Introduction to the Special Issue on Human-Interaction-Aware Data Analytics for Cyber-Physical Systems
This paper proposes new tools to detect the tampering of video feeds from surveillance cameras. Our proposal illustrates the unique cyber-physical properties that sensor devices can leverage for their cyber-security. While traditional authentication and attestation algorithms exchange digital challenges between devices authenticating each other, our work instead proposes challenges that manifest physically in the field of view of the camera (e.g., a QR code in a display, a change of color in lighting, an infrared light, etc.). This physical (challenge) and cyber (verification) attestation mechanism can help protect systems even when the sensors (cameras) and actuators (Display, IR LEDs, Color Lightbulbs) are compromised.
Pipelined control is an image-based control that uses parallel instances of its image-processing algorithm in a pipelined fashion to improve the quality of control. A higher number of pipes improves the controller settling time resulting in a trade-off between resources and control performance. In real-life applications, it is common to have a continuous-time model with additive uncertainties in one or more parameters that may affect the controller performance and therefore, the trade-off analysis. We consider models with uncertainties denoted by matrices with a single non-zero element, potentially caused by multiple uncertain parameters in the model. We analyse the impact of such uncertainties in the before-mentioned trade-off. To do so, we introduce a discretization technique for the uncertain model. Next, we use the discretized model with uncertainties to analyse the robustness of a pipelined controller designed to enhance performance. Such an analysis captures the relationship between resource usage, control performance, and robustness. Our results show that the tolerable uncertainties for a pipelined controller decreases when increasing the number of pipes. We also show the feasibility of our technique by implementing a realistic example in a Hardware-In-the-Loop simulation.
The vehicular cyber-physical systems (VCPS), among several other applications, may help in addressing the ever increasing problem of congestions in large cities. Nevertheless, this may be hindered by the problem of data falsification, which results out of either wrong perception of a traffic event or generation of fake information by the participating vehicles. Such information fabrication may cause re-routing of vehicles and artificial congestions, leading to economic, public safety, environmental, and health hazards. Thus, it is imperative to infer truthful traffic information at real-time for restoration of operation reliability of the VCPS. In this work, we propose a novel reputation scoring and decision support framework, called Spoofed and False Report Eradicator (SAFE), which offers a cost-effective and efficient solution to handle data falsification problem in the VCPS domain. It includes humans in the sensing loop by exploiting the paradigm of participatory sensing and a concept of mobile security agent (MSA) to nullify the effects of deliberate false contribution, and a variant of the distance bounding mechanism to thwart location-spoofing attacks. A regression-based model integrates these effects to generate the expected truthfulness of a participants contribution. To determine if any contribution is true or not, a generalized linear model is used to transform expected truthfulness into a Quality of Contribution (QoC) score. The QoC of different contributions are aggregated to compute the user reputation. Such reputation enables classification of different participation behaviors. Finally, an Expected Utility Theory (EUT)-based decision model is proposed which utilizes the reputation score to determine if an information should be published or dropped. To evaluate SAFE through experimental study, we compare the reputation-based user segregation performance achieved by our framework with that generated by the state-of-the-art reputation mechanisms. Experimental results demonstrate that SAFE is able to better capture subtle differences in user behaviors based on quality, quantity and location accuracy, and significantly improves operational reliability through accurate publishing of only legitimate information.
In this article, we describe a motion planning framework in a cyber-physical system (CPS) that takes into account the human's safety perception in the presence of a flying robot. We use Virtual reality (VR) as a safe testing environment to collect psychological signals from the test subjects experiencing a flying robot in their vicinity. The collected data shows that the sensor signals from the physical part (human) of CPS are influenced by unknown factors due to the distraction by other factors when the human's attention is focused not only on the robot but also on other stimuli. To overcome this issue, we propose to model the change of the focus in the human's attention as a latent discrete random variable, which clusters the data samples into two groups of relevant and irrelevant samples. The proposed model improves the likelihood over the Gaussian noise model, which only minimizes the squared error. We also present a numerical optimal path planning method that ensures spatial separation from the obstacle despite the time discretization in the CPS. Optimal paths generated using the proposed model result in reasonable safety distance from the human. In contrast, the paths generated by the standard regression model with Gaussian noise assumption have undesirable shapes due to over-fitting.
