Abstract:
Cyber-Physical Systems are converging towards a component-oriented and platform-based implementation. The community-driven Robotic Operating Systems and the proprietary Residential Operating System (of Prodea) are just two examples that indicate this trend. We envision that the software of the CPS is frequently updated and reconfigured, yet it cannot be guaranteed that security vulnerabilities are completely absent in the deployed systems. Clearly, there is a need to incorporate appropriate security features in these platforms so that they exhibit the necessary resilience properties and continue providing services even if parts of the larger system are compromised. In this project we develop a model-driven approach to system architecting for these component-based CPS that results in analysis techniques to determine the resilience of the systems, and in synthesis techniques that assist with the implementation. Prototypes and experimental studies will provide the vehicle for evaluation.
Hard Problems Addressed:
Dr. Gabor Karsai is a Professor of Electrical Engineering and Computer Science at Vanderbilt University, and Senior Research Scientist at the Institute for Software-Integrated Systems. He has over thirty years of experience in software engineering. He conducts research in the design and implementation of embedded systems, in programming tools for visual programming environments, in the theory and practice of model-integrated computing, and in resource management and scheduling systems. He received his Diploma, MSc, and Dr. Techn. degrees from the Technical University of Budapest, Hungary, in 1982, 1984 and 1988, respectively, and his PhD from Vanderbilt University in 1988. He has published over 150 papers, and he is the co-author of four patents. He has managed several large research projects on model-based integration of embedded systems, model-based toolchains, fault-adaptive control technology, and coordinated scheduling and planning.
Education
Ph.D., Electrical and Computer Engineering
Vanderbilt University
Dr.Tech., Computer Engineering
Technical University of Budapest
M.S., Electrical Engineering
Technical University of Budapest
B.S., Electrical Engineering
Technical University of Budapest
This research thrust focuses on the design and development of a highly accessible and scalable testbed environment for supporting the evaluation and experimentation efforts across the entire SURE research portfolio. This work is based on our existing technologies and previous results with the Command and Control Windtunnel (C2WT), a large-scale simulation integration platform and WebGME, a metaprogrammable web-based modeling environment with special emphasis
on on-line collaboration, model versioning and design-reuse. We are utilizing these core technologies and other third-party tools (e.g. Emulab) to provide a web-based interface for designing, executing and evaluating testbenches on a cloud-based simulation infrastructure. The metaprogramable environment enables us to develop and provide modeling languages, which specifically target each research thrust. Furthermore, by leveraging built-in prototypical inheritance we are building re-usable library components in the target domains.
First, the developed visual/modeling languages will be used to capture the physical, computational and communication infrastructure. Also, the simulation models will describe the deployment, configuration and/or the concrete strategies of security measures and algorithms. Third, the environment will provide entry points for injecting various attack or failure events from an existing library of components or by providing a model-based description of the algorithm.
For stimulating the experimentation and validation efforts in the SURE research thrusts and to motivate students and outside contributors to participate we are developing "Red Team" vs "Blue Team" simulation scenarios, where a using a given CPS infrastructure model each team is tasked to develop and/or configure security and fail-over measures while the other team develops an attack model. After the active design phase--when both teams are working in parallel and in isolation--the simulation is executed with no external user interaction, potentially several times. The winner is decided based on the scoring weights and rules which are captured by the infrastructure model. If successful, we may organize championships and maintain a leader board for each infrastructure model.
Peter Volgyesi is a Research Scientist at the Institute for Software Integrated Systems at Vanderbilt University. In the past decade Mr. Volgyesi has been working on several novel and high impact projects sponsored by DARPA, NSF, ONR, ARL and industrial companies (Lockheed Martin, BAE Systems, the Boeing Company, Raytheon, Microsoft). He is one of the architects of the Generic Modeling Environment, a widely used metaprogrammable visual modeling tool, and WebGME - its modern web-based variant. Mr. Volgyesi had a leading role in developing the real-time signal processing algorithms in PinPtr, a low cost, low power countersniper system. He also participated in the development of the Radio Interferometric Positioning System (RIPS), a patented technology for accurate low-power node localization. As PI on two NSF funded projects Mr. Volgyesi and his team developed a low-power software-defined radio platform (MarmotE) and a component-based development toolchain targeting multicore SoC architectures for wireless cyber-physical systems. His team won the Preliminary Tournament of the DARPA Spectrum Challenge in September, 2013.
In security, our concern is typically with securing a particular network, or eliminating security holes in a particular piece of software. These are important, but they miss the fact that being secure is fundamentally about security of all constituent parts, rather that any single part in isolation. In principle, if we can control all the pieces of a system, we can secure all possible channels of attack. Typically, system and security design of various components are performed by different agents, having varying and often conflicting interests. Our goal is to develop this framework, and associated computational tools to address security holistically, accounting for incentives of all the parties.
In particular, the project aspires to investigate the many facets of decentralization in security. The overarching aim is to answer the following three questions in a variety of relevant settings: 1) what does decentralization of security decisions and associated incentive misalignment imply for overall system security; 2) in the world of decentralized security decisions, how should an organization optimally secure itself; and 3) how can one design incentives or constraints to improve the overall system security. Much of the project focus will be on interdependence of security decisions, giving rise to competing decision externalities: positive externalities, where securing one’s system reduces exposure risk for others, and negative externalities, where security of one system incentivizes the attacker to attack another. The former will tend to lead to under-investment in security; the latter are expect to push organizations to invest too much.
