skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Timing Debugging for Cyber-Physical Systems
This paper is concerned with the following question: Given a set of control tasks that are not schedulable, i.e., their required timing properties cannot be satisfied, what should be changed? While the real-time systems literature proposes many different schedulability analysis techniques, it surprisingly provides almost no guidelines on what should be changed to make a task set schedulable, when it is not. We show that when the tasks in question are control tasks, this timing debugging question in the context of cyber-physical systems (CPS) may be answered by exploiting the dynamics of the physical systems that these control tasks are expected to influence. Towards this, we study a very simple setup, viz., when a set of periodic tasks with implicit deadlines is not schedulable, by how much should the periods be changed in order to make the task set schedulable? Among the many ways in which the periods can be modified, our proposed strategy is to change the periods in a manner such that while the task set becomes schedulable, the poles of the closed-loop system experience the minimal shift. Since the poles influence the closed loop dynamics of the system, we thereby ensure that we obtain a system with the desired timing properties whose dynamics is very similar to the dynamics of the original (non-schedulable) system. We formulate this CPS timing debugging strategy as an optimization problem and illustrate it with a concrete example.  more » « less
Award ID(s):
1837337
PAR ID:
10205882
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
2021 Design, Automation Test in Europe Conference Exhibition (DATE)
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, ACM Transactions on Cyber-Physical Systems)
    null (Ed.)
    Defense mechanisms against network-level attacks are commonly based on the use of cryptographic techniques, such as lengthy message authentication codes (MAC) that provide data integrity guarantees. However, such mechanisms require significant resources (both computational and network bandwidth), which prevents their continuous use in resource-constrained cyber-physical systems (CPS). Recently, it was shown how physical properties of controlled systems can be exploited to relax these stringent requirements for systems where sensor measurements and actuator commands are transmitted over a potentially compromised network; specifically, that merely intermittent use of data authentication (i.e., at occasional time points during system execution), can still provide strong Quality-of-Control (QoC) guarantees even in the presence of false-data injection attacks, such as Man-in-the-Middle (MitM) attacks. Consequently, in this work, we focus on integrating security into existing resource-constrained CPS, in order to protect against MitM attacks on a system where a set of control tasks communicates over a real-time network with system sensors and actuators. We introduce a design-time methodology that incorporates requirements for QoC in the presence of attacks into end-to-end timing constraints for real-time control transactions, which include data acquisition and authentication, real-time network messages, and control tasks. This allows us to formulate a mixed integer linear programming-based method for direct synthesis of schedulable tasks and message parameters (i.e., deadlines and offsets) that do not violate timing requirements for the already deployed controllers, while adding a sufficient level of protection against network-based attacks; specifically, the synthesis method also provides suitable intermittent authentication policies that ensure the desired QoC levels under attack. To additionally reduce the security-related bandwidth overhead, we propose the use of cumulative message authentication at time instances when the integrity of messages from subsets of sensors should be ensured. Furthermore, we introduce a method for the opportunistic use of the remaining resources to further improve the overall QoC guarantees while ensuring system (i.e., task and message) schedulability. Finally, we demonstrate applicability and scalability of our methodology on synthetic automotive systems as well as a real-world automotive case-study. 
    more » « less
  2. ; ; ; ; (, Journal of Air Transportation)
    Neural network approximations have become attractive to compress data for automation and autonomy algorithms for use on storage-limited and processing-limited aerospace hardware. However, unless these neural network approximations can be exhaustively verified to be safe, they cannot be certified for use on aircraft. An example of such systems is the unmanned Airborne Collision Avoidance System (ACAS) Xu, which is a very popular benchmark for open-loop neural network control system verification tools. This paper proposes a new closed-loop extension of this benchmark, which consists of a set of 10 closed-loop properties selected to evaluate the safety of an ownship aircraft in the presence of a co-altitude intruder aircraft. These closed-loop safety properties are used to evaluate five of the 45 neural networks that comprise the ACAS Xu benchmark (corresponding to co-altitude cases) as well as the switching logic between the five neural networks. The combination of nonlinear dynamics and switching between five neural networks is a challenging verification task accomplished with star-set reachability methods in two verification tools. The safety of the ownship aircraft under initial position uncertainty is guaranteed in every scenario proposed. 
