Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher.
Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
-
With the proliferation of safety-critical real-time systems in our daily life, it is imperative that their security is protected to guarantee their functionalities. To this end, one of the most powerful modern security primitives is the enforcement of data flow integrity. However, the run-time overhead can be prohibitive for real-time cyber-physical systems. On the other hand, due to strong safety requirements on such real-time cyber-physical systems, platforms are often designed with enough reservation such that the system remains real-time even if it is experiencing the worst-case execution time. We conducted a measurement study on eight popular CPS systems and found the worst-case execution time is often at least five times the average run time. In this paper, we propose opportunistic data flow integrity, OP-DFI, that takes advantage of the system reservation to enforce data flow integrity to the CPS software. To avoid impacting the real-time property, OP-DFI tackles the challenge of slack estimation and run-time policy swapping to take advantage of the extra time in the system opportunistically. To ensure the security protection remains coherent, OP-DFI leverages in-line reference monitors and hardware-assisted features to perform dynamic fine-grained sandboxing. We evaluated OP-DFI on eight real-time CPS. With a worst-case execution time overhead of 2.7%, OP-DFI effectively performs DFI checking on 95.5% of all memory operations and 99.3% of safety-critical control-related memory operations on average.more » « lessFree, publicly-accessible full text available August 14, 2025
-
Free, publicly-accessible full text available June 1, 2025
-
Free, publicly-accessible full text available January 1, 2025
-
This work presents a new safe control framework for Euler-Lagrange (EL) systems with limited model information, external disturbances, and measurement uncertainties. The EL system is decomposed into two subsystems called the proxy subsystem and the virtual tracking subsystem. An adaptive safe controller based on barrier Lyapunov functions is designed for the virtual tracking subsystem to ensure the boundedness of the safe velocity tracking error, and a safe controller based on control barrier functions is designed for the proxy subsystem to ensure controlled invariance of the safe set defined either in the joint space or task space. Theorems that guarantee the safety of the proposed controllers are provided. In contrast to existing safe control strategies for EL systems, the proposed method requires much less model information and can ensure safety rather than input-to-state safety. Simulation results are provided to illustrate the effectiveness of the proposed method.more » « lessFree, publicly-accessible full text available December 13, 2024
-
Free, publicly-accessible full text available January 6, 2025
-
Graphics Processing Units (GPU) are increasingly deployed on Cyber-physical Systems (CPSs), frequently used to perform real-time safety-critical functions, such as object detection on autonomous vehicles. As a result, availability is important for GPU tasks in CPS platforms. However, existing Trusted Execution Environments (TEE) solutions with availability guarantees focus only on CPU computing.To bridge this gap, we propose AvaGPU, a TEE that guarantees real-time availability for CPU tasks involving GPU execution under compromised OS. There are three technical challenges. First, to prevent malicious resource contention due to separate scheduling of CPU and GPU tasks, we proposed a CPU-GPU co-scheduling framework that couples the priority of CPU and GPU tasks. Second, we propose software-based secure preemption on GPU tasks to bound the degree of priority inversion on GPU. Third, we propose a new split design of GPU driver with minimized Trusted Computing Base (TCB) to achieve secure and efficient GPU management for CPS. We implement a prototype of AvaGPU on the Jetson AGX Orin platform. The system is evaluated on benchmark, synthetic tasks, and real-world applications with 15.87% runtime overhead on average.more » « lessFree, publicly-accessible full text available November 15, 2024
-
With the proliferation of autonomous safety-critical cyber-physical systems (CPS) in our daily life, their security is becoming ever more important. Remote attestation is a powerful mechanism to enable remote verification of system integrity. While recent developments have made it possible to efficiently attest IoT operations, autonomous systems that are built on top of real-time cyber-physical control loops and execute missions independently present new unique challenges. In this paper, we formulate a new security property, Realtime Mission Execution Integrity (RMEI) to provide proof of correct and timely execution of the missions. While it is an attractive property, measuring it can incur prohibitive overhead for the real-time autonomous system. To tackle this challenge, we propose policy-based attestation of compartments to enable a trade-off between the level of details in measurement and runtime overhead. To further minimize the impact on real-time responsiveness, multiple techniques were developed to improve the performance, including customized software instrumentation and timing recovery through re-execution. We implemented a prototype of ARI and evaluated its performance on five CPS platforms. A user study involving 21 developers with different skill sets was conducted to understand the usability of our solution.more » « less
-
Satellite remote sensing of aerosol optical depth (AOD) is essential for detection, characterization, and forecasting of wildfire smoke. In this work, we evaluate the AOD (550 nm) retrievals during the extreme wildfire events over the western U.S. in September 2020. Three products are analyzed, including the Moderate-resolution Imaging Spectroradiometers (MODIS) Multi-Angle Implementation of Atmospheric Correction (MAIAC) product collections C6.0 and C6.1, and the NOAA-20 Visible Infrared Imaging Radiometer (VIIRS) AOD from the NOAA Enterprise Processing System (EPS) algorithm. Compared with the Aerosol Robotic Network (AERONET) data, all three products show strong linear correlations with MAIAC C6.1 and VIIRS presenting overall low bias (<0.06). The accuracy of MAIAC C6.1 is found to be substantially improved with respect to MAIAC C6.0 that drastically underestimated AOD over thick smoke, which validates the effectiveness of updates made in MAIAC C6.1 in terms of an improved representation of smoke aerosol optical properties. VIIRS AOD exhibits comparable uncertainty with MAIAC C6.1 with a slight tendency of increased positive bias over the AERONET AOD range of 0.5–3.0. Averaging coincident retrievals from MAIAC C6.1 and VIIRS provides a lower root mean square error and higher correlation than for the individual products, motivating the benefit of blending these datasets. MAIAC C6.1 and VIIRS are further compared to provide insights on their retrieval strategy. When gridded at 0.1° resolution, MAIAC C6.1 and VIIRS provide similar monthly AOD distribution patterns and the latter exhibits a slightly higher domain average. On daily scale, over thick plumes near fire sources, MAIAC C6.1 reports more valid retrievals where VIIRS tends to have retrievals designated as low or medium quality, which tends to be due to internal quality checks. Over transported smoke near scattered clouds, VIIRS provides better retrieval coverage than MAIAC C6.1 owing to its higher spatial resolution, pixel-level processing, and less strict cloud masking. These results can be used as a guide for applications of satellite AOD retrievals during wildfire events and provide insights on future improvement of retrieval algorithms under heavy smoke conditions.more » « less
-
Recent deep learning approaches have shown remarkable promise to enable high fidelity holographic displays. However, lightweight wearable display devices cannot afford the computation demand and energy consumption for hologram generation due to the limited onboard compute capability and battery life. On the other hand, if the computation is conducted entirely remotely on a cloud server, transmitting lossless hologram data is not only challenging but also result in prohibitively high latency and storage. In this work, by distributing the computation and optimizing the transmission, we propose the first framework that jointly generates and compresses high-quality phase-only holograms. Specifically, our framework asymmetrically separates the hologram generation process into high-compute remote encoding (on the server), and low-compute decoding (on the edge) stages. Our encoding enables light weight latent space data, thus faster and efficient transmission to the edge device. With our framework, we observed a reduction of 76% computation and consequently 83% in energy cost on edge devices, compared to the existing hologram generation methods. Our framework is robust to transmission and decoding errors, and approach high image fidelity for as low as 2 bits-per-pixel, and further reduced average bit-rates and decoding time for holographic videos.more » « less