This proposal addresses the safety and security issues that arise when giving users remote-access to a multi-robot research test-bed, where mobile robots can coordinate their behaviors in a collaborative manner. Through a public interface, users are able to schedule, and subsequently upload, their own code and run their experiments, while being provided with the scientific data produced through the experiment. Such an open-access framework has the potential to significantly lowering the barriers to entry in robotics research and education, yet is inherently vulnerable from a safety and security point-of-view. This proposal aims at the development and definition of appropriate cyber-physical security notions, formal verification algorithms, and safety-critical, real-time control code for teams of mobile robots that will ultimately make such a system both useful and safe. On top of the research developments, this proposal contains a Transition to Practice component that will allow the system to become a highly usable, shared test-bed; one that can serve as a model for other open, remote-access test-beds. Safety is of central importance to the successful realization of any remote-access test-bed and failure to enforce safety could result in injury in local operators and damaged equipment. To guarantee safe operation, while allowing users to test algorithms remotely, new science is required in the domain of safety-critical control. To address this need, the proposed work follows a three-pronged approach, namely (1) development and use of novel types of barrier certificates in the context of minimally invasive, optimization-based controllers with provable safety properties, (2) formal methods for verification of safety-critical control code for networked cyber-physical systems, and (3) novel methods for protecting against machine-to-machine cyber attacks. By bringing together ideas from multi-agent robotics, safety-critical control, formal verification, and cyber-security, this project will result in a unified and coherent approach to security in networked cyber-physical systems. The potential impact of the resulting open-access multi-robot test-bed is significant along the research, education, and general outreach dimensions in that a future generation of roboticists at institutions across the country will have open and remote access to a world-class research facility, and educators at all levels will be able to run experiments on actual robots.

Exploiting inherent physical structure of the CPS domains can lead to economically viable and efficient novel algorithms for providing performance, control, synchronization and an alternate approach to CPS security that does not rely solely on cryptography. In each of these systems, regardless of the current state of the network, in the presence of disturbances or adversarial inputs, there is a need to bring the system to desired state for performance and control of the network. This project presents one such novel approach by observing that the CPS applications including smartgrid, coordinating robotics, formation flights in UAV, and synchronization of biological systems including brain networks all exhibit a special physical structure, namely submodularity, with respect to the set of control actions. Submodularity is a diminishing returns property that enables the development of efficient algorithms with provable optimality guarantees and in many cases distributed versions that are locally implementable, and hence scalable. While it has been widely used in the machine learning and discrete optimization communities, the use of submodularity in the context of CPS is a fertile research area. This project initially applies submodularity in the context of smart grid and show how it can lead to greater system stability and attack resilience. By defining suitable metrics that capture the submodular structures underlying the physical dynamics, the researchers develop algorithms that eliminate the time-consuming and computationally expensive verification of control actions through simulation. The fundamental properties of synchronization, convergence, robustness, and attack-resilience considered in this effort have crosscutting applications to multiple CPS domains, which will benefit from the submodular approach that we will research and develop.