Dongming Jin,Shengxin Zhao,Zhi Jin,Xiaohong Chen,Chunhui Wang,Zheng Fang,Hongbin Xiao

2024-08-05

Abstract:Cyber-physical systems (CPSs) integrate cyber and physical components and enable them to interact with each other to meet user needs. The needs for CPSs span rich application domains such as healthcare and medicine, smart home, smart building, etc. This indicates that CPSs are all about solving real-world problems. With the increasing abundance of sensing devices and effectors, the problems wanted to solve with CPSs are becoming more and more complex. It is also becoming increasingly difficult to extract and express CPS requirements accurately. Problem frame approach aims to shape real-world problems by capturing the characteristics and interconnections of components, where the problem diagram is central to expressing the requirements. CPSs requirements are generally presented in domain-specific documents that are normally expressed in natural language. There is currently no effective way to extract problem diagrams from natural language documents. CPSs requirements extraction and modeling are generally done manually, which is time-consuming, labor-intensive, and error-prone. Large language models (LLMs) have shown excellent performance in natural language understanding. It can be interesting to explore the abilities of LLMs to understand domain-specific documents and identify modeling elements, which this paper is working on. To achieve this goal, we first formulate two tasks (i.e., entity recognition and interaction extraction) and propose a benchmark called CPSBench. Based on this benchmark, extensive experiments are conducted to evaluate the abilities and limitations of seven advanced LLMs. We find some interesting insights. Finally, we establish a taxonomy of LLMs hallucinations in CPSs requirements modeling using problem diagrams. These results will inspire research on the use of LLMs for automated CPSs requirements modeling.

Software Engineering

Robert Laddaga,Paul Robertson,Howard Shrobe,Dan Cerys,Prakash Manghwani,Patrik Meijer

DOI: https://doi.org/10.48550/arXiv.1901.01867

2019-01-07

Cryptography and Security

Abstract:Today's cyber physical systems (CPS) are not well protected against cyber attacks. Protected CPS often have holes in their defense, due to the manual nature of today's cyber security design process. It is necessary to automate or semi-automate the design and implementation of CPS to meet stringent cyber security requirements (CSR), without sacrificing functional performance, timing and cost constraints. Step one is deriving, for each CPS, the CSR that flow from the particular functional design for that CPS. That is the task assumed by our system, Deriving Cyber-security Requirements Yielding Protected Physical Systems - DCRYPPS. DCRYPPS applies Artificial Intelligence (AI) technologies, including planning and model based diagnosis to an important area of cyber security.

Chun Liu,Wei Zhang,Haiyan Zhao,Zhi Jin

DOI: https://doi.org/10.1109/apsec.2013.29

2013-01-01

Abstract:Integrating the computing process and the physical process, cyber-physical systems (CPS) pose many challenges to the system analysis and modeling. While most of the existing work focuses on developing the precise and formal model of CPS, little attentions have been given to the early requirements analysis and modeling which focuses on what the users' requirements are and what the software and physical domains of CPS will do to meet the users' requirements. In this paper, we provide an approach for early requirements analysis and modeling of CPS. This approach proposes to build the structure model to capture the system architecture, and the goal model to capture the refinement relationships between the users' requirements and the assumptions and requirements on the domains in CPS. These models help to build a clear understanding about CPS between the users and the designers and pave the way to define the precise and formal model. What these models are and how to build them are illustrated through a cruise control system.

Xi Zheng,Aloysius K. Mok,Ruzica Piskac,Yong Jae Lee,Bhaskar Krishnamachari,Dakai Zhu,Oleg Sokolsky,Insup Lee

2024-05-16

Abstract:The integration of machine learning (ML) into cyber-physical systems (CPS) offers significant benefits, including enhanced efficiency, predictive capabilities, real-time responsiveness, and the enabling of autonomous operations. This convergence has accelerated the development and deployment of a range of real-world applications, such as autonomous vehicles, delivery drones, service robots, and telemedicine procedures. However, the software development life cycle (SDLC) for AI-infused CPS diverges significantly from traditional approaches, featuring data and learning as two critical components. Existing verification and validation techniques are often inadequate for these new paradigms. In this study, we pinpoint the main challenges in ensuring formal safety for learningenabled CPS.We begin by examining testing as the most pragmatic method for verification and validation, summarizing the current state-of-the-art methodologies. Recognizing the limitations in current testing approaches to provide formal safety guarantees, we propose a roadmap to transition from foundational probabilistic testing to a more rigorous approach capable of delivering formal assurance.

