Resilient group consensus in heterogeneously robust networks with hybrid dynamics

This paper studies resilient coordinated control over networks with hybrid dynamics and malicious agents. In a hybrid multi‐agent system, continuous‐time and discrete‐time agents concurrently exist and communicate through local interaction. We introduce the notion of heterogeneous robustness to capture the topological structure and facilitate convergence analysis of hybrid agents over multiple subnetworks, where the exact number and identities of malicious agents are not known. A hybrid resilient strategy is first designed to ensure group consensus of the heterogeneously robust network admitting completely distributed implementation. We then develop a scaled consensus protocol which allows different clusters within each subnetwork, providing further flexibility over the resilient control tasks. Finally, some numerical examples are worked out to illustrate the effectiveness of theoretical results

Detecting Security Leaks in Hybrid Systems with Information Flow Analysis

Information flow analysis is an effective way to check useful security properties, such as whether secret information can leak to adversaries. Despite being widely investigated in the realm of programming languages, information-flow- based security analysis has not been widely studied in the domain of cyber-physical systems (CPS). CPS provide interesting challenges to traditional type-based techniques, as they model mixed discrete-continuous behaviors and are usually expressed as a composition of state machines. In this paper, we propose a lightweight static analysis methodology that enables information security properties for CPS models.We introduce a set of security rules for hybrid automata that characterizes the property of non-interference. Based on those rules, we propose an algorithm that generates security constraints between each sub-component of hybrid automata, and then transforms these constraints into a directed dependency graph to search for non-interference violations. The proposed algorithm can be applied directly to parallel compositions of automata without resorting to model-flattening techniques. Our static checker works on hybrid systems modeled in Simulink/Stateflow format and decides whether or not the model satisfies non-interference given a user-provided security annotation for each variable. Moreover, our approach can also infer the security labels of variables, allowing a designer to verify the correctness of partial security annotations. We demonstrate the potential benefits of the proposed methodology on two case studies

Securing Cross-App Interactions in IoT Platforms

IoT platforms enable users connect various smart devices and online services via reactive apps running on the cloud. These apps, often developed by third-parties, perform simple computations on data triggered by external information sources and actuate the results of computation on external information sinks. Recent research shows that unintended or malicious interactions between the different (even benign) apps of a user can cause severe security and safety risks. These works leverage program analysis techniques to build tools for unveiling unexpected interference across apps for specific use cases. Despite these initial efforts, we are still lacking a semantic framework for understanding interactions between IoT apps. The question of what security policy cross-app interference embodies remains largely unexplored. This paper proposes a semantic framework capturing the essence of cross-app interactions in IoT platforms. The frame- work generalizes and connects syntactic enforcement mechanisms to bisimulation-based notions of security, thus providing a baseline for formulating soundness criteria of these enforcement mechanisms. Specifically, we present a calculus that models the behavioral semantics of a system of apps executing concurrently, and use it to define desirable semantic policies in the context security and safety of IoT apps. To demonstrate the usefulness of our framework, we define static mechanisms for enforcing cross- app security and safety, and prove them sound with respect to our semantic conditions. Finally, we leverage real-world apps to validate the practical benefits of our policy framework

A hybrid dynamic logic for event/data-based systems

We propose E↓ -logic as a formal foundation for the specification and development of event-based systems with local data states. The logic is intended to cover a broad range of abstraction levels from abstract requirements specifications up to constructive specifications. Our logic uses diamond and box modalities over structured actions adopted from dynamic logic. Atomic actions are pairs Open image in new window where e is an event and /ψ a state transition predicate capturing the allowed reactions to the event. To write concrete specifications of recursive process structures we integrate (control) state variables and binders of hybrid logic. The semantic interpretation relies on event/data transition systems; specification refinement is defined by model class inclusion. For the presentation of constructive specifications we propose operational event/data specifications allowing for familiar, diagrammatic representations by state transition graphs. We show that E↓-logic is powerful enough to characterise the semantics of an operational specification by a single E↓-sentence. Thus the whole development process can rely on E↓-logic and its semantics as a common basis. This includes also a variety of implementation constructors to support, among others, event refinement and parallel composition.publishe