Despite a long-standing effort on the automation in the care of critically ill patients, prior automation capabilities have not been suitably mature for real-world use due to a few limitations: (1) the decisions/actions of the automation could not be easily interpreted by clinicians, preventing clinicians' effective interaction with and supervision of the automation for safe patient care; (2) the automation was designed to perform a particular task of interest without accounting for the overall physiological state of the patient; (3) multiple automation functions were not often coordinated to avoid possible conflicts in patient treatment; (4) automation was prone to errors in the medical devices; and (5) regulatory science for evaluation and approval of safety-critical automation capabilities was lacking. This research program seeks to address these fundamental challenges by studying novel methodologies for (1) mathematically representing the patient physiology in a way to facilitate the interpretation of clinicians and (2) designing automation capabilities that can facilitate clinician interaction and supervision, coordination of multiple treatment goals and functions, and resilience to device errors and faults. In addition, this research program will benefit society and Science, Technology, Engineering and Mathematics (STEM) education by creating a wide range of automation systems that can improve the quality of care of critically ill patients, expediting the deployment of new medical devices with advanced automation capabilities, facilitating the evaluation and approval of emerging healthcare automation capabilities, and training STEM workforce especially from underrepresented minorities. With the long-term vision of enabling interpretable white-box autonomy in healthcare by advancing generalizable methodologies for medical cyber-physical systems (M-CPS), the objective of this CAREER program is to investigate physiological modeling, coordinated and resilient multivariable closed-loop control, and regulatory science methodologies in circulatory resuscitation. An integrated research, education, and outreach program is proposed to achieve this objective. On the research front, physiological modeling and closed-loop control methodologies applicable to white-box autonomy in a wide range of circulatory resuscitation scenarios will be investigated. Specifically, generalizable methodologies for (1) patient physiology and pharmacology modeling and (2) coordinated and resilient multivariable closed-loop control will be developed. The value of these methodologies will be demonstrated by developing interpretable white-box physiological closed-loop control algorithms for circulatory resuscitation. On the education and outreach front, members of the next-generation M-CPS workforce will be trained and regulatory science for evaluating critical care autonomy capabilities will be advanced. Specifically, (1) graduate, undergraduate, and K-12 students will be attracted into STEM and M-CPS, (2) collaboration with the US Food and Drug Administration will be performed to investigate testing methodologies and tools for physiological models and closed-loop M-CPS via its Medical Device Development Tools Program, and (3) newly created knowledge will be disseminated to further advance M-CPS research and education.

Traditional cyber-physical systems operate in heavily constrained and controlled environments with limited exposure to unexpected changes and uncertainties. Examples include robots operating on manufacturing assembling-lines and cyber-physical control systems of chemical plants. The model-based design paradigm, where design, implementation and verification are all guided by mathematical models of the system, has proven to be very successful in building such non-adaptive cyberphysical systems and proving their safety. The recent success of data-driven approaches based on the collection of a large amount of data followed by learning and inference has enabled modern cyberphysical systems to be more adaptive. Examples include self-driving cars and warehouse robots. Learning algorithms embedded in these systems allow them to learn as they execute and modify their behavior as needed. Such systems are capable of a wide range of non-preprogrammed behaviors. But this creates a new challenge. Model-based design paradigm is no longer sufficient. Formal guarantees on safety, robustness or improvement in performance are difficult to establish since the system evolution is no longer static; instead, it is data-driven and guided by the system's dynamic experience. The goal of this project is to build and evaluate a formal framework that combines data-driven and model-based development of adaptive cyber-physical systems. This project develops a new approach for designing safe, data-driven, and model-based adaptive cyber-physical systems (CPS). Model-based techniques are used initially to bootstrap the system and find the most liberal safety envelope for the system. A combination of design robustness and runtime monitoring of quantitatively-interpreted rich temporal logic is used to keep the system within the safety envelope. Data-driven techniques are used to actively explore, adapt, and improve system performance while constraining the system behavior to lie within the safety envelope. New data is summarized by tight learning of temporal logic properties from it; the learned logical specification is, in turn, used to guide active exploration. The key advances in this project include (a) data as model paradigm, where data from past runs is treated as a first-class object in the design of CPS, (b) tight learning from positive-only examples, where previous runs (that are all safe runs, and hence provide only positive examples) are summarized into rich temporal logic formulae, (c) safety envelope synthesis for robustness-metric guided monitoring and optimization of system performance within the envelope, (d) data-driven extensions of model-based control, where data is used to extend classical model-predictive control, and (e) active exploration, where an adaptive CPS actively executes some safe manoeuvres solely for the purpose of improving its knowledge and performance.

