Knowledge Transfer Between Robots with Similar Dynamics for High-Accuracy Impromptu Trajectory Tracking

In this paper, we propose an online learning approach that enables the inverse dynamics model learned for a source robot to be transferred to a target robot (e.g., from one quadrotor to another quadrotor with different mass or aerodynamic properties). The goal is to leverage knowledge from the source robot such that the target robot achieves high-accuracy trajectory tracking on arbitrary trajectories from the first attempt with minimal data recollection and training. Most existing approaches for multi-robot knowledge transfer are based on post-analysis of datasets collected from both robots. In this work, we study the feasibility of impromptu transfer of models across robots by learning an error prediction module online. In particular, we analytically derive the form of the mapping to be learned by the online module for exact tracking, propose an approach for characterizing similarity between robots, and use these results to analyze the stability of the overall system. The proposed approach is illustrated in simulation and verified experimentally on two different quadrotors performing impromptu trajectory tracking tasks, where the quadrotors are required to accurately track arbitrary hand-drawn trajectories from the first attempt.Comment: European Control Conference (ECC) 201

Side-Channel Analysis and Cryptography Engineering : Getting OpenSSL Closer to Constant-Time

As side-channel attacks reached general purpose PCs and started to be more practical for attackers to exploit, OpenSSL adopted in 2005 a flagging mechanism to protect against SCA. The opt-in mechanism allows to flag secret values, such as keys, with the BN_FLG_CONSTTIME flag. Whenever a flag is checked and detected, the library changes its execution flow to SCA-secure functions that are slower but safer, protecting these secret values from being leaked. This mechanism favors performance over security, it is error-prone, and is obscure for most library developers, increasing the potential for side-channel vulnerabilities. This dissertation presents an extensive side-channel analysis of OpenSSL and criticizes its fragile flagging mechanism. This analysis reveals several flaws affecting the library resulting in multiple side-channel attacks, improved cache-timing attack techniques, and a new side channel vector. The first part of this dissertation introduces the main topic and the necessary related work, including the microarchitecture, the cache hierarchy, and attack techniques; then it presents a brief troubled history of side-channel attacks and defenses in OpenSSL, setting the stage for the related publications. This dissertation includes seven original publications contributing to the area of side-channel analysis, microarchitecture timing attacks, and applied cryptography. From an SCA perspective, the results identify several vulnerabilities and flaws enabling protocol-level attacks on RSA, DSA, and ECDSA, in addition to full SCA of the SM2 cryptosystem. With respect to microarchitecture timing attacks, the dissertation presents a new side-channel vector due to port contention in the CPU execution units. And finally, on the applied cryptography front, OpenSSL now enjoys a revamped code base securing several cryptosystems against SCA, favoring a secure-by-default protection against side-channel attacks, instead of the insecure opt-in flagging mechanism provided by the fragile BN_FLG_CONSTTIME flag

Hybrid PSO-PWL-Dijkstra approach for path planning of non holonomic platforms in dense contexts

Planning is an essential capability for autonomous robots. Many applications impose a diversity of constraints and traversing costs in addition to the usually considered requirement of obstacle avoidance. In applications such as route planning, the use of dense properties is convenient as these describe the terrain and other aspects of the context of operation more rigorously and are usually the result of a concurrent mapping and learning process. Unfortunately, planning for a platform with more than three degrees of freedom can be computationally expensive, particularly if the application requires the platform to optimally deal with a thorough description of the terrain. The objective of this thesis is to develop and demonstrate an efficient path planning algorithm based on dynamic programming. The goal is to compute paths for ground vehicles with and without trailers, that minimise a specified cost-to-go while taking into account dynamic constraints of the vehicle and dense properties of the environment. The proposed approach utilises a Quadtree Piece-Wise Linear (QT-PWL) approximation to describe the environment in a low dimensional subspace and later uses a particle approach to introduce the dynamic constraints of the vehicle and to smooth the path in the full dimensional configuration space. This implies that the optimisation process can exploit the QT-PWL partition. Many usual contexts of operation of autonomous platforms have cluttered spaces and large regions where the dense properties are smooth; therefore, the QT-PWL partition is able to represent the context in a fraction of cells that would be needed by a homogeneous grid. The proposed methodology includes adaptations to both algorithms to achieve higher efficiency of the computational cost and optimality of the planned path. In order to demonstrate the capabilities of the algorithm, an idealized test case is presented and discussed. The case for a car and a tractor with multiple trailers is presented. A real path planning example is presented in addition to the synthetic experiments. Finally, the experiments and results are analysed and conclusions and directions for possible future work are presented

