A Framework for Checkpointing and Recovery of Hierarchical Cyber-Physical Systems
Authors:
Kaustubh Sridhar,
Radoslav Ivanov,
Vuk Lesi,
Marcio Juliato,
Manoj Sastry,
Lily Yang,
James Weimer,
Oleg Sokolsky,
Insup Lee
Abstract:
This paper tackles the problem of making complex resource-constrained cyber-physical systems (CPS) resilient to sensor anomalies. In particular, we present a framework for checkpointing and roll-forward recovery of state-estimates in nonlinear, hierarchical CPS with anomalous sensor data. We introduce three checkpointing paradigms for ensuring different levels of checkpointing consistency across t…
▽ More
This paper tackles the problem of making complex resource-constrained cyber-physical systems (CPS) resilient to sensor anomalies. In particular, we present a framework for checkpointing and roll-forward recovery of state-estimates in nonlinear, hierarchical CPS with anomalous sensor data. We introduce three checkpointing paradigms for ensuring different levels of checkpointing consistency across the hierarchy. Our framework has algorithms implementing the consistent paradigm to perform accurate recovery in a time-efficient manner while managing the tradeoff with system resources and handling the interplay between diverse anomaly detection systems across the hierarchy. Further in this work, we detail bounds on the recovered state-estimate error, maximum tolerable anomaly duration and the accuracy-resource gap that results from the aforementioned tradeoff. We explore use-cases for our framework and evaluate it on a case study of a simulated ground robot to show that it scales to multiple hierarchies and performs better than an extended Kalman filter (EKF) that does not incorporate a checkpointing procedure during sensor anomalies. We conclude the work with a discussion on extending the proposed framework to distributed systems.
△ Less
Submitted 17 May, 2022;
originally announced May 2022.
Two-Point Voltage Fingerprinting: Increasing Detectability of ECU Masquerading Attacks
Authors:
Shabbir Ahmed,
Marcio Juliato,
Christopher Gutierrez,
Manoj Sastry
Abstract:
Automotive systems continuously increase their dependency on Electronic Control Units (ECUs) and become more interconnected to improve safety, comfort and Advanced Driving Assistance Systems (ADAS) functions to passengers and drivers. As a consequence of that trend, there is an expanding attack surface which may potentially expose vehicle's critical functions to cyberattacks. It is possible for an…
▽ More
Automotive systems continuously increase their dependency on Electronic Control Units (ECUs) and become more interconnected to improve safety, comfort and Advanced Driving Assistance Systems (ADAS) functions to passengers and drivers. As a consequence of that trend, there is an expanding attack surface which may potentially expose vehicle's critical functions to cyberattacks. It is possible for an adversary to reach the underlying Control Area Network (CAN) through a compromised node or external-facing network interface, and launch masquerading attacks that can compromise road and passenger safety. Due to lack of native authentication in the CAN protocol, an approach to detect masquerading attacks is to use ECU voltage fingerprinting schemes to verify that the messages are sent by authentic ECUs. Though effective against simple masquerading attacks, prior work is unable to detect attackers such as hardware Trojans, which can mimic ECU voltages in addition to spoofing messages. We introduce a novel Two-point ECU Fingerprinting scheme and demonstrate efficacy in a controlled lab setting and on a moving vehicle. Our results show that our proposed two-point fingerprinting scheme is capable of an overall F1-score over 99.4%. The proposed approach raises the bar for attackers trying to compromise automotive security both remotely and physically, therefore improving security and safety of autonomous vehicles.
△ Less
Submitted 19 February, 2021;
originally announced February 2021.