In urban environments, signalized intersections are a major cause of congestion since their actual capacity is very low. Autonomous vehicles are a possible leap forward: by receiving coordinated guidance information from the intersection system itself, these vehicles could navigate through the intersections with minimal speed reduction or wait times, resulting in far more efficient intersections. These smart intersections can reduce wait times by orders of magnitude, though they only work if all vehicles are autonomous: the presence of even one percent of non-autonomous vehicles would negate almost all benefits. This project investigates augmented reality technology as a scalable means of improving flow through these smart intersections by coordinating human driven vehicles with autonomous vehicles, maximizing intersection throughput while minimizing collision risks. This research will benefit the U.S. economy by providing an inexpensive, scalable way of reducing congestion without the need to ban human-driven forms of transport (pedestrians, bicycles), and without the cost of having only autonomous vehicles. This research is at the interface of several disciplines including transportation engineering, control theory and human factors. The guidance of human-driven vehicles is critical to improve the capacity of future smart intersections safely. While these intersections show considerable potential benefit in a fully automated world, their performance strongly degrades if even a few vehicles are human-driven. Given a high penetration of augmented reality devices (smart glasses), and measurement data from human-driven and autonomous vehicles, including the predicted paths of autonomous vehicles, can human-driven vehicles be guided through a smart intersection as quickly and safely as possible? The answer requires one to simultaneously solve real-time estimation and control problems, in a dynamic environment, with uncertain actuation given the performance of humans. The project develops efficient algorithms to learn the expected performance of each driver. The routing of vehicles in a reservation-based intersection system takes into account human behavior and the physical limitations of vehicles. Strategies are developed to effectively communicate guidance information to drivers in a mixed-reality setting. These results will be validated on an experimental setup involving vehicles driven by humans and equipped with augmented reality devices. This project is jointly supported with the Department of Transportation.

Next generation Cyber-Physical Systems (CPS), such as automotive systems, require tight integration between the software and the physical world to satisfy the ever-increasing requirements. Unintended behaviors of such cyber-physical systems might lead to loss of property or worse scenarios and hence should be avoided by performing formal analysis of CPS. Such analysis is challenging as the tools for reasoning about the physical world primarily use real-analysis and algebra whereas the tools for reasoning about software uses discrete mathematics and algorithms. Traditional approaches for formal analysis of CPS primarily use algebra, which do not scale well with the increase in the number of variables. This project explores a new algorithmic framework for rigorously reasoning about cyber-physical systems by bridging the gap between the algebraic properties of the physical world and algorithmic foundations of the software. The techniques developed in this project will exploit the property of superposition principle that is widely observed in the physical world. By analyzing a sample set of behaviors of CPS, these algorithms can infer properties of a large subset of all possible behaviors. The project extends safety verification techniques to linear systems with inputs and parameters, and develops a new notion of counterexample for safety violations of state feedback controllers. The investigators explore a simulation-guided synthesis framework for synthesizing a controller that meets both safety and liveness specifications. The investigator will incorporate research results into undergraduate and graduate classes to introduce students to embedded systems and control design. Additionally, the algorithms and software developed in this project will be disseminated broadly.