Yevgeniy Vorobeychik is an Assistant Professor of Computer Science and Computer Engineering at Vanderbilt University. Previously, he was a Principal Member of Technical Staff at Sandia National Laboratories. Between 2008 and 2010 he was a post-doctoral research associate at the University of Pennsylvania Computer and Information Science department. He received Ph.D. (2008) and M.S.E. (2004) degrees in Computer Science and Engineering from the University of Michigan, and a B.S. degree in Computer Engineering from Northwestern University. His work focuses on game theoretic modeling of security, algorithmic and behavioral game theory and incentive design, optimization, complex systems, epidemic control, network economics, and machine learning. Dr. Vorobeychik has published over 60 research articles on these topics. Dr. Vorobeychik was nominated for the 2008 ACM Doctoral Dissertation Award and received honorable mention for the 2008 IFAAMAS Distinguished Dissertation Award. In 2012 he was nominated for the Sandia Employee Recognition Award for Technical Excellence. He was also a recipient of a NSF IGERT interdisciplinary research fellowship at the University of Michigan, as well as a distinguished Computer Engineering undergraduate award at Northwestern University.
Welcome to C3E2013!
Now in our sixth year, we'll gather at the Georgia Tech Research Institute (GTRI) Conference Center in October to continue our exploration of work begun during the May 2014 mid-year event by focusing in two areas:
Majority of the working group members are not available to meet July 1, 2014, so the working group meeting is canceled. The next meeting will be July 8, 1100-1230. Agenda items for next week will be in today's meeting notes that will be posted shortly.
This is a standing meeting for the planning of the Transition to Practice Workshop.
Teleconference Number - 443-634-3802
Existing protocol analysis are typically confined to the electronic messages exchanged among computer systems running at the endpoints. In this project we take a broader view in which a protocol additionally encompasses both physical technologies as well as human participants. Our goal is to develop techniques for analyzing and proving security of protocols involving all these entities, with open-audit, remote voting systems such as Remotegrity as our starting point.
Jonathan Katz is a professor in the Department of Computer Science and a core faculty member in the Maryland Cybersecurity Center with an appointment in the University of Maryland Institute for Advanced Computer Studies. He is also a Fellow of the Joint Center for Quantum Information and Computer Science.
Katz research interests include cryptography, computer and network security and theoretical computer science.
He is a recipient of the Humboldt Research Award, the ACM SIGSAC Outstanding Contribution Award, a University of Maryland Distinguished Teacher-Scholar Award, an NSF CAREER award and more. Katz is also a Fellow of the International Association for Cryptologic Research (IACR). He co-authored the textbook "Introduction to Modern Crytography" and a monograph on digital signature schemes.
Katz has held visiting appointments at UCLA, the École normale supérieure in Paris, France, and IBM in Hawthorne, NY.
He received his doctorate in computer science from Columbia University.
Our goal is to develop a transormational framework for a science of trust, and its impact on local policies for collaboration, in networked multi-agent systems. The framework will take human bahavior into account from the start by treating humans as integrated components of these networks, interacting dynamically with other elements. The new analytical framework will be integrated, and validated, with empirical methods of analyzing experimental data on trust, recommendation and reputation, from several datasets available to us, in order to capture fundamental trends and patterns of human behavior, including trust and mistrust propagation, confidence in trust, phase transitions in the dynamic graph models involved in the new framework, stability or instability of collaborations.
Trust as a concept, has been developed and used in several settings and in various forms. It has been devloped and applied in social and economic networks as well as information and communication networks. An important challenge is the diversity of descriptions and uses of trust that have appeared in prior work. Another challenge is the relative scarcity of quantitative and formal methods for modeling and evaluating trust. Methods for modeling trust have varied from simple empirical models based on statistical experiments, to simple scalar weights, to more sophisticated policy-based methods. Furthermore, there are very few works attempting to link empirical data on trust (in particular data on human behavior) to various formal and quantitative models.
Our new framework is based on our recently developed foundational model for networked multi-agent systems in which we consider three interacting dynamic graphs on the same underlying set of nodes: a social/agent network, which is relational; an information network, which is also relational; and a communication network that is physical. These graphs are directed and their links and nodes are annotated with dynamically changing "weights" representing trust metrics whose formal definition and mathematical representation can take one of several options, e.g. weights can be scalars, vectors, or even policies (i.e. rules). Such models, in much simpler mathematical form, have been used in social- and economic-network studies under the name of value directed graphs. The model we are developing is far more sophisticated, and thus much more expressive. We will incorporate within such models complex human behavior in various forms.
Within this new framework that we are developing, we are specifically focusing on investigating the following fundamental problems: (a) Theories and principles governing the spreading dynamics of trust and msitrust among memebers of a network; (b) Design and analysis of recommendation systems, their dynamics and integrity; (c) Development of a framework for understanding the composition of trust across various networks at the different layers of our basic model; (d) Analysis of the effects of trust on collaboration in networked multi-agent systems, using game-theoretic and economic principles.
Various practical applications are also pursued to demonstrate the results in various practical settings.
In these investigations we principally use the following analytical methods and appropriate extensions: (i) Multiple partially ordered semirings; (ii) Constrained-coalitional games on dynamic networks; (iii) Embeddings of complex annotated graphs in nonlinear parametric spaces for the development of scalable and fast algorithms (e.g. hyperbolic networks and hyperbolic embeddings); (iv) Sophisticated statistical analysis of experimental data on trust and associated human behavioral patterns.