Cyber-Physical System, Security, Machine Learning

CPS Security

We offer techniques for building intrusion detection system for Cyber-Physical Systems (CPSes).

Sarwat

A self-driving laboratory is a cyber-physical system that uses software-controlled laboratory equipment, such as robotic arms and smart devices, to permit autonomous experimentation. Intelligent systems within these laboratories can independently conduct experiments, analyze results, and identify a subsequent experiment to run. However, self-driving laboratories are vulnerable to security attacks due to their dependence on networked communication. Further, a naive researcher could inadvertently make human errors while prototyping new experiments. Both an attacker or a naive researcher could potentially cause unsafe scenarios, posing risks to the safety and security of the self-driving laboratories. For instance, they could make robot arm crash into expensive equipment or could launch dangerous experiments. To protect against these unsafe scenarios, we present Sarwat, a rule-based intrusion detection system (IDS) for self-driving laboratories. Sarwat uses a set of rules for defining the behavior that is allowed in a self-driving laboratory. If the behavior inside the laboratory violates any of the rules, Sarwat raises an alarm. Sarwat achieves an overall detection rate of 75%, making it effective for most of the unsafe scenarios. We conducted a pilot study to evaluate the user-friendliness of Sarwat and found that the initial setup of Sarwat in a self-driving laboratory requires our assistance. However, once configured, it is easy to maintain, making it highly valuable for training new users and prototyping new experiments. Additionally, Sarwat introduces minimal latency overhead of 1.5% to the ongoing experiment workflows of a self-driving laboratory. This prevents delays in running experiment steps that can lead to incorrect results. Therefore, Sarwat allows researchers in a self-driving laboratory to perform experiments safely and securely.

Additional Information
  • People: Zainab Wattoo, Petal Vitis, Arpan Gujarati, Richard Zhu
  • Robotic Arm Testbed
    • Arming IDS Researchers with a Robotic Arm Dataset

    Industry 4.0 is rapidly transforming traditional manufacturing practices. Smart manufacturing technologies that automate research and development using a combination of robotic arms and domain-specific cyber-physical systems are at the core of this transformation. Unfortunately, dependence on networked communication increases the risk of security attacks, which must be mitigated using either platforms that are secure by design or intrusion detection and prevention systems. We report on an ongoing project to design and develop intrusion detection systems (IDS) for the Hein Lab, a smart manufacturing research lab in the chemical sciences domain. Designing effective IDS requires large datasets and high-quality, domain-specific benchmarks, which are difficult to obtain. To address this gap, we present the Robotic Arm Dataset (RAD), which we collected at the Hein Lab over a three-month period. We also present our non-intrusive tracing framework RATracer, which can be retrofitted onto any existing Python-based automation pipeline, and two sets of preliminary analyses based on the command and power data in RAD.

    Additional Information
  • People: Arpan Gujarati, Zainab Wattoo, Maryam R.Aliabadi, Amee Trivedi, Richard Zhu
  • Robotic Arm Dataset
  • Arming IDS Researchers with a Robotic Arm Dataset, DSN 2022
    • ARTINALI#

    ARTINALI# is a Bayesian-based search and score technique that identifies the critical points at which to instrument a CPS. Given a set of security monitors that observe run-time behavior of the system, a set of specifications that verify the correct behavior of the system, and statistics gathered from fault injection, ARTINALI# discovers a small set of locations and a rich set of specifications that yield full attack coverage with low (memory and time) overhead. We deploy ARTINALI# to construct an intrusion detection system for two classes CPSes, and demonstrate that our technique reduces the number of security monitors by 64% on average, leading to 52% and 69% reductions in memory and runtime overhead respectively.

    Additional Information
  • People: Maryam R.Aliabadi
  • ARTINALI Paper: Dynamic Invariant Detection for Cyber-Physical System Security , FSE 2017
  • ARTINALI# Paper: An Efficient Intrusion Detection Technique for Resource-Constrained Cyber-Physical Systems , IJCIP 2021
  • ARTINALI++ Paper: Multi-dimensional Specification Mining for Complex Cyber-Physical System Security , JSS 2021
    • arrow_back Back

    Systopia lab is supported by a number of government and industrial sources, including Cisco Systems, the Communications Security Establishment Canada, Intel Research, the National Sciences and Engineering Research Council of Canada (NSERC), Network Appliance, Office of the Privacy Commissioner of Canada, and the National Science Foundation (NSF).