Award Abstract # 1505799
Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems

NSF Org: CNS
Division Of Computer and Network Systems
Recipient: TRUSTEES OF THE UNIVERSITY OF PENNSYLVANIA, THE
Initial Amendment Date: August 25, 2015
Latest Amendment Date: September 15, 2016
Award Number: 1505799
Award Instrument: Continuing Grant
Program Manager: David Corman
CNS
 Division Of Computer and Network Systems
CSE
 Directorate for Computer and Information Science and Engineering
Start Date: September 1, 2015
End Date: August 31, 2019 (Estimated)
Total Intended Award Amount: $1,125,000.00
Total Awarded Amount to Date: $1,125,000.00
Funds Obligated to Date: FY 2015 = $750,000.00
FY 2016 = $375,000.00
History of Investigator:
  • Insup Lee (Principal Investigator)
    lee@cis.upenn.edu
  • Oleg Sokolsky (Co-Principal Investigator)
  • George Pappas (Co-Principal Investigator)
  • Andreas Haeberlen (Co-Principal Investigator)
  • Nadia Heninger (Co-Principal Investigator)
Recipient Sponsored Research Office: University of Pennsylvania
3451 WALNUT ST STE 440A
PHILADELPHIA
PA  US  19104-6205
(215)898-7293
Sponsor Congressional District: 03
Primary Place of Performance: University of Pennsylvania
3451 Walnut Street P-221 FB
Philadelphia
PA  US  19104-6205
Primary Place of Performance
Congressional District:
03
Unique Entity Identifier (UEI): GM1XX56LEP58
Parent UEI: GM1XX56LEP58
NSF Program(s): Information Technology Researc
Primary Program Source: 01001516DB NSF RESEARCH & RELATED ACTIVIT
01001617DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 7918, 8225, 8235
Program Element Code(s): 164000
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

Security and privacy concerns in the increasingly interconnected world are receiving much attention from the research community, policymakers, and general public. However, much of the recent and on-going efforts concentrate on security of general-purpose computation and on privacy in communication and social interactions. The advent of cyber-physical systems (e.g., safety-critical IoT), which aim at tight integration between distributed computational intelligence, communication networks, physical world, and human actors, opens new horizons for intelligent systems with advanced capabilities. These systems may reduce number of accidents and increase throughput of transportation networks, improve patient safety, mitigate caregiver errors, enable personalized treatments, and allow older adults to age in their places. At the same time, cyber-physical systems introduce new challenges and concerns about safety, security, and privacy. The proposed project will lead to safer, more secure and privacy preserving CPS. As our lives depend more and more on these systems, specifically in automotive, medical, and Internet-of-Things domains, results obtained in this project will have a direct impact on the society at large. The study of emerging legal and ethical aspects of large-scale CPS deployments will inform future policy decision-making. The educational and outreach aspects of this project will help us build a workforce that is better prepared to address the security and privacy needs of the ever-more connected and technologically oriented society.

Cyber-physical systems (CPS) involve tight integration of computational nodes, connected by one or more communication networks, the physical environment of these nodes, and human users of the system, who interact with both the computational part of the system and the physical environment. Attacks on a CPS system may affect all of its components: computational nodes and communication networks are subject to malicious intrusions, and physical environment may be maliciously altered. CPS-specific security challenges arise from two perspectives. On the one hand, conventional information security approaches can be used to prevent intrusions, but attackers can still affect the system via the physical environment. Resource constraints, inherent in many CPS domains, may prevent heavy-duty security approaches from being deployed. This proposal will develop a framework in which the mix of prevention, detection and recovery, and robust techniques work together to improve the security and privacy of CPS. Specific research products will include techniques providing: 1) accountability-based detection and bounded-time recovery from malicious attacks to CPS, complemented by novel preventive techniques based on lightweight cryptography; 2) security-aware control design based on attack resilient state estimator and sensor fusions; 3) privacy of data collected and used by CPS based on differential privacy; and, 4) evidence-based framework for CPS security and privacy assurance, taking into account the operating context of the system and human factors. Case studies will be performed in applications with autonomous features of vehicles, internal and external vehicle networks, medical device interoperability, and smart connected medical home.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