Software Engineering,Artificial Intelligence,Distributed, Parallel, and Cluster Computing,Robotics

Amel Bennaceur,Carlo Ghezzi,Kenji Tei,Timo Kehrer,Danny Weyns,Radu Calinescu,Schahram Dustdar,Zhenjiang Hu,Shinichi Honiden,Fuyuki Ishikawa,Zhi Jin,Jeffrey Kramer,Marin Litoiu,Michele Loreti,Gabriel Moreno,Hausi Muller,Laura Nenzi,Bashar Nuseibeh,Liliana Pasquale,Wolfgang Reisig,Heinz Schmidt,Christos Tsigkanos,Haiyan Zhao

DOI: https://doi.org/10.1109/seams.2019.00018

2019-01-01

Abstract:From smart buildings to medical devices to smart nations, software systems increasingly integrate computation, networking, and interaction with the physical environment. These systems are known as Cyber-Physical Systems (CPS). While these systems open new opportunities to deliver improved quality of life for people and reinvigorate computing, their engineering is a difficult problem given the level of heterogeneity and dynamism they exhibit. While progress has been made, we argue that complexity is now at a level such that existing approaches need a major re-think to define principles and associated techniques for CPS. In this paper, we identify research challenges when modelling, analysing and engineering CPS. We focus on three key topics: theoretical foundations of CPS, self-adaptation methods for CPS, and exemplars of CPS serving as a research vehicle shared by a larger community. For each topic, we present an overview and suggest future research directions, thereby focusing on selected challenges. This paper is one of the results of the Shonan Seminar 118 on Modelling and Analysing Resilient Cyber-Physical Systems, which took place in December 2018.

Fan Zhang,Qianmei Wu,Bohan Xuan,Yuqi Chen,Wei Lin,Christopher M. Poskitt,Jun Sun,Binbin Chen

DOI: https://doi.org/10.1109/tse.2023.3309330

2020-01-01

Abstract:Cyber-physical systems (CPSs) automating critical public infrastructure face a pervasive threat of attack, motivating research into different types of countermeasures. Assessing the effectiveness of these countermeasures is challenging, however, as benchmarks are difficult to construct manually, existing automated testing solutions often make unrealistic assumptions, and blindly fuzzing is ineffective at finding attacks due to the enormous search spaces and resource requirements. In this work, we propose active sensor fuzzing , a fully automated approach for building test suites without requiring any a prior knowledge about a CPS. Our approach employs active learning techniques. Applied to a real-world water treatment system, our approach manages to find attacks that drive the system into 15 different unsafe states involving water flow, pressure, and tank levels, including nine that were not covered by an established attack benchmark. Furthermore, we successfully generate targeted multi-point attacks which have been long suspected to be possible. We reveal that active sensor fuzzing successfully extends the attack benchmarks generated by our previous work, an ML-guided fuzzing tool, with two more kinds of attacks. Finally, we investigate the impact of active learning on models and the reason that the model trained with active learning is able to discover more attacks.

Claudio Mandrioli,Seung Yeob Shin,Martina Maggio,Domenico Bianculli,Lionel Briand

DOI: https://doi.org/10.1145/3624742

2023-09-18

Abstract:Cyber-Physical Systems (CPSs) are often safety-critical and deployed in uncertain environments. Identifying scenarios where CPSs do not comply with requirements is fundamental but difficult due to the multidisciplinary nature of CPSs. We investigate the testing of control-based CPSs, where control and software engineers develop the software collaboratively. Control engineers make design assumptions during system development to leverage control theory and obtain guarantees on CPS behaviour. In the implemented system, however, such assumptions are not always satisfied, and their falsification can lead to loss of guarantees. We define stress testing of control-based CPSs as generating tests to falsify such design assumptions. We highlight different types of assumptions, focusing on the use of linearised physics models. To generate stress tests falsifying such assumptions, we leverage control theory to qualitatively characterise the input space of a control-based CPS. We propose a novel test parametrisation for control-based CPSs and use it with the input space characterisation to develop a stress testing approach. We evaluate our approach on three case study systems, including a drone, a continuous-current motor (in five configurations), and an aircraft.Our results show the effectiveness of the proposed testing approach in falsifying the design assumptions and highlighting the causes of assumption violations.

