This grant provides funding for establishing the scientific foundations of a product innovation process that can engage a vastly larger pool of talent to generate new ideas and to create new cyber-physical products. The primary objective is to address fundamental issues pertaining to natural interfaces, behavioral modeling and secure knowledge sharing, with particular emphasis on their integration. This objective will be achieved by pursuing the following three aims: (1) reducing barriers to participation in product innovation through natural interfaces between physical and virtual domains, (2) reducing barriers to model-based engineering in community-based product development, (3) overcoming information-related impediments to collaboration and information sharing. The findings will be embodied in a proof-of-concept cyber-physical platform for creative design and prototyping. The results of this research hold promise for a new conceptualization of a cyber-physical infrastructure, building on the developments in natural interfaces and information security. The specific outcomes include: (a) well-founded methods for 3D design support of cyber-physical products, and their software embodiment in a natural user interface, (b) techniques and middleware to support model-based engineering in virtual community-based product development, and (c) techniques and protocols for minimum disclosure interactions, quality of inputs assurance, provenance and integrity, and usage control for virtual design and making of cyber-physical products. The proposed research will advance the state of the art in shape creation, product design and manufacturing, and secure design coordination. Validation of the concepts in an educational context will benefit the engineering curriculum by exposing students to emerging ways of designing and making cyber-physical products. Over the long term, the research, education, and dissemination efforts conducted in this project will facilitate a paradigm shift where cyber-physical design and manufacturing using natural interfaces, secure behavioral modeling and knowledge sharing in communities will become a part of our nation?s creative design and manufacturing capacity.

The electric power grid is a complex cyber-physical system, whose reliable and secure operation is of paramount importance to national security and economic vitality. There is a growing and evolving threat of cyber-based attacks, both in numbers and sophistication, on the nation's critical infrastructure. Therefore, cyber security "encompassing attack prevention, detection, mitigation, and resilience" is critical in today's power grid and the emerging smart grid. The goal of this project is to develop a unified system-theoretic framework and analytical tools for cyber-physical security of power systems, capturing the dynamics of the physical system as well as that of the cyber system. Research tasks include: 1) Development of a methodology for impact analysis that includes systematic identification of worst-case stealthy attacks on the power system's wide-area control and evaluating the resulting consequences in terms of stability violations and performance loss. 2) Development of robust cyber-physical countermeasures, employing a combination of methods from system theory, cyber security, and model-based/data-driven tools, in the form of domain-specific anomaly detection/tolerance algorithms and attack-resilient control algorithms. 3) Evaluating the effectiveness of the proposed impact modeling and mitigation algorithms through a combination of simulation and testbed-based evaluations, using realistic system topologies and attack scenarios. The project makes significant contributions to enhance the security and resiliency of the power grid and lays a scientific foundation for cyber-physical security of critical infrastructure. Also, the project develops novel curriculum modules, mentors graduate and undergraduate students including under-represented minorities, leverages industrial collaborations, and exposes high school students to cyber security concepts.

The electric power grid is a complex cyber-physical system, whose reliable and secure operation is of paramount importance to national security and economic vitality. There is a growing and evolving threat of cyber-based attacks, both in numbers and sophistication, on the nation's critical infrastructure. Therefore, cyber security "encompassing attack prevention, detection, mitigation, and resilience" is critical in today's power grid and the emerging smart grid. The goal of this project is to develop a unified system-theoretic framework and analytical tools for cyber-physical security of power systems, capturing the dynamics of the physical system as well as that of the cyber system. Research tasks include: 1) Development of a methodology for impact analysis that includes systematic identification of worst-case stealthy attacks on the power system's wide-area control and evaluating the resulting consequences in terms of stability violations and performance loss. 2) Development of robust cyber-physical countermeasures, employing a combination of methods from system theory, cyber security, and model-based/data-driven tools, in the form of domain-specific anomaly detection/tolerance algorithms and attack-resilient control algorithms. 3) Evaluating the effectiveness of the proposed impact modeling and mitigation algorithms through a combination of simulation and testbed-based evaluations, using realistic system topologies and attack scenarios. The project makes significant contributions to enhance the security and resiliency of the power grid and lays a scientific foundation for cyber-physical security of critical infrastructure. Also, the project develops novel curriculum modules, mentors graduate and undergraduate students including under-represented minorities, leverages industrial collaborations, and exposes high school students to cyber security concepts.