Android users are increasingly concerned with the privacy of their data and security of their devices. To improve the security awareness of users, recent automatic techniques produce security-centric descriptions by performing program analysis. However, the generated text does not always address users? concerns as they are generally too technical to be understood by ordinary users. Moreover, different users have varied linguistic preferences, which do not match the text. Motivated by this challenge, we develop an innovative scheme to help users avoid malware and privacy-breaching apps by generating security descriptions that explain the privacy and security related aspects of an Android app in clear and understandable terms. We implement a prototype system, PERSCRIPTION, to generate personalised security-centric descriptions that automatically learn users? security concerns and linguistic preferences to produce user-oriented descriptions. We evaluate our scheme through experiments and user studies. The results clearly demonstrate the improvement on readability and users? security awareness of PERSCRIPTION?s descriptions compared to existing description generators.
Introduction to the Special Issue on Real-Time aspects in Cyber-Physical Systems
Energy harvesters are becoming increasingly popular as power sources for IoT edge devices. However, one of the intrinsic problems of energy harvester is that the harvesting power is often weak and frequently interrupted. Therefore, energy harvesting powered edge devices have to work intermittently. To maintain execution progress, execution states need to be checkpointed into the non-volatile memory before each power failure. In this way, previous execution states can be resumed after power comes back again. Nevertheless, frequent checkpointing and low charging efficiency generate significant energy overhead. To alleviate these problems, this paper conducts a thorough energy efficiency analysis and proposes three algorithms to maximize the energy efficiency of program execution. First, a non-volatile processor (NVP) aware task scheduling (NTS) algorithm is proposed to reduce the size of checkpointing data. Second, a tentative checkpointing avoidance (TCA) technique is proposed to avoid checkpointing for further reduction of checkpointing overhead. Finally, a dynamic wake-up strategy (DWS) is proposed to wake up the edge device at proper voltages where the total hardware and software overhead is minimized for further energy efficiency maximization. The experiments on a real testbed demonstrate that, with the proposed algorithms, an edge device is resilient to extremely weak and intermittent power supply and the energy efficiency is as $2\times$ high as the baseline technique.
In recent years, rapid development of sensing and computing has led to very large data sets. There is an urgent demand for innovative data analysis and processing techniques that are secure, privacy-protected and sustainable. In this paper, taking human activities and interactions with Cyber-Physical Systems (CPS) into consideration, we propose a human behavior learning system based on Channel State Information (CSI) utilizing a series of algorithms for data analysis and processing. Aiming to recognize a set of gestures, our system is designed based on the observation that different gestures have different effects on signals and specific gesture signals have a unique energy spectrum. Specifically, an improved Linear Discriminant Analysis Algorithm (I-LDA) is devised to reduce the dimension of human behavior signalsand lower computational cost. Additionally, behaviors are learned by Logistic Regression Algorithm (LRA) where bandwidth ratios in energy spectrum are selected as features to eliminate the impact of different speeds. We implement our system on commercial off-the-shelf WiFi devices and conduct a large number of experiments in a typical indoor environment to evaluate its performance. Experimental results show that our system is robust with average recognition accuracy of up to 96%.
Human physiological data are naturalistic and objective user data inputs for a great number of cyber-physical systems (CPS). Electrocardiogram (ECG) as a widely used physiological golden indicator for certain human state and disease diagnosis is often used as user data input for various CPS such as medical CPS and human-machine interaction. Wireless transmission and wearable technology enable long-term continuous ECG data acquisition for human-CPS interaction; however, these emerging technologies bring challenges of storing and wireless transmitting huge amounts of ECG data, leading to energy efficiency issue of wearable sensors. ECG signal compression technique provides a promising solution for these challenges by decreasing ECG data size. In this study, we develop the first scheme of leveraging empirical mode decomposition (EMD) on ECG signals for sparse feature modeling and compression and further propose a new ECG signal compression framework based on EMD constructed feature dictionary. The proposed method features in compressing ECG signals using a very limited number of feature bases with low computation cost, which significantly improves the compression performance and energy efficiency. Our method is validated with the ECG data from MIT-BIH arrhythmia database and compared with existing methods. The results show that our method achieves the compression ratio (CR) of up to 164 with the root mean square error (RMSE) of 3.48% and the average CR of 88.08 with the RMSE of 5.66%, which is more than twice of the average CR of the state-of-the-art methods with similar recovering error rate of around 5%. For diagnostic distortion perspective, our method achieves high QRS detection performance with the sensitivity (SE) of 99.8% and the specificity (SP) of 99.6%, which shows that our ECG compression method can preserve almost all the QRS features and have no impact on the diagnosis process. In addition, the energy consumption of our method is only 30% of that of other methods when compared under the same recovering error rate.