Software Engineering

Emmanuel Ledinot

DOI: https://doi.org/10.48550/arXiv.2104.13210

2021-04-26

Abstract:Virtualization of computing and networking, IT-OT convergence, cybersecurity and AI-based enhancement of autonomy are significantly increasing the complexity of CPS and CPSoS. New challenges have emerged to demonstrate that these systems are safe and secure. We emphasize the role of control and emerging fields therein, like symbolic control or set-based fault-tolerant and decentralized control, to address safety. We have chosen three open verification problems we deem central in cost-effective development and certification of safety critical CPSoS. We review some promising threads of research that could lead in the long term to a scalable and powerful verification strategy. Its main components are set-based and invariant-based design, contracts, adversarial testing, algorithmic geometry of dynamics, and probabilistic estimation derived from compositional massive testing. To explore these orientations in collaborative projects, and to promote them in certification arenas, we propose to continue and upgrade an open innovation drone-based use case that originated from a collaborative research project in aeronautic certification reformation

Systems and Control,Symbolic Computation

Mengyu Liu,Lin Zhang,Weizhe Xu,Shixiong Jiang,Fanxin Kong

DOI: https://doi.org/10.1145/3674904

IF: 1.447

2024-06-25

ACM Transactions on Design Automation of Electronic Systems

Abstract:There are various applications of Cyber-Physical systems (CPSs) which are life-critical where failure or malfunction can result in significant harm to human life, the environment, or substantial economic loss. Therefore, it is important to ensure their reliability, security, and robustness to the attacks. However, there is no widely used toolbox to simulate CPS and target security problems, especially the simulation of sensor attacks and defense strategies against them. In this work, we introduce our toolbox CPSim, a user-friendly simulation toolbox for security problems in CPS. CPSim aims to simulate common sensor attacks and countermeasures to these sensor attacks. We have implemented bias attacks, delay attacks, and replay attacks. Additionally, we have implemented various recovery-based methods against sensor attacks. The sensor attacks and recovery methods configurations can be customized with the given APIs. CPSim has built-in numerical simulators and various implemented benchmarks. Moreover, CPSim is compatible with other external simulators and can be deployed on a real testbed for control purposes.

computer science, software engineering, hardware & architecture

Massimo Nazaria

DOI: https://doi.org/10.48550/arXiv.1905.04780

2019-05-14

Abstract:Cyber-Physical Systems (CPSs) have become an intrinsic part of the 21st century world. Systems like Smart Grids, Transportation, and Healthcare help us run our lives and businesses smoothly, successfully and safely. Since malfunctions in these CPSs can have serious, expensive, sometimes fatal consequences, System-Level Formal Verification (SLFV) tools are vital to minimise the likelihood of errors occurring during the development process and beyond. Their applicability is supported by the increasingly widespread use of Model Based Design (MBD) tools. MBD enables the simulation of CPS models in order to check for their correct behaviour from the very initial design phase. The disadvantage is that SLFV for complex CPSs is an extremely time-consuming process, which typically requires several months of simulation. Current SLFV tools are aimed at accelerating the verification process with multiple simulators that work simultaneously. To this end, they compute all the scenarios in advance in such a way as to split and simulate them in parallel. Furthermore, they compute optimised simulation campaigns in order to simulate common prefixes of these scenarios only once, thus avoiding redundant simulation. Nevertheless, there are still limitations that prevent a more widespread adoption of SLFV tools. Firstly, current tools cannot optimise simulation campaigns from existing datasets with collected scenarios. Secondly, there are currently no methods to predict the time required to complete the SLFV process. This lack of ability to predict the length of the process makes scheduling verification activities highly problematic. In this thesis, we present how we are able to overcome these limitations with the use of a data-intensive simulation campaign optimiser and an accurate machine-independent execution time estimator.