Cyber-Physical Systems (CPS) encompass a large variety of systems including for example future energy systems (e.g. smart grid), homeland security and emergency response, smart medical technologies, smart cars and air transportation. One of the most important challenges in the design and deployment of Cyber-Physical Systems is how to formally guarantee that they are amenable to effective human control. This is a challenging problem not only because of the operational changes and increasing complexity of future CPS but also because of the nonlinear nature of the human-CPS system under realistic assumptions. Current state of the art has in general produced simplified models and has not fully considered realistic assumptions about system and environmental constraints or human cognitive abilities and limitations. To overcome current state of the art limitations, our overall research goal is to develop a theoretical framework for complex human-CPS that enables formal analysis and verification to ensure stability of the overall system operation as well as avoidance of unsafe operating states. To analyze a human-CPS involving a human operator(s) with bounded rationality three key questions are identified: (a) Are the inputs available to the operator sufficient to generate desirable behaviors for the CPS? (b) If so, how easy is it for the operator with her cognitive limitations to drive the system towards a desired behavior? (c) How can areas of poor system performance and determine appropriate mitigations be formally identified? The overall technical approach will be to (a) develop and appropriately leverage general cognitive models that incorporate human limitations and capabilities, (b) develop methods to abstract cognitive models to yield tractable analytical human models (c) develop innovative techniques to design the abstract interface between the human and underlying system to reflect mutual constraints, and (d) extend current state-of-the-art reachability and verification algorithms for analysis of abstract interfaces, iin which one of the systems in the feedback loop (i.e., the user) is mostly unknown, uncertain, highly variable or poorly modeled. The research will provide contributions with broad significance in the following areas: (1) fundamental principles and algorithms that would serve as a foundation for provably safe robust hybrid control systems for mixed human-CPS (2) methods for the development of analytical human models that incorporate cognitive abilities and limitations and their consequences in human control of CPS, (3) validated techniques for interface design that enables effective human situation awareness through an interface that ensures minimum information necessary for the human to safely control the CPS, (4) new reachability analysis techniques that are scalable and allow rapid determination of different levels of system safety. The research will help to identify problems (such as automation surprises, inadequate or excessive information contained in the user interface) in safety critical, high-risk, or expensive CPS before they are built, tested and deployed. The research will provide the formal foundations for understanding and developing human-CPS and will have a broad range of applications in the domains of healthcare, energy, air traffic control, transportation systems, homeland security and large-scale emergency response. The research will contribute to the advancement of under-represented students in STEM fields through educational innovation and outreach. The code, benchmarks and data will be released via the project website. Formal descriptions of models of human cognition are in general incompatible with formal models of the Cyber Physical System (CPS) the human operator(s) control. Therefore, it is difficult to determine in a rigorous way whether a CPS controlled by a human operator will be safe or stable and under which circumstances. The objective of this research is to develop an analytic framework of human-CPS systems that encompasses engineering compatible formal models of the human operator that preserve the basic architectural features of human cognition. In this project the team will develop methodologies for building such models as well as techniques for formal verification of the human-CPS system so that performance guarantees can be provided. They will validate models in a variety of domains ranging from air traffic control to large scale emergency response to the administration of anesthesia.

To ensure operational safety of complex cyber-physical systems such as automobiles, aircraft, and medical devices, new models, analyses, platforms, and development techniques are needed that can predict, possible interactions between features, detect them in the features' concrete implementations, and either eliminate or mitigate such interactions through precise modeling and enforcement of mixed-criticality cyber-physical system semantics. This project is taking a novel approach to reasoning about and managing feature interactions in cyber-physical systems, which encompasses interactions within software, interactions through the physical dynamics of the system, and interactions via shared computational resources. The proposed approach consists of three tightly coupled research thrusts: (1) a novel way of modeling features as automata equipped with both physical dynamics of the feature environment, and an assigned criticality level in each state of an automaton, (2) new automata-theoretic and control-theoretic analysis techniques, enabled by the modeling approach, and (3) new algorithms for adaptive sharing of computational resources between individual features that are guaranteed to satisfy the assumptions made during analysis, realized within a novel mixed-criticality cyber-physical platform architecture. The modeling approach will introduce a new model for mixed-criticality cyber-physical components and will support modern development standards, such as AUTOSAR in the automotive industry, for assigning criticality levels to features. Component interfaces in this model will capture control modes and the associated physical dynamics, operating modes and the associated resource requirements and criticality level, as well as relationships between control modes and operating modes. Analysis of features expressed in the proposed model will include detection of interactions and exploration of their effect on safety properties of the composite system. The broader impacts of the proposed work are twofold. One impact lies in the pervasive use of cyber-physical systems in our society. If the developed results are adopted in industry, it may help to promote improved safety of such systems. Results of the proposed research will be used in courses offered at both University of Pennsylvania and Washington University at the graduate and undergraduate levels. The project will also provide students with opportunities to get involved in cutting edge research within their fields of study

