Automation is being increasingly introduced into every man-made system. The thrust to achieve trustworthy autonomous systems, which can attain goals independently in the presence of significant uncertainties and for long periods of time without any human intervention, has always been enticing. Significant progress has been made in the avenues of both software and hardware for meeting these objectives. However, technological challenges still exist and particularly in terms of decision making under uncertainty. In an autonomous system, uncertainties can arise from the operating environment, adversarial attacks, and from within the system. While a lot of work has been done on ensuring safety of systems under standard sensing errors, much less attention has been given on securing it and its sensors from attacks. As such, autonomous cyber-physical systems (CPS), which rely heavily on sensing units for decision making, remain vulnerable to such attacks. Given the fact that the age of autonomous CPS is upon us and their influence is gradually increasing, it becomes an urgent task to develop effective solutions to ensure the security and trustworthiness of autonomous CPS under adversarial attacks. The researchers of this project provide a comprehensive real-time, resource-aware solution for detection and recovery of autonomous CPS from physical and cyber-attacks. This project also includes effort to educate and prepare the community for the potential cyber and physical threats on autonomous CPS. With the observation that a thorough security certification of autonomous CPS will provide formal evaluation of autonomous CPS, the researchers in this project intend to develop methods to facilitate manufacturers for certifying security solutions. Toward this goal, the researchers will first develop new theories to understand the impact of physical and cyber-attack on system level properties such as controllability, stability, and safety. They will then develop algorithms for detection and recovery of CPS from physical attacks on active sensors. The proposed recovery method will ensure the integrity of sensor measurements when the system is under attack. Furthermore, a new analysis framework will be constructed that uses platform-based design methodology to represent the CPS and verifies it against design metric constraints such as security, timing, resource, and performance. The key contributions of this project towards autonomous CPS security certification include 1) a comprehensive study of relationship between attacks and system-level properties; 2) algorithms and their optimization for detection and automatic recovery of autonomous CPS from attacks; and 3) systematically quantifying impact of security on design metrics.

Due to their increasing use by civil and federal authorities and vast commercial and amateur applications, Unmanned Aerial Systems (UAS) will be introduced into the National Air Space (NAS); the question is only how this can be done safely. Today, NASA and the FAA are designing a new, (NextGen) automated air traffic control system for all aircraft, manned or unmanned. New algorithms and tools will need to be developed to enable computation of the complex questions inherent in designing such a system while proving adherence to rigorous safety standards. Researchers must develop the tools of formal analysis to be able to address the UAS in the NAS problem, reason about UAS integration during the design phase of NextGen, and tie this design to on-board capabilities to provide runtime System Health Management (SHM), ensuring the safety of people and property on the ground. This proposal takes a holistic view and integrates advances in the state of the art from three intertwined perspectives to address safe integration of unmanned systems into the national airspace: from on-board the vehicle, from the environment (NAS), and from the underlying theory enabling their formal analysis. There has been rapid development of new UAS technologies yet few of them are formally mathematically rigorous to the degree needed for FAA safety-critical system certification. This project bridges that gap, integrating new UAS and air traffic control designs with advances in formal analysis. Within the wealth of promising directions for autonomous UAS capabilities, this project fills a unique need, providing a direct synergy between on-board UAS SHM, the NAS environment in which they must operate, and the theoretical foundations common to both of these. This research will help to build a safer NAS with increased capacity for UAS and create broadly impactful capabilities for SHM on-board UAS. Advancements will require theoretical research into more scalable model checking and debugging of safety properties. Safety properties express the sentiment that "something bad does not happen" during any system execution; they represent the vast majority of the requirements for NextGen designs and all requirements researchers can monitor on-board a UAS for system heath management during runtime. This research will tackle new frontiers in embedding health management capabilities on-board UAS. Collaborations with aerospace system designers at the National Aeronautics and Space Administration and tool designers at the Bruno Kessler Foundation will aid real-life utility and technology transfer. Broader impact will be achieved by involving undergraduate students in the design of an open-source, affordable, all-COTS and 3D-printable UAS, which will facilitate flight testing of this project's research advances. An open-UAS design for academia will be useful both for classroom demonstrations and as a research platform. Further impact will be achieved by using this UAS and the research it enables in interactive teaching experiences for K-12, undergraduate, and graduate students and in mentoring outreach specifically targeted at girls achieving in Science, Technology, Engineering and Mathematics (STEM) subjects.