    more » « less
  3. ; ; (, 2017 IEEE Real-Time Systems Symposium (RTSS))
    Existing design techniques for providing security guarantees against network-based attacks in cyber-physical systems (CPS) are based on continuous use of standard cryptographic tools to ensure data integrity. This creates an apparent conflict with common resource limitations in these systems, given that, for instance, lengthy message authentication codes (MAC) introduce significant overheads. We present a framework to ensure both timing guarantees for real-time network messages and Quality-of-Control (QoC) in the presence of network-based attacks. We exploit physical properties of controlled systems to relax constant integrity enforcement requirements, and show how the problem of feasibility testing of intermittently authenticated real-time messages can be cast as a mixed integer linear programming problem. Besides scheduling a set of real-time messages with predefined authentication rates obtained from QoC requirements, we show how to optimally increase the overall system QoC while ensuring that all real-time messages are schedulable. Finally, we introduce an efficient runtime bandwidth allocation method, based on opportunistic scheduling, in order to improve QoC. We evaluate our framework on a standard benchmark designed for CAN bus, and show how an infeasible message set with strong security guarantees can be scheduled if dynamics of controlled systems are taken into account along with real-time requirements. 
    more » « less
  4. ; ; (, IEEE Transactions on Transportation Electrification)
    This paper demonstrates a novel, compact-sized hardware-in-the-loop system, and its verification using machine learning and artificial intelligence features in battery controls. Conventionally, a battery management system involves algorithm development for battery modeling, estimation, and control. These tasks are typically validated by running the battery tester open-loop, i.e., the tester equipment executes the pre-defined experimental protocols line by line. Additional equipment is required to make the testing closed-loop, but the integration is typically not straightforward. To improve flexibility and accessibility for battery management, this work proposes a low-cost highly reliable closed-loop charger and discharger. We first focus on the electronic circuit design for battery testing systems to maximize the applied current accuracy and precision. After functional verification, we further investigate applications for closed-loop battery management systems. In particular, we extend the proposed architecture into the learning-based control design, which is a feedback controller. We utilize reinforcement learning techniques to highlight the benefits of closed-loop controls. As an example, we compare this learning-based control strategy with a conventional battery charging control. The experimental results demonstrate that the proposed experimental design is able to handle the learning-based controller and achieve a more reliable and safer charging protocol driven by artificial intelligence. 
    more » « less
  5. ; ; ; ; ; ; (, Sensors)
    null (Ed.)
    Biofeedback systems have been extensively used in walking exercises for gait improvement. Past research has focused on modulating the wearer’s cadence, gait variability, or symmetry, but none of the previous works has addressed the problem of inducing a desired walking speed in the wearer. In this paper, we present a new, minimally obtrusive wearable biofeedback system (WBS) that uses closed-loop vibrotactile control to elicit desired changes in the wearer’s walking speed, based on the predicted user response to anticipatory and delayed feedback. The performance of the proposed control was compared to conventional open-loop rhythmic vibrotactile stimulation with N = 10 healthy individuals who were asked to complete a set of walking tasks along an oval path. The closed-loop vibrotactile control consistently demonstrated better performance than the open-loop control in inducing desired changes in the wearer’s walking speed, both with constant and with time-varying target walking speeds. Neither open-loop nor closed-loop stimuli affected natural gait significantly, when the target walking speed was set to the individual’s preferred walking speed. Given the importance of walking speed as a summary indicator of health and physical performance, the closed-loop vibrotactile control can pave the way for new technology-enhanced protocols for gait rehabilitation. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email