Constraining Attacker Capabilities Through Actuator Saturation

For LTI control systems, we provide mathematical tools - in terms of Linear Matrix Inequalities - for computing outer ellipsoidal bounds on the reachable sets that attacks can induce in the system when they are subject to the physical limits of the actuators. Next, for a given set of dangerous states, states that (if reached) compromise the integrity or safe operation of the system, we provide tools for designing new artificial limits on the actuators (smaller than their physical bounds) such that the new ellipsoidal bounds (and thus the new reachable sets) are as large as possible (in terms of volume) while guaranteeing that the dangerous states are not reachable. This guarantees that the new bounds cut as little as possible from the original reachable set to minimize the loss of system performance. Computer simulations using a platoon of vehicles are presented to illustrate the performance of our tools

A Study of Potential Security and Safety Vulnerabilities in Cyber-Physical Systems

The work in this dissertation focuses on two examples of Cyber-Physical Systems (CPS), integrations of communication and monitoring capabilities to control a physical system, that operate in adversarial environments. That is to say, it is possible for individuals with malicious intent to gain access to various components of the CPS, disrupt normal operation, and induce harmful impacts. Such a deliberate action will be referred to as an attack. Therefore, some possible attacks against two CPSs will be studied in this dissertation and, when possible, solutions to handle such attacks will also be suggested. The first CPS of interest is vehicular platoons wherein it is possible for a number of partially-automated vehicles to drive autonomously towards a certain destination with as little human driver involvement as possible. Such technology will ultimately allow passengers to focus on other tasks, such as reading or watching a movie, rather than on driving. In this dissertation three possible attacks against such platoons are studied. The first is called ”the disbanding attack” wherein the attacker is capable of disrupting one platoon and also inducing collisions in another intact (non-attacked) platoon vehicles. To handle such an attack, two solutions are suggested: The first solution is formulated using Model Predictive Control (MPC) optimal technique, while the other uses a heuristic approach. The second attack is False-Data Injection (FDI) against the platooning vehicular sensors is analyzed using the reachability analysis. This analysis allows us to validate whether or not it is possible for FDI attacks to drive a platoon towards accidents. Finally, mitigation strategies are suggested to prevent an attacker-controlled vehicle, one which operates inside a platoon and drives unpredictably, from causing collisions. These strategies are based on sliding mode control technique and once engaged in the intact vehicles, collisions are reduced and eventual control of those vehicles will be switched from auto to human to further reduce the impacts of the attacker-controlled vehicle. The second CPS of interest in this dissertation is Heating, Ventilating, and Air Conditioning (HVAC) systems used in smart automated buildings to provide an acceptable indoor environment in terms of thermal comfort and air quality for the occupants For these systems, an MPC technique based controller is formulated in order to track a desired temperature in each zone of the building. Some previous studies indicate the possibility of an attacker to manipulate the measurements of temperature sensors, which are installed at different sections of the building, and thereby cause them to read below or above the real measured temperature. Given enough time, an attacker could monitor the system, understand how it works, and decide which sensor(s) to target. Eventually, the attacker may be able to deceive the controller, which uses the targeted sensor(s) readings and raises the temperature of one or multiple zones to undesirable levels, thereby causing discomfort for occupants in the building. In order to counter such attacks, Moving Target Defense (MTD) technique is utilized in order to constantly change the sensors sets used by the MPC controllers and, as a consequence, reduce the impacts of sensor attacks

Intersection Collision Avoidance For Autonomous Vehicles Using Petri Nets

Indiana University-Purdue University Indianapolis (IUPUI)Autonomous vehicles currently dominate the automobile field for their impact on humanity and society. Connected and Automated Vehicles (CAV’s) are vehicles that use different communication technologies to communicate with other vehicles, infrastructure, the cloud, etc. With the information received from the sensors present, the vehicles analyze and take necessary steps for smooth, collision-free driving. This the sis talks about the cruise control system along with the intersection collision avoidance system based on Petri net models. It consists of two internal controllers for velocity and distance control, respectively, and three external ones for collision avoidance. Fault-tolerant redundant controllers are designed to keep these three controllers in check. The model is built using a PN toolbox and tested for various scenarios. The model is also validated, and its distinct properties are analyzed

Security of Vehicular Platooning

Platooning concept involves a group of vehicles acting as a single unit through coordination of movements. While Platooning as an evolving trend in mobility and transportation diminishes the individual and manual driving concerns, it creates new risks. New technologies and passenger’s safety and security further complicate matters and make platooning attractive target for the malicious minds. To improve the security of the vehicular platooning, threats and their potential impacts on vehicular platooning should be identified to protect the system against security risks. Furthermore, algorithms should be proposed to detect intrusions and mitigate the effects in case of attack. This dissertation introduces a new vulnerability in vehicular platooning from the control systems perspective and presents the detection and mitigation algorithms to protect vehicles and passengers in the event of the attack

Computer-Aided Design for Safe Autonomous Vehicles

This paper details the design of an autonomous vehicle CAD toolchain, which captures formal descriptions of driving scenarios in order to develop a safety case for an autonomous vehicle (AV). Rather than focus on a particular component of the AV, like adaptive cruise control, the toolchain models the end-to-end dynamics of the AV in a formal way suitable for testing and verification. First, a domain-specific language capable of describing the scenarios that occur in the day-to-day operation of an AV is defined. The language allows the description and composition of traffic participants, and the specification of formal correctness requirements. A scenario described in this language is an executable that can be processed by a specification-guided automated test generator (bug hunting), and by an exhaustive reachability tool. The toolchain allows the user to exploit and integrate the strengths of both testing and reachability, in a way not possible when each is run alone. Finally, given a particular execution of the scenario that violates the requirements, a visualization tool can display this counter-example and generate labeled sensor data. The effectiveness of the approach is demonstrated on five autonomous driving scenarios drawn from a collection of 36 scenarios that account for over 95% of accidents nationwide. These case studies demonstrate robustness-guided verification heuristics to reduce analysis time, counterexample visualization for identifying controller bugs in both the discrete decision logic and low-level analog (continuous) dynamics, and identification of modeling errors that lead to unrealistic environment behavior

Collision-avoiding decentralized control for vehicle platoons: a mechanical perspective

A new bidirectional decentralized control algorithm for vehicle platoons is proposed, which guarantees absence of collisions between the vehicles. The algorithm exploits an elegant parallel between vehicles platoon and chains of interconnected mass-spring-damper systems and the idea of barrier certificates. Stability and robustness properties of the algorithm are examined. The results are illustrated by numerical examples, simulating different driving scenarios