Epilepsy is one of the most common neurological disorders, affecting between 0.4% and 1% of the world's population. While seizures can be controlled in approximately two thirds of newly diagnosed patients through the use of one or more antiepileptic drugs (AEDs), the remainder experience seizures even on multiple medications. The primary impacts of the chronic condition of epilepsy on a patient are a lower quality of life, loss of productivity, comorbidities, and increased risk of death. Epilepsy is an intermittent brain disorder, and in localization-related epilepsy, which is the most common form of epilepsy, one or a few discrete brain areas (the seizure focus or seizure foci) are believed to be responsible for seizure initiation. More recent approaches with implantable electrical stimulation seizure control devices hold value as a therapeutic option for the control of seizures. These devices, directly or indirectly, target the seizure focus and seek to control its expression. In this project we will build a multichannel brain implantable device based on emerging cyber physical system (CPS) principles. This brain implantable CPS device will incorporate key design features to make the device dependable, scalable, composable, certifiable, and interoperable. The device will operate over the life of an animal, or a patient, and continuously record brain activity and stimulate the brain when seizure related activity is detected to abort an impending seizure. Episodic brain disorders such as epilepsy have a considerable impact on a patient's productivity and quality of life and may be life-threatening when seizures cannot be controlled with medications. The goal of this project is to create a second generation brain-implantable sensing and stimulating device (BISSD) based on emerging CPS principles and practice. The development of a BISSD as a exemplifies several defining aspects that inform and illustrate core CPS principles. First, to meet the important challenge of regulatory approval a composable, scalable and certifiable framework that supports testing in multiple species is proposed. Second, a BISSD must be wholly integrated with the patient and fully cognizant at every instant of brain state, including dynamic changes in both the normal and abnormal expression of brain physiology and therapeutic intervention. Thus, this project seeks a tight conjunction of the cyber solution that must monitor itself and monitor and stimulate the brain using implanted, adaptable, distributed, and networked electrodes, and the physical system which in this case is the intermittently failing human brain. Third, a BISSD must function for an extensive period of time, up to the life of the patient, because each surgery to place and retrieve a BISSD carries an attendant risk. This requirement necessitates a dependable solution, which this project seeks to reliably achieve through both an understanding of the brain's foreign body response and a unique hierarchical fault-tolerant design. Fourth, an advanced salient approaches to acquire, compress, and analyze sensor signals to achieve real-time monitoring and control of seizures is employed. This project should yield a powerful, scalable CPS framework for robust fault-tolerant implantable medical devices with real-time processing that can grow with advances in sensors, sensing modalities, time-series analysis, real-time computation, control, materials, power and knowledge of underlying biology. The USA has a competitive advantage in the control of seizures in medically refractory epilepsy. In the modern era, epilepsy surgery evolved in the USA in the 1970s and spread from here to other parts of the world. Similarly, the USA enjoys a competitive advantage in BISSDs, and success in this effort will enable the USA to build on and maintain this advantage. In addition to epilepsy, advances made here can be expected to benefit the treatment of other neurological and psychiatric brain disorders.

Exploiting inherent physical structure of the CPS domains can lead to economically viable and efficient novel algorithms for providing performance, control, synchronization and an alternate approach to CPS security that does not rely solely on cryptography. In each of these systems, regardless of the current state of the network, in the presence of disturbances or adversarial inputs, there is a need to bring the system to desired state for performance and control of the network. This project presents one such novel approach by observing that the CPS applications including smartgrid, coordinating robotics, formation flights in UAV, and synchronization of biological systems including brain networks all exhibit a special physical structure, namely submodularity, with respect to the set of control actions. Submodularity is a diminishing returns property that enables the development of efficient algorithms with provable optimality guarantees and in many cases distributed versions that are locally implementable, and hence scalable. While it has been widely used in the machine learning and discrete optimization communities, the use of submodularity in the context of CPS is a fertile research area. This project initially applies submodularity in the context of smart grid and show how it can lead to greater system stability and attack resilience. By defining suitable metrics that capture the submodular structures underlying the physical dynamics, the researchers develop algorithms that eliminate the time-consuming and computationally expensive verification of control actions through simulation. The fundamental properties of synchronization, convergence, robustness, and attack-resilience considered in this effort have crosscutting applications to multiple CPS domains, which will benefit from the submodular approach that we will research and develop.