Sandboxing Controllers for Stochastic Cyber-Physical Systems

Current cyber-physical systems (CPS) are expected to accomplish complex tasks. To achieve this goal, high performance, but unverified controllers (e.g. deep neural network, black-box controllers from third parties) are applied, which makes it very challenging to keep the overall CPS safe. By sandboxing these controllers, we are not only able to use them but also to enforce safety properties over the controlled physical systems at the same time. However, current available solutions for sandboxing controllers are just applicable to deterministic (a.k.a. non-stochastic) systems, possibly affected by bounded disturbances. In this paper, for the first time we propose a novel solution for sandboxing unverified complex controllers for CPS operating in noisy environments (a.k.a. stochastic CPS). Moreover, we also provide probabilistic guarantees on their safety. Here, the unverified control input is observed at each time instant and checked whether it violates the maximal tolerable probability of reaching the unsafe set. If this probability exceeds a given threshold, the unverified control input will be rejected, and the advisory input provided by the optimal safety controller will be used to maintain the probabilistic safety guarantee. The proposed approach is illustrated empirically and the results indicate that the expected safety probability is guaranteed.

[1]  Majid Zamani,et al.  Compositional Abstraction of Large-Scale Stochastic Systems: A Relaxed Dissipativity Approach. , 2019 .

[2]  Majid Zamani,et al.  From Dissipativity Theory to Compositional Construction of Finite Markov Decision Processes , 2017, HSCC.

[3]  Lui Sha,et al.  NetSimplex: Controller Fault Tolerance Architecture in Networked Control Systems , 2013, IEEE Transactions on Industrial Informatics.

[4]  Irene M. Gregory,et al.  $\mathcal {L}_1$Adaptive Control for Safety-Critical Systems , 2011, IEEE Control Systems.

[5]  Xiaofeng Wang,et al.  L1Simplex: Fault-tolerant control of cyber-physical systems , 2013, 2013 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[6]  Chao Wang,et al.  Shield Synthesis: Runtime Enforcement for Reactive Systems , 2015, TACAS.

[7]  John Lygeros,et al.  Probabilistic reachability and safety for controlled discrete time stochastic hybrid systems , 2008, Autom..

[8]  Orna Kupferman,et al.  Model Checking of Safety Properties , 1999, Formal Methods Syst. Des..

[9]  Xiaofeng Wang,et al.  RSimplex , 2018, ACM Trans. Cyber Phys. Syst..

[10]  Lui Sha,et al.  Real-Time Reachability for Verified Simplex Design , 2014, RTSS.

[11]  O. Hernández-Lerma,et al.  Discrete-time Markov control processes , 1999 .

[12]  Marco Caccamo,et al.  Preserving Physical Safety Under Cyber Attacks , 2019, IEEE Internet of Things Journal.

[13]  Adam Barth,et al.  Browser security , 2009, Commun. ACM.

[14]  Lui Sha,et al.  Using Simplicity to Control Complexity , 2001, IEEE Softw..

[15]  G. Monahan State of the Art—A Survey of Partially Observable Markov Decision Processes: Theory, Models, and Algorithms , 1982 .

[16]  Ufuk Topcu,et al.  Safe Reinforcement Learning via Shielding , 2017, AAAI.

[17]  Feng Shi,et al.  Performance Evaluation of a Self-Maintained Memory Module , 2007, RTSS 2007.

[18]  Lui Sha,et al.  The Simplex Reference Model: Limiting Fault-Propagation Due to Unreliable Components in Cyber-Physical System Architectures , 2007, RTSS 2007.

[19]  Marco Caccamo,et al.  Sandboxing Controllers for Cyber-Physical Systems , 2011, 2011 IEEE/ACM Second International Conference on Cyber-Physical Systems.

[20]  Ufuk Topcu,et al.  Synthesis of Admissible Shields , 2016, Haifa Verification Conference.

[21]  Joost-Pieter Katoen,et al.  Quantitative automata-based controller synthesis for non-autonomous stochastic hybrid systems , 2013, HSCC '13.

[22]  S. Esmaeil Zadeh Soudjani,et al.  Formal Abstractions for Automated Verification and Synthesis of Stochastic Systems , 2014 .

[23]  Marco Caccamo,et al.  Application and System-Level Software Fault Tolerance through Full System Restarts , 2017, 2017 ACM/IEEE 8th International Conference on Cyber-Physical Systems (ICCPS).