There is a growing trend for employing cyber-physical systems to help smart homes to improve the comfort of residents. However, a residential cyber-physical system is differed from a common cyber-physical system since it directly involves human interaction, which is full of uncertainty. The existing solutions could be effective for performance enhancement in some cases when no inherent and dominant human factors are involved. Besides, The rapidly rising interest in the deployments of cyber-physical systems at home does not normally integrate with energy management schemes, which is a central issue that smart homes have to face. In this paper, we propose a cyber-physical system based energy management framework to enable a sustainable edge computing paradigm while meeting the needs of home energy management and residents. This framework aims to enable the full use of renewable energy while reducing electricity bills for households. A prototype system was implemented using real world hardware. The experiment results demonstrated that renewable energy is fully capable of supporting the reliable running of home appliances most of the time and electricity bills could be cut by up to 60% when our proposed framework was employed.
Coordinated vehicles for intelligent traffic management are instances of a cyber-physical systems with strict correctness requirements. A key building block for these systems is the ability to establish a group membership view that accurately captures the locations of all vehicles in a particular area of interest. We formally define view correctness in terms of soundness and completeness and establish theoretical bounds for the ability to verify view correctness. Moreover, we present an architecture for an online view detection and verification process that uses the information available locally to a vehicle. This architecture uses an SMT solver to automatically prove view correctness. We evaluate this architecture and demonstrate that the ability to verify view correctness is on par with the ability to detect view violations.
Cyber-Physical-Social Systems (CPSS) integrating the cyber, physical and social worlds, is a key technology to provide proactive and personalized services for humans. In this paper, we studied CPSS, by taking human-interaction-aware big data (HIBD) as the starting point. However, the HIBD collected from all aspects of our daily lives are of high-order and large-scale, which brings ever-increasing challenges for their cleaning, integration, processing and interpretation. Therefore, new strategies of representing and processing of HIBD becomes increasingly important in the provision of CPSS services. As an emerging technique, tensor, is proving to be a suitable and promising representation and processing tool of HIBD. In particular, tensor networks, as a kind of significant tensor decomposition, bring advantages of computing, storage and application of HIBD. Furthermore, Tensor-Train (TT), another kind of tensor networks, is particularly well suited for representing and processing high-order data by decomposing a high-order tensor into a series of low order tensors. However, at present, there is still need for an efficient Tensor-Train decomposition method for massive data. Therefore, for lager-scale HIBD, a highly-efficient computational method of Tensor-Train is required. In this paper, a distributed Tensor-Train (DTT) decomposition method is proposed to process the high-order and large-scale HIBD. The high performance of the proposed DTT such as the execution time is demonstrated with a case study on a typical CPSS data - CT (Computed Tomography) image data. Furthermore, as a typical CPSS application for HIBD - recognition was carried out in TT to illustrate the advantage of DTT.
Given the popularity of drones for leisure, commercial and government (e.g. military) usage, there is increasing focus on drone regulation. For example, how can the city council or some government agency detect and track drones more efficiently and effectively, say in a city to ensure that the drones are not engaged in authorized activities? Therefore, in this paper, we propose a crowdsensing-based cyber-physical system for drone surveillance. The proposed system, CSDrone, utilizes surveillance data captured and sent from citizens' mobile devices (e.g., Android and iOS devices, as well as other image or video capturing devices) to facilitate jointly drone detection and tracking. Our system uses random finite set (RFS) theory and RFS-based Bayesian filter. We also evaluate CSDrone's effectiveness in drone detection and tracking. The findings demonstrate that in comparison to existing drone surveillance systems, CSDrone has a lower cost, and is more flexible and scalable.
