Cyber-physical systems (CPS) connect computational and communication devices to physical reality. These are everywhere around us, from large-scale physical infrastructures, such as electrical grids, transportation systems, water network etc., to smaller scale medical devices, Internet-of-Things (IoT) etc. Since 2011, we we have been developing the foundations of security and privacy of such cyber-physical systems. The role of CPS security and privacy is becoming increasingly important, not just for critical infrastructure, such as electrical grids and water networks, but also for the emerging Internet-of-Things (IoT).
The premise of this work is that just cyber-security is not sufficient to secure such physical systems. We take a holistic view by utilizing the properties of physical systems to design new security and privacy protocols and architectures for cyber-physical systems (CPS) through a unified conceptual framework, which uses models for the physical system network to design algorithms and protocols with provable operational security and privacy guarantees.
Secure CPS: in collaboration with Prof. Paulo Tabuada’s group, we have developed secure state estimation, control and identification schemes despite sensor and actuator attacks even when we measure in an underlying noisy environment. These extend the ideas of classical minimum-mean-square error (MMSE) estimation to the case of adversarial attacks. We have shown how many of these ideas can be used in CPS systems and also in individual sensors with potential applications in semi-autonomous or autonomous vehicles. Our first journal paper on this topic published in 2014, was the most highly cited paper in the IEEE Transactions on Automatic Control, the flagship journal of the IEEE Control Systems Society, during the period 2014-2019, according to Google Scholar. At the heart of these ideas is a way to think of the error correcting capabilities of a dynamical system. We have summarized this perspective through connecting secure state estimation to real error correction through dynamical systems.
Distortion privacy for CPS: We argued that information security (either cryptographic or information-theoretic) measures currently proposed for generic wireless networks are not well matched to the CPS environment, as they impose unnecessary requirements, such as, protecting all the raw data. In CPS, an adversary’s primary goal is not to learn all the data, but instead core attributes such as the state or control actions that are derived from the raw data, and these need to be learned within a certain (distortion) approximation. Therefore we developed a CPS-centric approach to privacy for networked CPS systems, where we protected these core attributes with less resources than needed to protect all the data by not enabling the adversary to learn them within a required approximation.
Consider the scenario where we need to communicate the state of a system as it evolves over time (e.g., location of a drone that moves in a trajectory), so that a passive adversary that receives all communication cannot distinguish which is the actual state evolution over T time slots, over some fake but plausible state evolutions (in our example, alternative equally plausible trajectories). We proposed distortion-based metrics to protect CPS communication and showed that it is possible to confuse adversaries with just a few bits of pre-shared keys. We showed that a linear dynamical system can communicate its state in a manner that prevents an eavesdropper from accurately learning the state trajectories.