A Study of Potential Security and Safety Vulnerabilities in Cyber-Physical Systems

The work in this dissertation focuses on two examples of Cyber-Physical Systems (CPS), integrations of communication and monitoring capabilities to control a physical system, that operate in adversarial environments. That is to say, it is possible for individuals with malicious intent to gain access to various components of the CPS, disrupt normal operation, and induce harmful impacts. Such a deliberate action will be referred to as an attack. Therefore, some possible attacks against two CPSs will be studied in this dissertation and, when possible, solutions to handle such attacks will also be suggested. The first CPS of interest is vehicular platoons wherein it is possible for a number of partially-automated vehicles to drive autonomously towards a certain destination with as little human driver involvement as possible. Such technology will ultimately allow passengers to focus on other tasks, such as reading or watching a movie, rather than on driving. In this dissertation three possible attacks against such platoons are studied. The first is called ”the disbanding attack” wherein the attacker is capable of disrupting one platoon and also inducing collisions in another intact (non-attacked) platoon vehicles. To handle such an attack, two solutions are suggested: The first solution is formulated using Model Predictive Control (MPC) optimal technique, while the other uses a heuristic approach. The second attack is False-Data Injection (FDI) against the platooning vehicular sensors is analyzed using the reachability analysis. This analysis allows us to validate whether or not it is possible for FDI attacks to drive a platoon towards accidents. Finally, mitigation strategies are suggested to prevent an attacker-controlled vehicle, one which operates inside a platoon and drives unpredictably, from causing collisions. These strategies are based on sliding mode control technique and once engaged in the intact vehicles, collisions are reduced and eventual control of those vehicles will be switched from auto to human to further reduce the impacts of the attacker-controlled vehicle. The second CPS of interest in this dissertation is Heating, Ventilating, and Air Conditioning (HVAC) systems used in smart automated buildings to provide an acceptable indoor environment in terms of thermal comfort and air quality for the occupants For these systems, an MPC technique based controller is formulated in order to track a desired temperature in each zone of the building. Some previous studies indicate the possibility of an attacker to manipulate the measurements of temperature sensors, which are installed at different sections of the building, and thereby cause them to read below or above the real measured temperature. Given enough time, an attacker could monitor the system, understand how it works, and decide which sensor(s) to target. Eventually, the attacker may be able to deceive the controller, which uses the targeted sensor(s) readings and raises the temperature of one or multiple zones to undesirable levels, thereby causing discomfort for occupants in the building. In order to counter such attacks, Moving Target Defense (MTD) technique is utilized in order to constantly change the sensors sets used by the MPC controllers and, as a consequence, reduce the impacts of sensor attacks

Situational Awareness Enhancement for Connected and Automated Vehicle Systems

Recent developments in the area of Connected and Automated Vehicles (CAVs) have boosted the interest in Intelligent Transportation Systems (ITSs). While ITS is intended to resolve and mitigate serious traffic issues such as passenger and pedestrian fatalities, accidents, and traffic congestion; these goals are only achievable by vehicles that are fully aware of their situation and surroundings in real-time. Therefore, connected and automated vehicle systems heavily rely on communication technologies to create a real-time map of their surrounding environment and extend their range of situational awareness. In this dissertation, we propose novel approaches to enhance situational awareness, its applications, and effective sharing of information among vehicles.;The communication technology for CAVs is known as vehicle-to-everything (V2x) communication, in which vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) have been targeted for the first round of deployment based on dedicated short-range communication (DSRC) devices for vehicles and road-side transportation infrastructures. Wireless communication among these entities creates self-organizing networks, known as Vehicular Ad-hoc Networks (VANETs). Due to the mobile, rapidly changing, and intrinsically error-prone nature of VANETs, traditional network architectures are generally unsatisfactory to address VANETs fundamental performance requirements. Therefore, we first investigate imperfections of the vehicular communication channel and propose a new modeling scheme for large-scale and small-scale components of the communication channel in dense vehicular networks. Subsequently, we introduce an innovative method for a joint modeling of the situational awareness and networking components of CAVs in a single framework. Based on these two models, we propose a novel network-aware broadcast protocol for fast broadcasting of information over multiple hops to extend the range of situational awareness. Afterward, motivated by the most common and injury-prone pedestrian crash scenarios, we extend our work by proposing an end-to-end Vehicle-to-Pedestrian (V2P) framework to provide situational awareness and hazard detection for vulnerable road users. Finally, as humans are the most spontaneous and influential entity for transportation systems, we design a learning-based driver behavior model and integrate it into our situational awareness component. Consequently, higher accuracy of situational awareness and overall system performance are achieved by exchange of more useful information