Software Engineering

Richárd Szabó,András Vörös

DOI: https://doi.org/10.48550/arXiv.2108.12773

2021-08-29

Abstract:Cyber-physical systems (CPS) can be found everywhere: smart homes, autonomous vehicles, aircrafts, healthcare, agriculture and industrial production lines. CPSs are often critical, as system failure can cause serious damage to property and human lives. Today's cyber-physical systems are extremely complex, heterogeneous systems: to be able to manage their complexity in a unified way, we need an infrastructure that ensures that our systems operate with the high reliability as intended. In addition to the infrastructure, we need to provide engineers a method to ensure system reliability at design time. The paradigm of model-driven design provides a toolkit supporting the design and analysis and by choosing the proper formalisms, the model-driven design approach allows us to validate our system at design time.

Distributed, Parallel, and Cluster Computing,Software Engineering

Xiaohong Chen,Ling Yin,Yijun Yu,Zhi Jin

DOI: https://doi.org/10.1007/978-3-319-68690-5_4

2017-01-01

Abstract:The timing requirements of embedded cyber-physical systems (CPS) constrain CPS behaviors made by scheduling analysis. Lack of physical entity properties modeling and the need of scheduling analysis require a systematic approach to specify timing requirements of CPS at the early phase of requirements engineering. In this work, we extend the Problem Frames notations to capture timing properties of both cyber and physical domain entities into Clock Constraint Specification Language (CCSL) constraints which is more explicit that LTL for scheduling analysis. Interpreting them using operational semantics as finite state machines, we are able to transform these timing requirements into CCSL scheduling constraints, and verify their consistency on NuSMV. Our TimePF tool-supported approach is illustrated through the verification of timing requirements for a representative problem in embedded CPS.

Ankit Agrawal,Philipp Zech,Michael Vierhauser

2024-04-22

Abstract:Failures in safety-critical Cyber-Physical Systems (CPS), both software and hardware-related, can lead to severe incidents impacting physical infrastructure or even harming humans. As a result, extensive simulations and field tests need to be conducted, as part of the verification and validation of system requirements, to ensure system safety. However, current simulation and field testing practices, particularly in the domain of small Unmanned Aerial Systems (sUAS), are ad-hoc and lack a thorough, structured testing process. Furthermore, there is a dearth of standard processes and methodologies to inform the design of comprehensive simulation and field tests. This gap in the testing process leads to the deployment of sUAS applications that are: (a) tested in simulation environments which do not adequately capture the real-world complexity, such as environmental factors, due to a lack of tool support; (b) not subjected to a comprehensive range of scenarios during simulation testing to validate the system requirements, due to the absence of a process defining the relationship between requirements and simulation tests; and (c) not analyzed through standard safety analysis processes, because of missing traceability between simulation testing artifacts and safety analysis artifacts. To address these issues, we have developed an initial framework for validating CPS, specifically focusing on sUAS and robotic applications. We demonstrate the suitability of our framework by applying it to an example from the sUAS domain. Our preliminary results confirm the applicability of our framework. We conclude with a research roadmap to outline our next research goals along with our current proposal.