This project develops algorithms for revising a given model for a cyber-physical system while ensuring that the revised model is correct-by-construction and is realizable in the constraints imposed by the cyber-physical system. It specializes these algorithms in the context of fault-tolerance (with the theory of separation of concerns) and in the context of timed models (with the role of fairness). The project identifies constraints imposed by the inability to revise some or all physical components and ensure that they are satisfied during revision. It specializes model revision algorithms in two contexts: fault-tolerance and role of fairness during revision. Regarding fault-tolerance, it develops the theory of separation of concerns for cyber-physical systems. This work bridges the gap between fault-tolerance components, control theory and model revision. Regarding fairness, it develops efficient algorithms for revision by using abstraction to model continuous behaviors with discrete behaviors that utilize fairness. One broad impact of this project is to advance the fundamental science and technology of cyber-physical systems by developing systematic methods that ensure system correctness during maintenance where the system is revised due to changing requirements and/or environment. The algorithms from this project will provide techniques for providing assurance in automotive and aeronautical systems. In the context where fault-tolerance properties are added, the proposed activities also have the potential to identify missing specifications early and thereby reduce the cost of designing corresponding systems. The proposed activities facilitate in educating graduate students about different tasks involved in providing assurance via component based models and via model revision.

Reliable operation of cyber-physical systems (CPS) of societal importance such as Smart Electric Grids is critical for the seamless functioning of a vibrant economy. Sustained power outages can lead to major disruptions over large areas costing millions of dollars. Efficient computational techniques and tools that curtail such systematic failures by performing fault diagnosis and prognostics are therefore necessary. The Smart Electric Grid is a CPS: it consists of networks of physical components (including generation, transmission, and distribution facilities) interfaced with cyber components (such as intelligent sensors, communication networks, and control software). This grant provides funding to develop new methods to build models for the smart grid representing the failure dependencies in the physical and cyber components. The models will be used to build an integrated system-wide solution for diagnosing faults and predicting future failure propagations that can account for existing protection mechanisms. The original contribution of this work will be in the integrated modeling of failures on multiple levels in a large distributed cyber-physical system and the development of novel, hierarchical, robust, online algorithms for diagnostics and prognostics. If successful, the model-based fault diagnostics and prognostics techniques will improve the effectiveness of isolating failures in large systems by identifying impending failure propagations and determining the time to critical failures that will increase system reliability and reduce the losses accrued due to failures. This work will bridge the gap between fault management approaches used in computer science and power engineering that are needed as the grid becomes smarter, more complex, and more data intensive. Outcomes of this project will include modeling and run-time software prototypes, research publications, and experimental results in collaborations with industry partners that will be made available to the scientific community.

Reliable operation of cyber-physical systems (CPS) of societal importance such as Smart Electric Grids is critical for the seamless functioning of a vibrant economy. Sustained power outages can lead to major disruptions over large areas costing millions of dollars. Efficient computational techniques and tools that curtail such systematic failures by performing fault diagnosis and prognostics are therefore necessary. The Smart Electric Grid is a CPS: it consists of networks of physical components (including generation, transmission, and distribution facilities) interfaced with cyber components (such as intelligent sensors, communication networks, and control software). This grant provides funding to develop new methods to build models for the smart grid representing the failure dependencies in the physical and cyber components. The models will be used to build an integrated system-wide solution for diagnosing faults and predicting future failure propagations that can account for existing protection mechanisms. The original contribution of this work will be in the integrated modeling of failures on multiple levels in a large distributed cyber-physical system and the development of novel, hierarchical, robust, online algorithms for diagnostics and prognostics. If successful, the model-based fault diagnostics and prognostics techniques will improve the effectiveness of isolating failures in large systems by identifying impending failure propagations and determining the time to critical failures that will increase system reliability and reduce the losses accrued due to failures. This work will bridge the gap between fault management approaches used in computer science and power engineering that are needed as the grid becomes smarter, more complex, and more data intensive. Outcomes of this project will include modeling and run-time software prototypes, research publications, and experimental results in collaborations with industry partners that will be made available to the scientific community.

