Machine learning has found many successes in modern commercial application domains like computer vision, speech analysis, and natural language processing. However, its broader use in critical infrastructure cyber-physical systems (CI-CPS), such as, energy, water, transportation, and oil and natural gas systems, has been far less than ideal. This is mainly due to concerns with the reliability of existing machine learning techniques and the lack of explainability of the learned models. Moreover, CI-CPS often borrow techniques directly from commercial applications that fail to consider physical and topological constraints inherent in these systems. Security of machine learning has been extensively studied recently, revealing vulnerabilities of machine learning models and the effectiveness in deviating learning outcomes by polluting the model input. This is especially devastating in CI-CPS where learning is used for safety-critical operations and such deviation can cause irreversible harm to people and physical assets. Secure machine learning that models unique CI-CPS constraints is thus a much needed research area and is the focus of this project.
This proposal intersects three fields - security, machine learning, and CI-CPS - to enhance the safety and resiliency of essential infrastructures in modern society. We use two CI-CPS, power systems and transportation systems, as target application domains to illustrate the general applicability of the proposed approach. The proposed work is carried out by four research tasks. First, the project will devise a suitable threat model under which adversarial machine learning attacks, ConAML, are developed subject to CI-CPS constraints. Second, the project will propose a mitigation method for ConAML attacks by introducing random input padding in both training and inference. Third, the project will propose a new ?data-representation-model-task? association framework that realizes secure constrained machine learning from ground up, by designing a variation Dirichlet-network that bridges the input data with machine learning models in the representation space instead of the raw data space. Lastly, the project team will apply the proposed secure constrained machine learning to electric load forecasting and traffic forecasting, implement these applications in testbeds, and evaluate their security and performance under ConAML attacks. The proposed research seeks to improve the security, reliability and resiliency of CI-CPS. It contributes to the knowledge base of secure machine learning for CI-CPS, and applies to all safety-critical large interconnected CPS. The multi-disciplinary nature of the proposed work lends itself to cross-disciplinary education and training of future scientists and engineers.
Off
University of Tennessee Knoxville
-
National Science Foundation
Submitted by Jason Gigax on November 9th, 2023