Many emerging Internet-connected devices are not personal computers. They are special-purpose commodity consumer electronic devices such as, for example, smart thermostats and smart door locks. Collectively, these devices are known as the Internet of Things (IoT). They are increasingly used in smart homes, smart cities, intelligent transportation systems, industrial networks and more. The promise of IoT is to improve the quality of everyday life and make society more productive. IoT devices however are not without technological and societal risk. The technological risk derives in part from software and security vulnerabilities. The vast diversity and number of IoT devices make overall consistency problematic and contribute to various inefficiencies. There are risks over the life cycle of some deployed IoT devices that their software may never be patched and their hardware never repaired; i.e., these devices will effectively remain vulnerable indefinitely. The societal risk derives in part from the massive data that is now possible to collect using IoT devices from most anywhere, which violate privacy norms. Moreover, compromised IoT devices might serve as a large-scale highly distributed platform to flood the Internet, disrupting many vital services for society. This project develops technologies that ensure that IoT deployments remain secure and protect user privacy in the face of the widespread deployment of connected smart devices. Network-based defenses against common attacks and device owners' ability to inspect, audit, control and share data are essential capabilities to mitigating technological and societal risks. This project focuses: (1) protecting the devices from vulnerabilities that are often introduced through the use of untrusted software libraries, (2) detecting when devices exhibit anomalous behavior that would suggest an unauthorized data leak or device compromise, relying on statistical anomaly detection of network traffic patterns, and (3) controlling unwanted data leaks and attacks in the network using network firewall rules, outputs from these anomaly detection systems, and software systems that let the owners of these devices inspect and determine the data sent and received. This project advances the theory and practice of network traffic analysis, anomaly detection, and secure segmentation of networks that ensure IoT deployments remain secure despite insecure connected devices.

In urban environments, signalized intersections are a major cause of congestion since their actual capacity is very low. Autonomous vehicles are a possible leap forward: by receiving coordinated guidance information from the intersection system itself, these vehicles could navigate through the intersections with minimal speed reduction or wait times, resulting in far more efficient intersections. These smart intersections can reduce wait times by orders of magnitude, though they only work if all vehicles are autonomous: the presence of even one percent of non-autonomous vehicles would negate almost all benefits. This project investigates augmented reality technology as a scalable means of improving flow through these smart intersections by coordinating human driven vehicles with autonomous vehicles, maximizing intersection throughput while minimizing collision risks. This research will benefit the U.S. economy by providing an inexpensive, scalable way of reducing congestion without the need to ban human-driven forms of transport (pedestrians, bicycles), and without the cost of having only autonomous vehicles. This research is at the interface of several disciplines including transportation engineering, control theory and human factors. The guidance of human-driven vehicles is critical to improve the capacity of future smart intersections safely. While these intersections show considerable potential benefit in a fully automated world, their performance strongly degrades if even a few vehicles are human-driven. Given a high penetration of augmented reality devices (smart glasses), and measurement data from human-driven and autonomous vehicles, including the predicted paths of autonomous vehicles, can human-driven vehicles be guided through a smart intersection as quickly and safely as possible? The answer requires one to simultaneously solve real-time estimation and control problems, in a dynamic environment, with uncertain actuation given the performance of humans. The project develops efficient algorithms to learn the expected performance of each driver. The routing of vehicles in a reservation-based intersection system takes into account human behavior and the physical limitations of vehicles. Strategies are developed to effectively communicate guidance information to drivers in a mixed-reality setting. These results will be validated on an experimental setup involving vehicles driven by humans and equipped with augmented reality devices. This project is jointly supported with the Department of Transportation.

A vibrant and healthy wireless network edge is essential to the modern economy. New technologies such as the Internet of Things, self-driving vehicles, and a host of new automation technologies rely on robust, high-speed wireless technology for operation. Unfortunately, the demand for wireless connectivity has far outstripped the amount of wireless spectrum available. Using more spectrum and improving spectral efficiency are some longer-term solutions. A more immediate approach is to explore how to flatten the demand curve - reducing peak demands through aggressive time shifting and content caching. The focus of this research is to explore how the free storage space that sits unused on mobile devices can be leveraged by content providers and network operators to radically improve wireless performance. In short, the research seeks to push data during idle network times to avoid overloads during peak times. Whether it is a crowded sporting event or a crowded subway station, the intended result of the work is mobile devices that download data more quickly while operating with longer battery lifetimes. The work seeks to make wireless network performance in crowded venues remarkably better. In this work, free space on mobile devices is made securely writable by trusted content providers and network operators, effectively allowing the network operator to push content dynamically to a device. The mechanisms and trade-offs that occur in large scale wireless systems (WiFi, cellular) present numerous challenges with respect to how and when to push content to the devices such that there is a net gain to overall wireless network system health. The work proposes to develop the architecture which seeks to allow devices in tandem with the network to sense redundant content. Mobile devices and the network operator constantly monitor and detect redundancy, triggering thresholds by which redundant content is efficiently pushed appropriately in the network through D2D (device to device) sharing and targeted broadcasts. Content is pre-staged during network idle periods or high bandwidth opportunities to time shift, improving the perceived Quality of Experience of the user in both responsiveness and efficiency. The project will develop prototype apps, create a Software Development Kit for Android and iOS, and conduct robust evaluations in demanding, dense environments.