Cyber-Physical Systems (CPS) encompass a large variety of systems including for example future energy systems (e.g. smart grid), homeland security and emergency response, smart medical technologies, smart cars and air transportation. One of the most important challenges in the design and deployment of Cyber-Physical Systems is how to formally guarantee that they are amenable to effective human control. This is a challenging problem not only because of the operational changes and increasing complexity of future CPS but also because of the nonlinear nature of the human-CPS system under realistic assumptions. Current state of the art has in general produced simplified models and has not fully considered realistic assumptions about system and environmental constraints or human cognitive abilities and limitations. To overcome current state of the art limitations, our overall research goal is to develop a theoretical framework for complex human-CPS that enables formal analysis and verification to ensure stability of the overall system operation as well as avoidance of unsafe operating states. To analyze a human-CPS involving a human operator(s) with bounded rationality three key questions are identified: (a) Are the inputs available to the operator sufficient to generate desirable behaviors for the CPS? (b) If so, how easy is it for the operator with her cognitive limitations to drive the system towards a desired behavior? (c) How can areas of poor system performance and determine appropriate mitigations be formally identified? The overall technical approach will be to (a) develop and appropriately leverage general cognitive models that incorporate human limitations and capabilities, (b) develop methods to abstract cognitive models to yield tractable analytical human models (c) develop innovative techniques to design the abstract interface between the human and underlying system to reflect mutual constraints, and (d) extend current state-of-the-art reachability and verification algorithms for analysis of abstract interfaces, iin which one of the systems in the feedback loop (i.e., the user) is mostly unknown, uncertain, highly variable or poorly modeled. The research will provide contributions with broad significance in the following areas: (1) fundamental principles and algorithms that would serve as a foundation for provably safe robust hybrid control systems for mixed human-CPS (2) methods for the development of analytical human models that incorporate cognitive abilities and limitations and their consequences in human control of CPS, (3) validated techniques for interface design that enables effective human situation awareness through an interface that ensures minimum information necessary for the human to safely control the CPS, (4) new reachability analysis techniques that are scalable and allow rapid determination of different levels of system safety. The research will help to identify problems (such as automation surprises, inadequate or excessive information contained in the user interface) in safety critical, high-risk, or expensive CPS before they are built, tested and deployed. The research will provide the formal foundations for understanding and developing human-CPS and will have a broad range of applications in the domains of healthcare, energy, air traffic control, transportation systems, homeland security and large-scale emergency response. The research will contribute to the advancement of under-represented students in STEM fields through educational innovation and outreach. The code, benchmarks and data will be released via the project website. Formal descriptions of models of human cognition are in general incompatible with formal models of the Cyber Physical System (CPS) the human operator(s) control. Therefore, it is difficult to determine in a rigorous way whether a CPS controlled by a human operator will be safe or stable and under which circumstances. The objective of this research is to develop an analytic framework of human-CPS systems that encompasses engineering compatible formal models of the human operator that preserve the basic architectural features of human cognition. In this project the team will develop methodologies for building such models as well as techniques for formal verification of the human-CPS system so that performance guarantees can be provided. They will validate models in a variety of domains ranging from air traffic control to large scale emergency response to the administration of anesthesia.

Reliable operation of cyber-physical systems (CPS) of societal importance such as Smart Electric Grids is critical for the seamless functioning of a vibrant economy. Sustained power outages can lead to major disruptions over large areas costing millions of dollars. Efficient computational techniques and tools that curtail such systematic failures by performing fault diagnosis and prognostics are therefore necessary. The Smart Electric Grid is a CPS: it consists of networks of physical components (including generation, transmission, and distribution facilities) interfaced with cyber components (such as intelligent sensors, communication networks, and control software). This grant provides funding to develop new methods to build models for the smart grid representing the failure dependencies in the physical and cyber components. The models will be used to build an integrated system-wide solution for diagnosing faults and predicting future failure propagations that can account for existing protection mechanisms. The original contribution of this work will be in the integrated modeling of failures on multiple levels in a large distributed cyber-physical system and the development of novel, hierarchical, robust, online algorithms for diagnostics and prognostics. If successful, the model-based fault diagnostics and prognostics techniques will improve the effectiveness of isolating failures in large systems by identifying impending failure propagations and determining the time to critical failures that will increase system reliability and reduce the losses accrued due to failures. This work will bridge the gap between fault management approaches used in computer science and power engineering that are needed as the grid becomes smarter, more complex, and more data intensive. Outcomes of this project will include modeling and run-time software prototypes, research publications, and experimental results in collaborations with industry partners that will be made available to the scientific community.