Cache-Timing Techniques: Exploiting the DSA Algorithm

Side-channel information is any type of information leaked through unexpected channels due to physical features of a system dealing with data. The memory cache can be used as a side-channel, leakage and exploitation of side-channel information from the executing processes is possible, leading to the recovery of secret information. Cache-based side-channel attacks represent a serious threat to implementations of several cryptographic primitives, especially in shared libraries. This work explains some of the cache-timing techniques commonly used to exploit vulnerable software. Using a particular combination of techniques and exploiting a vulnerability found in the implementation of the DSA signature scheme in the OpenSSL shared library, a cache-timing attack is performed against the DSA’s sliding window exponentiation algorithm. Moreover, the attack is expanded to show that it is possible to perform cache-timing attacks against protocols relying on the DSA signature scheme. SSH and TLS are attacked, leading to a key-recovery attack: 260 SSH-2 handshakes to extract a 1024/160-bit DSA hostkey from an OpenSSH server, and 580 TLS 1.2 handshakes to extract a 2048/256-bit DSA key from an stunnel server

Aplicação e validação de um simulador estocástico de variáveis climáticas. O caso da precipitação

A carência de informação meteorológica é uma realidade comum a todas as regiões de Portugal. Muitos são os estudos que estão condicionados a esta lacuna o que conduz, mormente, à realização de estudos e projectos revestidos de incertezas e, talvez, à inibição de certas intervenções no âmbito da Hidrologia e Hidráulica. Neste trabalho descrevem-se a metodologia e os dados necessários para o ajustamento e aplicação do gerador climático CLIGEN no Sul de Portugal (VALE FORMOSO). Avalia-se a performance do CLIGEN na simulação da precipitação diária e mensal. A importância do conceito da normal climatológica é outro aspecto evidenciado no âmbito deste trabalho. Apresentase a análise de sensibilidade do modelo aos diferentes parâmetros de entrada – considerando três períodos distintos de registos de dados climáticos (10, 20 e 30 anos). O CLIGEN gera parâmetros climáticos indispensáveis para a aplicação de vários modelos hidrossedimentológicos dentre os quais se destacam o WEPP (Water Erosion Prediction Project), EPIC (Erosion/ Produtivity Impact Calculator), SWRRB (Simulator for Water Resources in Rural Basins), AGNPS (Agricultural Nonpoint Source Pollution Model) e CREAMS (Chemicals, Runoff, and Erosion from Agricultural Management System). Este estudo permitiu concluir que o modelo reproduz de modo significativo o padrão da precipitação e também evidencia que a extensão da série de precipitação considerada exerce considerável influência nos resultados

Triggerflow: Regression Testing by Advanced Execution Path Inspection

Cryptographic libraries often feature multiple implementations of primitives to meet both the security needs of handling private information and the performance requirements of modern services when the handled information is public. OpenSSL, the de-facto standard free and open source cryptographic library, includes mechanisms to differentiate the confidential data and its control flow, including runtime flags, designed for hardening against timing side-channels, but repeatedly accidentally mishandled in the past. To analyze and prevent these accidents, we introduce Triggerflow, a tool for tracking execution paths that, assisted by source annotations, dynamically analyzes the binary through the debugger. We validate this approach with case studies demonstrating how adopting our method in the development pipeline would have promptly detected such accidents. We further show-case the value of the tooling by presenting two novel discoveries facilitated by Triggerflow: one leak and one defect