Software Engineering

Lei Bu,Tian Zhang,Xin Chen,Linzhang Wang,Jianhua Zhao,Xuandong Li

DOI: https://doi.org/10.1145/3229783.3229793

2018-01-01

Abstract:By combining communication, computation, and control (3C), Cyber-Physical Systems (CPS)0tightly couple the physical world with the cyber-world, to enable more applications, enhance performance, increase dependability and etc. Among these goals, as CPS are widely used in the safety-critical area, guaranteeing the basic dependability/safety is after all the prerequisite and often the top concern. However, the behavior of CPS is extremely complex. First of all, due to the existence of both discrete control modes transition and continuous real-time behavior in CPS, the behavior of CPS is a complex hybrid state space, which is difficult to understand and handle. Secondly, most CPS applications are working in the open environment and acquiring real-time data from the environment intensively to adjust their own behavior. The dynamic environment makes the behavior space more complex to reason. When a system is too complex to analyze directly, building an abstract model of the system and then conducting analysis on the model to answer questions about the original system is an important and widely-used method. Meanwhile, a reasonable model also plays important roles in the phase of specification, design, development, testing, monitoring and so on. Therefore, it is an important topic of investigating how model-based methods can be applied in the context of CPS to increase the quality and dependability of the system. During the past decade, our research group at Nanjing University has devoted a lot of efforts into this mission. We conducted comprehensive research in a wide spectrum of CPS including model-driven design, verification, control, monitoring, and testing. In this paper, we will make a general review of the progress we made on these directions recently.

Somali Chaterji,Parinaz Naghizadeh,Muhammad Ashraful Alam,Saurabh Bagchi,Mung Chiang,David Corman,Brian Henz,Suman Jana,Na Li,Shaoshuai Mou,Meeko Oishi,Chunyi Peng,Tiark Rompf,Ashutosh Sabharwal,Shreyas Sundaram,James Weimer,Jennifer Weller

DOI: https://doi.org/10.48550/arXiv.2001.00090

2019-12-20

Abstract:Cyberphysical systems (CPS) are ubiquitous in our personal and professional lives, and they promise to dramatically improve micro-communities (e.g., urban farms, hospitals), macro-communities (e.g., cities and metropolises), urban structures (e.g., smart homes and cars), and living structures (e.g., human bodies, synthetic genomes). The question that we address in this article pertains to designing these CPS systems to be resilient-from-the-ground-up, and through progressive learning, resilient-by-reaction. An optimally designed system is resilient to both unique attacks and recurrent attacks, the latter with a lower overhead. Overall, the notion of resilience can be thought of in the light of three main sources of lack of resilience, as follows: exogenous factors, such as natural variations and attack scenarios; mismatch between engineered designs and exogenous factors ranging from DDoS (distributed denial-of-service) attacks or other cybersecurity nightmares, so called "black swan" events, disabling critical services of the municipal electrical grids and other connected infrastructures, data breaches, and network failures; and the fragility of engineered designs themselves encompassing bugs, human-computer interactions (HCI), and the overall complexity of real-world systems. In the paper, our focus is on design and deployment innovations that are broadly applicable across a range of CPS application areas.

Computers and Society,Distributed, Parallel, and Cluster Computing,Systems and Control

Ezio Bartocci,Niveditha Manjunath,Leonardo Mariani,Cristinel Mateis,Dejan Ničković

DOI: https://doi.org/10.48550/arXiv.1903.12468

2019-03-29

Abstract:Debugging Cyber-Physical System (CPS) models can be extremely complex. Indeed, only the detection of a failure is insuffcient to know how to correct a faulty model. Faults can propagate in time and in space producing observable misbehaviours in locations completely different from the location of the fault. Understanding the reason of an observed failure is typically a challenging and laborious task left to the experience and domain knowledge of the designer. \n In this paper, we propose CPSDebug, a novel approach that by combining testing, specification mining, and failure analysis, can automatically explain failures in Simulink/Stateflow models. We evaluate CPSDebug on two case studies, involving two use scenarios and several classes of faults, demonstrating the potential value of our approach.

Software Engineering,Logic in Computer Science

Kaiyu Wan,K. L. Man,D. Hughes

DOI: https://doi.org/10.1109/nesea.2010.5678065

2010-01-01

Abstract:Cyber-Physical Systems (CPS) integrate computation with physical processes. By merging computing and communication with physical processes CPS allows computer systems to monitor and interact with the physical world. However, today's computing and networking abstractions do not adequately reflect the properties of the physical world. This shortcoming necessitates the development of effective methods and tools for analyzing and designing CPS. This paper analyzes the limitations of the current tools and methods by illustrating a motivating example of health care systems and proposes a unified framework for designing, simulating, and verifying CPS.