(Showing: 1 - 10 of 47)
A. B. Alexandru, K. Gatsis, G. J. Pappas "Privacy preserving Cloud-based Quadratic Optimization" 55th Annual Allerton Conference on Communication, Control, and Computing, Monticello, IL, 2017 , 2017
A. B. Alexandru, M. Morari, G. J. Pappas "Cloud-based MPC with Encrypted Data" 57th IEEE Conference on Decision and Control, Miami, FL, 2018 , 2018
Ang Chen, Yang Wu, Andreas Haeberlen, Wenchao Zhou, and Boon Thau Loo "Differential Provenance: Better Network Diagnostics with Reference Events" 14th ACM Workshop on Hot Topics in Networks (HotNets'15) , 2015
Ang Chen, Yang Wu, Andreas Haeberlen, Wenchao Zhou, Boon Thau Loo} "The Good, the Bad, and the Differences: Better Network Diagnostics with Differential Provenance" Proceedings of ACM SIGCOMM 2016 , 2016
A. Papadimitriou, A. Narayan, A. Haeberlen "DStress: Efficient Differentially Private Computations on Distributed Data" EuroSys '17: Proceedings of the Twelfth European Conference on Computer Systems , 2017 , p.23
A. Tsiamis, A. B. Alexandru, and G. J. Pappas "Motion Planning with Secrecy" American Control Conference , 2019
A. Tsiamis, K. Gatsis and G. J. Pappas "An Information Matrix Approach for State Secrecy" 57th IEEE Conference on Decision and Control, 2018 , 2018
A. Tsiamis, K. Gatsis and G. J. Pappas "State Estimation Codes for Perfect Secrecy" 56th IEEE Conference on Decision and Control , 2017
A. Tsiamis, K. Gatsis and G. J. Pappas "State Estimation with Secrecy against Eavesdroppers" IFAC World Congress , 2017
A. Tsiamis, K. Gatsis and G. J. Pappas "State-Secrecy Codes for Stable Systems" IEEE Annual American Control Conference (ACC). , 2018
C. Novak, J. Blythe, R. Koppel, V. Kothari, and S. Smith "Modeling Aggregate Security with User Agents that Employ Password Memorization Techniques" Thirteenth USENIX Symposium on Usable Privacy and Security (SOUPS) , 2017
(Showing: 1 - 10 of 47)

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

According to a NIST definition, a cyber-physical system (CPS) is comprised of interacting digital, analog, physical, and human components engineered for function through integrated physics and logic.  Examples of CPS include autonomous vehicles and smart electrical grid.  CPSs promise to bring unprecedented advantages to many aspects of modern society, such as emergency response, traffic management, healthcare, etc.  At the same time, the tight coupling between physical processes and computer control creates new security and privacy threats which, left unchecked, can lead to tremendous harm and loss of life.  The primary goals of this project were to form a comprehensive understanding of these new CPS-specific threats and develop new technologies to protect our critical infrastructure from these threats.

The project has substantially increased our understanding of cyber-physical security and yielded several new techniques to design CPS with proven security and privacy guarantees.

One focus area of the project was protection against sensor attacks.  This problem is of particular importance to autonomous systems such as self-driving cars, which rely on multiple sensors to determine the state of the vehicle and made control decisions.  Some commonly used sensors, in particular GPS, can be spoofed in a stealthy way that can lead the vehicle off track and crash.  We have developed techniques to exploit redundancy in sensor readings to accurately estimate the state of the vehicle and detect and isolate failed or compromised sensors.  We have also developed techniques to recover the state of an autonomous control system after an attack by periodically checkpointing known good states and rolling forward the checkpointed value using partial knowledge of physical dynamics of the vehicle.

Another focus area addresses privacy concerns in CPS.  Autonomous CPS rely on vast amount of data to perform their functions, but much of this data may reveal sensitive information about the system or its users.  We studied ways to protect this data from malicious observers without interfering with the system operation.  An important outcome of this effort is a set coding schemes for protecting sensitive information about the system state or a planned system trajectory against eavesdropping attacks.  The coding schemes guarantee that an eavesdropper trying to estimate the state of the system will experience a large estimation error, while the error of the legitimate user will remain small.

Project outcomes have been disseminated to the CPS research community through publications in leading research conferences and archival journals. Results from this project have been incorporated into several graduate courses at the University of Pennsylvania, taught at the departments of Computer and Information Sciences and Electrical and Systems Engineering.  Five graduate students and post-doctoral associates working on the project have secured faculty positions at research universities in the U.S. and U.K.


Last Modified: 12/30/2019
Modified by: Oleg Sokolsky

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page