Cybersecurity issues in software architectures for innovative services

The recent advances in data center development have been at the basis of the widespread success of the cloud computing paradigm, which is at the basis of models for software based applications and services, which is the "Everything as a Service" (XaaS) model. According to the XaaS model, service of any kind are deployed on demand as cloud based applications, with a great degree of flexibility and a limited need for investments in dedicated hardware and or software components. This approach opens up a lot of opportunities, for instance providing access to complex and widely distributed applications, whose cost and complexity represented in the past a significant entry barrier, also to small or emerging businesses. Unfortunately, networking is now embedded in every service and application, raising several cybersecurity issues related to corruption and leakage of data, unauthorized access, etc. However, new service-oriented architectures are emerging in this context, the so-called services enabler architecture. The aim of these architectures is not only to expose and give the resources to these types of services, but it is also to validate them. The validation includes numerous aspects, from the legal to the infrastructural ones e.g., but above all the cybersecurity threats. A solid threat analysis of the aforementioned architecture is therefore necessary, and this is the main goal of this thesis. This work investigate the security threats of the emerging service enabler architectures, providing proof of concepts for these issues and the solutions too, based on several use-cases implemented in real world scenarios

Cyberphysical Constructs and Concepts for Fully Automated Networked Vehicles

Human lives are at stake in networked systems of automated vehicles. Drawing from mature domains where life/safety critical cyberphysical systems have already been deployed as well as from various scientific disciplines, we introduce the SPEC (Safety, Privacy, Efficiency, Cybersecurity) problem which arises in self-organizing and self-healing networks of fully automated terrestrial vehicles, and CMX functionalities intended for vehicular onboard systems. CM stands for Coordinated Mobility, X stands for S, P, E and C. The CMX framework encompasses cyberphysical constructs (cells, cohorts) endowed with proven properties, onboard proactive security modules, unfalsifiable cyberphysical levels, protocols and distributed algorithms for timed-bounded inter-vehicular communications, reliable message dissemination, trusted explicit agreements/coordination, and privacy preserving options that insulate passengers from illegitimate internal cyber-surveillance and external eavesdropping and tracking. We establish inter alia that safety and privacy can be obtained jointly, by design. The focus of this report is on SE properties. Notably, we show how to achieve theoretical absolute safety (0 fatalities and 0 severe injuries in rear-end collisions and pileups) and highest efficiency (smallest safe inter-vehicular gaps) jointly, by design, in spontaneous cohorts of vehicles. Results conveyed in this report shall open new opportunities for innovative research and development of high societal impact.Les vies humaines sont en jeu dans les réseaux de véhicules automatisés, à l’instar de domaines matures où des systèmes critiques en matière de sécurité-innocuité ont déjà été déployés. Les connaissances acquises dans ces domaines ainsi que dans diverses disciplines scientifiques permettent de définir le problème SPEC (Safety, Privacy, Efficiency, Cybersecurity) qui se pose dans les réseaux auto-organisés et auto-réparateurs de véhicules terrestres à conduite entièrement automatisée. On introduit CMX, un ensemble de fonctionnalités destinées aux systèmes bord. CM est l’abréviation de Coordinated Mobility, et X signifie S, P, E et C. L’ensemble CMX repose sur des constructions cyberphysiques (cellules, cohortes) dotées de propriétés prouvées, les concepts de module de sécurité proactif et de niveaux cyberphysiques infalsifiables, des protocoles et des algorithmes distribués pour communications inter-véhiculaires en temps borné, dissémination fiable de messages, coordination et accords explicites dignes de confiance, ainsi que sur des options de protection de la vie privée qui permettent aux passagers d’interdire la cyber-surveillance illégitime interne et externe (écoutes radio et pistage des trajets). On établit qu’il est possible de garantir conjointement sécurité-innocuité (safety) et respect de la vie privée (privacy), par conception. Ce rapport est consacré aux propriétés SE. En particulier, on montre comment obtenir la sécurité-innocuité absolue théorique (taux nul de mortalité et de graves blessures en cas de collisions longitudinales) et maximiser l’efficacité (espaces inter-véhiculaires minimaux) conjointement, par conception, dans les cohortes spontanées de véhicules. Les résultats contenus dans ce rapport devraient ouvrir de nouvelles perspectives de recherche et développement à fort impact sociétal

