Search for: All records

The adoption of digital technology in industrial control systems (ICS) enables improved control over operation, ease of system diagnostics and reduction in cost of maintenance of cyber physical systems (CPS). However, digital systems expose CPS to cyber-attacks. The problem is grave since these cyber-attacks can lead to cascading failures affecting safety in CPS. Unfortunately, the relationship between safety events and cyber-attacks in ICS is ill-understood and how cyber-attacks can lead to cascading failures affecting safety. Consequently, CPS operators are ill-prepared to handle cyber-attacks on their systems. In this work, we envision adopting Explainable AI to assist CPS oper-ators in analyzing how a cyber-attack can trigger safety events in CPS and then interactively determining potential approaches to mitigate those threats. We outline the design of a formal framework, which is based on the notion of transition systems, and the associated toolsets for this purpose. The transition system is represented as an AI Planning problem and adopts the causal formalism of human reasoning to asssit CPS operators in their analyses. We discuss some of the research challenges that need to be addressed to bring this vision to fruition. 

We have been witnessing an unprecedented increase in the aging population in human history. It is nontrivial to ensure the health and safety of seniors living alone. The prohibitive human labor cost necessitates more sustainable, technology oriented approaches instead of labor-intensive solutions. The raising digital healthcare services (DHS) leveraging the Internet of Medical Things (IoMT), Digital Twins (DT), and advanced fifth-generation and beyond (B5G) wireless communication technology, are widely recognized as promising solutions. By enabling a seamless interwoven of the physical world and cyberspace, Metaverse makes an ideal home for the next generation of DHS. Thanks to characteristics of decentralization, traceability, and unalterability, Blockchain is envisioned to enhance security properties in Metaverse. This paper proposes MetaSafe, a DHS architecture for seniors’ safety monitoring in Metaverse. Based on monitoring data collected by sensors, the activities and status of seniors, who are considered as the physical objects (PO), are mirrored to corresponding logical objects (LO) in a virtual community in the Metaverse, where activity recognition, potential risk prediction, and alert generation are realized. By leveraging Non-Fungible Token (NFT) technology to tokenize identities (POs and LOs) and data streams of the DHS on the blockchain, an NFT-based authentication fabric allows for verifiable ownership and traceable transferability during the data-sharing process. Specifically, an instant alerting system is introduced in this work that leverages a hybrid algorithm combining the singular spectrum analysis (SSA) approach with the long-short-term memory (LSTM) networks. Through an extensive experimental study, MetaSafe is validated as a feasible and promising approach to protect seniors living alone. 

Scrubbing sensitive data before releasing memory is a widely accepted but often ignored programming practice for developing secure software. Consequently, confidential data such as cryptographic keys, passwords, and personal data, can remain in memory indefinitely, thereby increasing the risk of exposure to hackers who can retrieve the data using memory dumps or exploit vulnerabilities such as Heartbleed and Etherleak. We propose an approach for detecting a specific memory safety bug called Improper Clearing of Heap Memory Before Release, also known as Common Weakness Enumeration 244, in C programs. The CWE-244 bug in a program allows the leakage of confidential information when a variable is not wiped before heap memory is freed. Our approach combines taint analysis and model checking to detect this weakness. We have three main phases: (1) perform a coarse flow-insensitive inter-procedural static analysis on the program to construct a set of pointer variables that could point to sensitive data; (2) instrument the program with required dynamic variable tracking, and assertion logic for memory wiping before deallocation; and (3) invoke a model checker, the C-Bounded Model Checker (CBMC) in our case, to detect assertion violation in the instrumented program. We develop a tool, \toolname, implementing our instrumentation based algorithm, and we provide experimental validation on the Juliet Test Suite --- the tool is able to detect all the CWE-244 instances present in the test suite. To the best of our knowledge, this is the first work which presents a solution to the problem of detecting unscrubbed secure memory deallocation violations in programs.