenges related to the integration of visco-elastography mapping and human-on-the-loop ultrasound control, as well as synthesis of new theoretical results drawing from computational mechanics, controls and estimation, and embedded systems design. The project also has extensive education and outreach components, including curriculum development focused on design of safety-critical medical cyber-physical systems that exhibit highly dynamical system behaviors and plant uncertainty, human interactions, and the need for real-time implementation. The outreach component of this project will also improve the pre-college students' awareness of the potential and attractiveness of a research and engineering career.

Fisheries employ 260 million people globally and fish are a primary animal protein source for roughly 40% of the world's population. Fishing effort has increased worldwide over the past few decades, leading to concerns over the incidental capture (termed "bycatch") of non-target species, especially endangered species such as sea turtles, sharks, and marine mammals. Globally, bycatch of sea turtles is especially problematic as recent estimates suggest that hundreds of thousands of turtles are killed annually in fishing gear, representing the greatest known threat to their continued survival. This project addresses this problem through cyber-physical system-enabled technologies. This project builds on an observation about fish behavior that species respond differently to the light spectrum and that can be used to modulate their behaviors. This smart nets project extends that observation to determine signatures for sensing modalities of different species. The intent is to develop fishing gear, specifically fishing nets, that can deter non-target species. The project uses machine learning to determine effective cues, e.g., light and sound that uses the least amount of power possible to prevent an endangered species from capture in the nets without decreasing the fishermen's target catch. Using underwater cameras with standard video, infrared, and sonar to monitor species behavior to various signatures, it builds a database of the responses for each species under varying oceanic environment conditions. The project plans large-scale follow-up studies in partnership with the National Oceanic and Atmospheric Administration (NOAA). This research on CPS technology for the fishing industry will be invaluable to the design of the next-generation of CPS-enabled fishing nets.

The nation's critical infrastructures are increasingly dependent on systems that use computers to control vital physical components, including water supplies, the electric grid, airline systems, and medical devices. These are all examples of Cyber-Physical Systems (CPS) that are vulnerable to attack through their computer systems, through their physical properties such as power flow, water flow, chemistry, etc., or through both. The potential consequences of such compromised systems include financial disaster, civil disorder, even the loss of life. The proposed work significantly advances the science of protecting CPS by ensuring that the systems "do what they are supposed to do" despite an attacker trying to make them fail or do harm. In this convergent approach, the key is to tell the CPS how it is supposed to behave and build in defenses that make sure each component behaves and works well with others. The proposed work has a clear transition to industrial practice. It will also enhance education and opportunity by opening up securing society as a fascinating discipline for K-12 students to follow. The objective of the proposed project is to produce, from untrusted components, a trusted Cyber-physical system (CPS) that is resilient to security attacks and failures. The approach will rely on information flows in both the cyber and physical subsystems, and will be validated experimentally on high fidelity water treatment and electric power CPS testbeds. The project brings together concepts from distributed computing, control theory, machine learning, and estimation theory to synthesize a complete mitigation of the security and operational threats to a CPS. The proposed method's key difference from current methods is that security holes will be identified and plugged automatically at system design time, then enforced during runtime without relying solely on secure boundaries or firewalls. The system will feature the ability to identify and isolate a malfunctioning device or cyber-physical intrusion in real-time by validating its operation against fundamental scientific/engineering principles and learned behavior. A combined mathematical/data science approach will be used to generate governing invariants that are enforced at system runtime. Invariants are a scientific approach grounded in the system's physics coupled with machine learning and real-time scheduling approaches embedded in the CPS. Robust state estimation will account for errors in measurement and automated security domain construction and optimization to reduce the cost of evaluation without sacrificing coverage. The successful outcome of this research will lead to improved national security across various CPS infrastructures which, in turn, will improve economic and population health and security. The work can be taken to industry for deployment in critical infrastructures. The project will stimulate interest in Science, Technology, Engineering and Mathematics (STEM) through the development of a water-themed tabletop exercise for K-12 and helping current college students develop an interest in outreach through the experiential learning aspects of developing the tabletop exercise.

The goal of this project is improved situation awareness for autonomous vehicles across many different networks. The approach is new theory and abstractions for systems where potentially moving physical systems join and leave the network at a high rate. Making these kinds of cyber-physical systems (CPS) efficient and safe requires leveraging the sensor information from other proximate vehicles over the network: this will enable vehicles to have much higher situational awareness--effectively seeing around corners. However, computation must be performed fast enough to accurately control the physical system, and coordination over networks makes this even more challenging. The research program is paired with an educational initiative integrated into the extensive mentoring program of the researchers, with an emphasis on involving students of diverse backgrounds. This project investigates CPSEdge, a software platform deployed at the network "edge", which aggregates sensor information from nearby vehicles, and intelligently shares resulting plans of action. CPSEdge leverages its network proximity to vehicles, and is carefully designed to reply to vehicles fast enough to keep up with a quickly changing physical environment. The tools and techniques developed for CPSEdge will offer greater situational awareness to autonomous vehicles, and improve the responsiveness, reliability, and security of the software platforms that manage them. CPSEdge is built on a new process abstraction that is lightweight and can scale up to very large systems, even under significant churn, while providing increased reliability and security. This abstraction is managed by the CPSEdge system to ensure that the requisite computation is conducted in real-time with the physical system. Sensor data will be fused to generate a probabilistic model of the environment, providing global planning for nearby vehicles.