Online control adaptation for safe and secure autonomous vehicle operations

Modern cyber-physical systems, like automotive systems and aerial vehicles, are not built with cyber security in mind. Several techniques have been developed recently to overcome cyber-attacks on cyber-physical systems both at the software and the control levels. Adding such cyber security techniques to protect a system against malicious attacks, however, can incur runtime overheads that, in the case of autonomous systems, results in performance degradation and may lead the system into unsafe states. In this paper, we propose a framework for online control performance adaptation for secure and safe navigation of autonomous vehicles. Our approach leverages model predictive control (MPC) and knowledge about the system dynamics and the maximum performance degradation that cyber security techniques can impose at every time step to compute the control input that guarantees a safe operation of the system at all times. We validate the proposed approach both with simulations and experiments for an unmanned ground vehicle (UGV) motion planning case study in a cluttered environment.

[1]  Natarajan Shankar,et al.  Double Helix and RAVEN: A System for Cyber Fault Tolerance and Recovery , 2016, CISRC.

[2]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[3]  Jakob Engblom,et al.  The worst-case execution-time problem—overview of methods and survey of tools , 2008, TECS.

[4]  Mihai Budiu,et al.  Control-flow integrity principles, implementations, and applications , 2009, TSEC.

[5]  David Evans,et al.  N-Variant Systems: A Secretless Framework for Security through Diversity , 2006, USENIX Security Symposium.

[6]  Paulo Tabuada,et al.  Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks , 2012, IEEE Transactions on Automatic Control.

[7]  Carla E. Brodley,et al.  Detection and prevention of stack buffer overflow attacks , 2005, CACM.

[8]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[9]  Mathias Payer Too much PIE is bad for performance , 2012 .

[10]  Vijay Kumar,et al.  Online planning for energy-efficient and disturbance-aware UAV operations , 2016, 2016 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS).

[11]  H. S. Kim,et al.  Commercial Antivirus Software Effectiveness: An Empirical Study , 2011, Computer.

[12]  Ray Hunt,et al.  Intrusion detection techniques and approaches , 2002, Comput. Commun..

[13]  Jack W. Davidson,et al.  ILR: Where'd My Gadgets Go? , 2012, 2012 IEEE Symposium on Security and Privacy.

[14]  Xinming Huang,et al.  Security of Autonomous Systems Employing Embedded Computing and Sensors , 2013, IEEE Micro.

[15]  Hovav Shacham,et al.  The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.

[16]  David H. Ackley,et al.  Randomized instruction set emulation , 2005, TSEC.

[17]  John L. Henning SPEC CPU2006 benchmark descriptions , 2006, CARN.

[18]  Inseok Hwang,et al.  Cyber Attack Vulnerabilities Analysis for Unmanned Aerial Vehicles , 2012, Infotech@Aerospace.

[19]  Jonathan D. Pincus,et al.  Beyond stack smashing: recent advances in exploiting buffer overruns , 2004, IEEE Security & Privacy Magazine.

[20]  Paulo Tabuada,et al.  Robustness of attack-resilient state estimators , 2014, 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[21]  Karl Henrik Johansson,et al.  Attack models and scenarios for networked control systems , 2012, HiCoNS '12.

[22]  Insup Lee,et al.  Attack resilient state estimation for autonomous robotic systems , 2014, 2014 IEEE/RSJ International Conference on Intelligent Robots and Systems.

[23]  Keith W. Ross,et al.  Computer networking - a top-down approach featuring the internet , 2000 .

[24]  Weiqing Sun,et al.  Cyber security threat analysis and modeling of an unmanned aerial vehicle system , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[25]  Ravishankar K. Iyer,et al.  Transparent runtime randomization for security , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..