Chun LIU,Ran-Ran HUANG,Wei ZHANG,Hai-Yan ZHAO,Zhi JIN

DOI: https://doi.org/10.11897/SP.J.1016.2016.02344

2016-01-01

Abstract:The integration of computing process with physical process makes the software requirements analysis for Cyber-Physical Systems (CPS)a challenging task.First,software requirements need to be derived from the desired changes of physical entities and the properties of such physical entities.Second,analysts can’t treat the software as a whole and describe its external behaviors. Instead,they need to analyze the software entities and physical entities composing CPS and capture the properties of each physical entity and desired behaviors of each software entity.Finally,a unified way is required to describe the properties of physical entities and the behaviors of software entities to help validate the satisfaction of user’requirements.Based on problem frame and goal oriented approaches,this paper proposes an approach to address this task.It describes the properties of physical entities and the behaviors on software entities in CPS as the causal relations between <br> phenomena.Starting from the physical phenomena desired by users,it then follows the goal based analysis process,transforms the software requirements analysis into building the phenomena causal chains required to meet users’requirements,and finally validates the satisfactions of users’requirements by checking whether the desired phenomena in the causal chains can be reached through describing the causal chains with Alloy.An adaptive cruise control system has been taken as an example to show the feasibility.

Ameerah-Muhsinah Jamil,Lotfi Ben Othmane,Altaz Valani

DOI: https://doi.org/10.1007/978-3-031-02067-4_1

2022-01-01

Abstract:AbstractTraditional Cyber-physical Systems (CPSs) were not built with cybersecurity in mind. They operated on separate Operational Technology (OT) networks. As these systems now become more integrated with Information Technology (IT) networks based on IP, they expose vulnerabilities that can be exploited by the attackers through these IT networks. The attackers can control such systems and cause behavior that jeopardizes the performance and safety measures that were originally designed into the system. In this paper, we explore the approaches to identify threats to CPSs and ensure the quality of the created threat models. The study involves interviews with eleven security experts working in several different domains. We found through these interviews that the practitioners use a combination of various threat modeling methods, approaches, and standards together when they perform threat modeling of given CPSs. Key challenges practitioners face are: they cannot transfer the threat modeling knowledge that they acquire in a cyber-physical domain to other domains, threat models of modified systems are often not updated, and the reliance on mostly peer-evaluation and quality checklists to ensure the quality of threat models. The study warns about the difficulty to develop secure CPSs and calls for research on developing practical threat modeling methods for CPSs, techniques for continuous threat modeling, and techniques to ensure the quality of threat models.

Ioannis Zografopoulos,Juan Ospina,XiaoRui Liu,Charalambos Konstantinou

DOI: https://doi.org/10.48550/arXiv.2101.10198

2021-01-25

Cryptography and Security

Abstract:Cyber-physical systems (CPS) are interconnected architectures that employ analog, digital, and communication resources for their interaction with the physical environment. CPS are the backbone of enterprise, industrial, and critical infrastructure. Thus, their vital importance makes them prominent targets for malicious attacks aiming to disrupt their operations. Attacks targeting cyber-physical energy systems (CPES), given their mission-critical nature, can have disastrous consequences. The security of CPES can be enhanced leveraging testbed capabilities to replicate power system operations, discover vulnerabilities, develop security countermeasures, and evaluate grid operation under fault-induced or maliciously constructed scenarios. In this paper, we provide a comprehensive overview of the CPS security landscape with emphasis on CPES. Specifically, we demonstrate a threat modeling methodology to accurately represent the CPS elements, their interdependencies, as well as the possible attack entry points and system vulnerabilities. Leveraging the threat model formulation, we present a CPS framework designed to delineate the hardware, software, and modeling resources required to simulate the CPS and construct high-fidelity models which can be used to evaluate the system's performance under adverse scenarios. The system performance is assessed using scenario-specific metrics, while risk assessment enables system vulnerability prioritization factoring the impact on the system operation. The overarching framework for modeling, simulating, assessing, and mitigating attacks in a CPS is illustrated using four representative attack scenarios targeting CPES. The key objective of this paper is to demonstrate a step-by-step process that can be used to enact in-depth cybersecurity analyses, thus leading to more resilient and secure CPS.