Practical Coordination of Multi-Vehicle Systems in Formation

This thesis considers the cooperation and coordination of multi vehicle systems cohesively in order to keep the formation geometry and provide the string stability. We first present the modeling of aerial and road vehicles representing different motion characteristics suitable for cooperative operations. Then, a set of three dimensional cohesive motion coordination and formation control schemes for teams of autonomous vehicles is proposed. The two main components of these schemes are i) platform free high level online trajectory generation algorithms and ii) individual trajectory tracking controllers. High level algorithms generate the desired trajectories for three dimensional leader-follower structured tight formations, and then distributed controllers provide the individual control of each agent for tracking the desired trajectories. The generic goal of the control scheme is to move the agents while maintaining the formation geometry. We propose a distributed control scheme to solve this problem utilizing the notions of graph rigidity and persistence as well as techniques of virtual target tracking and smooth switching. The distributed control scheme is developed by modeling the agent kinematics as a single-velocity integrator; nevertheless, extension to the cases with simplified kinematic and dynamic models of fixed-wing autonomous aerial vehicles and quadrotors is discussed. The cohesive cooperation in three dimensions is so beneficial for surveillance and reconnaissance activities with optimal geometries, operation security in military activities, more viable with autonomous flying, and future aeronautics aspects, such as fractionated spacecraft and tethered formation flying. We then focus on motion control task modeling for three dimensional agent kinematics and considering parametric uncertainties originated from inertial measurement noise. We design an adaptive controller to perform the three dimensional motion control task, paying attention to the parametric uncertainties, and employing a recently developed immersion and invariance based scheme. Next, the cooperative driving of road vehicles in a platoon and string stability concepts in one-dimensional traffic are discussed. Collaborative driving of commercial vehicles has significant advantages while platooning on highways, including increased road-capacity and reduced traffic congestion in daily traffic. Several companies in the automotive sector have started implementing driver assistance systems and adaptive cruise control (ACC) support, which enables implementation of high level cooperative algorithms with additional softwares and simple electronic modifications. In this context, the cooperative adaptive cruise control approach are discussed for specific urban and highway platooning missions. In addition, we provide details of vehicle parameters, mathematical models of control structures, and experimental tests for the validation of our models. Moreover, the impact of vehicle to vehicle communication in the existence of static road-side units are given. Finally, we propose a set of stability guaranteed controllers for highway platooning missions. Formal problem definition of highway platooning considering constant and velocity dependent spacing strategies, and formal string stability analysis are included. Additionally, we provide the design of novel intervehicle distance based priority coefficient of feed-forward filter for robust platooning. In conclusion, the importance of increasing level of autonomy of single agents and platoon topology is discussed in performing cohesive coordination and collaborative driving missions and in mitigating sensory errors. Simulation and experimental results demonstrate the performance of our cohesive motion and string stable controllers, in addition we discuss application in formation control of autonomous multi-agent systems