Modern societies are witnessing the prevalence of a wide assortment of distributed cyber-physical systems (CPS) built upon network infrastructure. International standards for mission-critical CPS applications, such as industrial process control systems and avionics, require their network infrastructure to provide deterministic delay performance. However, the problem of integrating CPS theoretical concepts with real-world network performance remains largely unexplored. This project addresses this open problem so that feedback control CPS in network-challenged spaces can be analyzed formally. The project result can be applied to many other CPS application domains involving real-time control and adaptation, such as vehicular control and communication systems, industrial process control, and network-on-chip systems. Broader impacts include developing publicly-available open-source software for the research community and educating a wide spectrum of audience, from high-school and undergraduate students to academic and industry researchers, by offering seminars and tutorials and organizing a workshop with strategies to maximize the participation of under-represented groups. The main goal of this project is to establish a systematic approach to the design, characterization, and refinement of network infrastructure in CPS as a breakthrough result for designing and implementing CPS with time-critical tasks. Different from existing studies relying on predefined or presumed device/system specifications, the new approach balances theoretical analyses with empirical evaluations by exploring network-calculus-based modeling of networking devices and traffic sources from measurements. This project also focuses on non-feedforward networks, in contrast to state-of-the-art methods targeting feedforward networks, and includes investigation of compositional, algebraic, and optimization-based approaches to delay performance analysis of non-feedforward networks and research on identification and mitigation of delay performance bottlenecks in networked CPS. This project will use PLC (Programmable Logic Controller)-based industrial automation systems for case studies, not only demonstrating the usage and capabilities of the systematic approach but also providing reference implementation of related algorithms.

The goal of this research is to enable a broad spectrum of programmers to successfully create apps for distributed computing systems including smart and connected communities, or for systems that require tight coordination or synchronization of time. Creating an application for, say, a smart intersection necessitates gathering information from multiple sources, e.g., cameras, traffic sensors, and passing vehicles; performing distributed computation; and then triggering some action, such as a warning. This requires synchronization and coordination amongst multiple interacting devices including systems that are Internet of Things (IoT) devices that may be connected to safety critical infrastructure. Rather than burden the programmer with understanding and dealing with this complexity, we seek a new programming language, sensor and actuator architecture, and communications networks that can take the programmer's statements of "what to do" and "when to do", and translate these into "how to do" by managing mechanisms for synchronization, power, and communication. This approach will enable more rapid development of these types of systems and can have significant economic development impact. The proposed approach has four parts: (1) creating a new programming language that embeds the notion of timing islands -- groups of devices that cooperate and are occasionally synchronized; (2) creating a network-wide runtime system that distributes and coordinates the action of code blocks -- portions of the program -- across devices; (3) extending the capabilities of communication networks to improve the ability to synchronize devices and report the quality of synchronization back to the runtime system, enabling adaptive program behavior; and (4) extending device hardware architecture to support synchronization and time-respecting operation.

The goal of this research is to enable a broad spectrum of programmers to successfully create apps for distributed computing systems including smart and connected communities, or for systems that require tight coordination or synchronization of time. Creating an application for, say, a smart intersection necessitates gathering information from multiple sources, e.g., cameras, traffic sensors, and passing vehicles; performing distributed computation; and then triggering some action, such as a warning. This requires synchronization and coordination amongst multiple interacting devices including systems that are Internet of Things (IoT) devices that may be connected to safety critical infrastructure. Rather than burden the programmer with understanding and dealing with this complexity, we seek a new programming language, sensor and actuator architecture, and communications networks that can take the programmer's statements of "what to do" and "when to do", and translate these into "how to do" by managing mechanisms for synchronization, power, and communication. This approach will enable more rapid development of these types of systems and can have significant economic development impact. The proposed approach has four parts: (1) creating a new programming language that embeds the notion of timing islands -- groups of devices that cooperate and are occasionally synchronized; (2) creating a network-wide runtime system that distributes and coordinates the action of code blocks -- portions of the program -- across devices; (3) extending the capabilities of communications networks to improve the ability to synchronize devices and report the quality of synchronization back to the runtime system, enabling adaptive program behavior; and (4) extending device hardware architecture to support synchronization and time-respecting operation.