This proposal addresses the safety and security issues that arise when giving users remote-access to a multi-robot research test-bed, where mobile robots can coordinate their behaviors in a collaborative manner. Through a public interface, users are able to schedule, and subsequently upload, their own code and run their experiments, while being provided with the scientific data produced through the experiment. Such an open-access framework has the potential to significantly lowering the barriers to entry in robotics research and education, yet is inherently vulnerable from a safety and security point-of-view. This proposal aims at the development and definition of appropriate cyber-physical security notions, formal verification algorithms, and safety-critical, real-time control code for teams of mobile robots that will ultimately make such a system both useful and safe. On top of the research developments, this proposal contains a Transition to Practice component that will allow the system to become a highly usable, shared test-bed; one that can serve as a model for other open, remote-access test-beds. Safety is of central importance to the successful realization of any remote-access test-bed and failure to enforce safety could result in injury in local operators and damaged equipment. To guarantee safe operation, while allowing users to test algorithms remotely, new science is required in the domain of safety-critical control. To address this need, the proposed work follows a three-pronged approach, namely (1) development and use of novel types of barrier certificates in the context of minimally invasive, optimization-based controllers with provable safety properties, (2) formal methods for verification of safety-critical control code for networked cyber-physical systems, and (3) novel methods for protecting against machine-to-machine cyber attacks. By bringing together ideas from multi-agent robotics, safety-critical control, formal verification, and cyber-security, this project will result in a unified and coherent approach to security in networked cyber-physical systems. The potential impact of the resulting open-access multi-robot test-bed is significant along the research, education, and general outreach dimensions in that a future generation of roboticists at institutions across the country will have open and remote access to a world-class research facility, and educators at all levels will be able to run experiments on actual robots.

Cyber-physical additive layer manufacturing, e.g., 3D printing, has become a promising technology for providing cost, time, and space effective solution by reducing the gap between designers and manufacturers. However, the concern for the protection of intellectual property is arising in conjunction with the capabilities of supporting massive innovative designs and rapid prototyping. Intellectual property in the additive layer manufacturing system consists of: i) geometric design of an object; ii) attributes of an object; iii) process information; and iv) machine information. This Early-concept Grant for Exploratory Research (EAGER) project seeks to develop defense mechanisms for detecting malware and counterfeit articles using a variety of signals that are observed during the manufacturing process including acoustic, temperature, power, and others. The project is an EAGER because both the uniqueness of the observed signal signatures, and their utilization in securing the manufacturing process are high risk with potential for high reward in thwarting attacks. This project will demonstrate that during the life-cycle of the additive layer manufacturing system, the intellectual property information contained in the cyber domain can be recovered/reconstructed through attacks occurring during the manufacturing process in the physical domain through various non-intrusive techniques. It will then focus on creating both machine-dependent and machine-independent defense mechanisms for avoiding such an attack. This project will significantly impact US competitiveness over technology-oriented manufacturing. The attack model will provide feedback to 3D printer manufacturers and CAD tool designers to build defenses against these new types of attack. Moreover, it will have a significant societal impact to the explosively growing maker and crowd-sourcing community in protecting their intellectual property. In addition, the project's approach can be used in other manufacturing systems, e.g., CNC machines, manufacturing robots, etc. This is possibly the very first approach to create defense for additive layer manufacturing mechanisms against such attacks occurring in the physical domain to get access to information of the cyber domain. This project has three specific objectives: 1) It will demonstrate a proof of concept by presenting a novel attack model constructed using a combination of machine learning, signal processing, and pattern recognition techniques that utilize the side-channel information (power, temperature, acoustic, electromagnetic emission) obtained during the manufacturing process. 2) It will develop a machine-specific defense mechanism against the attack model for the 3D printer. New techniques to add additional physical process encryption, e.g. adding extra information to the G-code to obfuscate the printing process from the attack model between the G-code and the physical manufacturing process, will be demonstrated. 3) It will create a new security-aware 3D-printing algorithm for the machine-independent CAD tools that can protect against such side channel attacks. The 3D-printing algorithm will slice the STL and generate layer description language (e.g. G-code) randomly so that for the same 3D object, different instructions will be sent to the 3D printer and eventually different physical features will be extracted by the attackers.

This award provides NSF support to sponsor students and faculty mentors from US institutions to participate in a doctoral symposium held during the First Workshop on Privacy and Security in Pervasive e-Health and Assistive Environments in Corfu, Greece, June 9-13, 2009. This workshop is in conjunction with the Second International Conference on Pervasive Technologies Related to Assistive Environments (PETRA?09 http://www.petrae.org). The doctoral symposium shares the aims of the PSPAE workshop, seeking new directions in security and privacy research and education. The focus of the PSPAE workshop is a multidisciplinary discussion aimed towards developing new insights into privacy and security issues for pervasive technologies that will be deployed for the benefit of society. The scientific community is expected to benefit from discussions on the crossover between security and privacy and on the issues arising in complex application areas such as healthcare. The doctoral consortium seeks to open new horizons for graduate students who may pursue privacy and security research in healthcare and other pervasive assistive environments. Another objective is to create an international forum that can expose graduate students to the differences in privacy policies around the world, especially regarding health privacy and security.

As Cyber-Physical Systems (CPSs) employing mobile nodes continue to integrate into the physical world, ensuring their safety and security become crucial goals. Due to their mobility, real-time, energy and safety constraints, coupled by their reliance on communication mediums that are subject to interference and intentional jamming, the projected complexities in Mobile CPSs will far exceed those of traditional computing systems. Such increase in complexity widens the malicious opportunities for adversaries and with many components interacting together, distinguishing between normal and abnormal behaviors becomes quite challenging. The research work in this project falls along two main thrusts: (1) identifying stealthy attacks and (2) developing defense mechanisms. Along the first thrust, a unifying theoretical framework is developed to uncover attacks in a systematic manner whereby an adversary solves Markovian Decision Processes problems to identify optimal and suboptimal attack policies. The effects of the attacks are assessed through different instantiations of damage and cost metrics. Along the second thrust, novel randomization controllers and randomization-aware anomaly detection mechanisms are developed to prevent, detect and mitigate stealthy attacks. The outcomes of this CAREER project will ultimately provide concrete foundations to build more secure systems in the areas of robotics, autonomous vehicles, and intelligent transportation systems. The educational activities--as in curriculum development and hands-on laboratory experiences--will provide students with the essential skills to build dependable and trustworthy systems, while ensuring the participation of undergraduates, women and underrepresented minorities. The outreach activities will expose high school students to Computer Science education and scientific research.