The functional safety research for automotive cyber-physical systems (ACPS) has been studied in recent years; however, these studies merely consider the change in the exposure of the functional safety classification and assume that the driver's controllability in the functional safety classification is always fixed and uncontrollable. In fact, the driver's controllability is variable during the runtime phase, such that the execution process of safety-critical automotive functions is a human-interaction-aware process between the driver and ACPS. To adapt to the changes in the driver's controllability, this paper studies the human-interaction-aware adaptive functional safety processing for multi-functional ACPS in two main phases. In the design phase, where the driver's controllability is fixed at the highest level (i.e., C3), we obtain the approximate optimal priority sequence of safety-critical functions without exhausting all sequences by proposing the refined exploration method. In the runtime phase, where the driver's controllability level is variable (i.e., C0, C1, C2, or C3), we propose the human-interaction-aware task remapping method to autonomously respond to the change of the driver's controllability. Examples and experiments confirm that the proposed adaptive functional safety processing can reduce overall task redundancy of safety-critical automotive functions while meeting their functional safety requirements, shorten overall response time of safety-critical automotive functions, and increase the slack time for non-safety-critical automotive functions.
It is challenging to design a secure and efficient multi-factor authentication scheme for real-time user data access in wireless sensor networks (WSNs). On the one hand, such real-time applications are generally security-critical, and various security goals need to be met. On the other hand, sensor nodes and users' mobile devices are typically of resource-constrained nature, and expensive cryptographic primitives cannot be used. In this work, we first revisit four foremost multi-factor authentication schemes, i.e., Srinivas et al.'s (IEEE TDSC'18), Amin et al.'s (JNCA'18), Li et al.'s (JNCA'18) and Li et al.'s (IEEE TII'18) schemes, and use them as case studies to reveal the difficulties and challenges in designing a multi-factor authentication scheme for WSNs right. We identify the root causes for their failures in achieving truly multi-factor security and forward secrecy. We further propose a robust multi-factor authentication scheme that makes use of the imbalanced computational nature of the RSA cryptosystem, particularly suitable for scenarios where sensor nodes (but not the user's device) are the main energy bottleneck. Comparison results demonstrate the superiority of our scheme. As far as we know, it is the first one that can satisfy all the twelve criteria of the state-of-the-art evaluation metric under the harshest adversary model so far.
Many clock synchronization protocols based on message passing, e.g., the Network Time Protocol (NTP), assume symmetric network delays to estimate the one-way packet transmission time as half of the roundtrip time. As a result, asymmetric network delays caused by either network congestion or malicious packet delays can cause significant synchronization errors. This paper exploits sinusoidal voltage signals of an alternating current (ac) power grid to limit the impact of the asymmetric network delays on these clock synchronization protocols. Our extensive measurements show that the voltage signals at geographically distributed locations in a city are highly synchronized. Leveraging calibrated voltage phases, we develop a new clock synchronization protocol, which we call Grid Time Protocol (GTP), that allows direct measurement of one-way packet transmission times between its slave and master nodes, subject to an analytic condition that can be easily verified in practice. The direct measurements render GTP resilient against asymmetric network delays under this condition. A prototype implementation of GTP maintains sub-ms synchronization accuracy for two nodes tens of kilometers apart in Singapore and Hangzhou, China, respectively, in the presence of malicious packet delays. Simulations driven by real network delay measurements between Singapore and Hangzhou under both normal and congested network conditions also show the synchronization accuracy improvement by GTP.We believe that GTP is suitable for grid-connected distributed systems that are currently served by NTP but desire higher resilience against unfavorable network dynamics and packet delay attacks.
The trend of connected / autonomous features adds significant complexity to the traditional automotive systems to improve driving safety and comfort. Engineers are facing significant challenges in designing test environments that are more complex than ever. We propose a test framework that allows one to automatically generate various virtual road environments from the path specification and the behavior specification. The path specification intends to characterize geometric paths that an environmental object (e.g., roadways or pedestrians) needs to be visualized or move over. We characterize this aspect in the form of linear or nonlinear constraints of 3-Dimensional coordinates. Then, we introduce a test coverage, called an area coverage, to quantify the quality of generated paths in terms of how wide area the generated paths can cover. We propose an algorithm that automatically generate such paths using a SMT (Satisfiability Modulo Theories) solver. On the other hand, the behavioral specification intends to characterize how an environmental object changes its mode changes over time by interacting with other objects (e.g., a pedestrian waits for a signal or start crossing). We characterize this aspect in the form of timed automata. Then, we introduce a test coverage, called an edge/location coverage, to quantify the quality of the generated mode changes in terms of how many modes or transitions are visited. We propose a method that automatically generates many different mode changes using a model-checking method. To demonstrate the test framework, we developed the right turn pedestrian warning system in intersection scenarios and generated many different types of pedestrian paths and behaviors to analyze the effectiveness of the system.