Biblio

This work-in-progress paper proposes a design methodology that addresses the complexity and heterogeneity of cyber-physical systems (CPS) while simultaneously proving resilient control logic and security properties. The design methodology involves a formal methods-based approach by translating the complex control logic and security properties of a water flow CPS into timed automata. Timed automata are a formal model that describes system behaviors and properties using mathematics-based logic languages with precision. Due to the semantics that are used in developing the formal models, verification techniques, such as theorem proving and model checking, are used to mathematically prove the specifications and security properties of the CPS. This work-in-progress paper aims to highlight the need for formalizing plant models by creating a timed automata of the physical portions of the water flow CPS. Extending the time automata with control logic, network security, and privacy control processes is investigated. The final model will be formally verified to prove the design specifications of the water flow CPS to ensure efficacy and security.

With the development of computer technology and information security technology, computer networks will increasingly become an important means of information exchange, permeating all areas of social life. Therefore, recognizing the vulnerabilities and potential threats of computer networks as well as various security problems that exist in reality, designing and researching computer quality architecture, and ensuring the security of network information are issues that need to be resolved urgently. The purpose of this article is to study the design and realization of information security technology and computer quality system structure. This article first summarizes the basic theory of information security technology, and then extends the core technology of information security. Combining the current status of computer quality system structure, analyzing the existing problems and deficiencies, and using information security technology to design and research the computer quality system structure on this basis. This article systematically expounds the function module data, interconnection structure and routing selection of the computer quality system structure. And use comparative method, observation method and other research methods to design and research the information security technology and computer quality system structure. Experimental research shows that when the load of the computer quality system structure studied this time is 0 or 100, the data loss rate of different lengths is 0, and the correct rate is 100, which shows extremely high feasibility.

Most existing deep neural networks (DNNs) are inexplicable and fragile, which can be easily deceived by carefully designed adversarial example with tiny undetectable noise. This allows attackers to cause serious consequences in many DNN-assisted scenarios without human perception. In the field of speaker recognition, the attack for speaker recognition system has been relatively mature. Most works focus on white-box attacks that assume the information of the DNN is obtainable, and only a few works study gray-box attacks. In this paper, we study blackbox attacks on the speaker recognition system, which can be applied in the real world since we do not need to know the system information. By combining the idea of transferable attack and query attack, our proposed method NMI-FGSM-Tri can achieve the targeted goal by misleading the system to recognize any audio as a registered person. Specifically, our method combines the Nesterov accelerated gradient (NAG), the ensemble attack and the restart trigger to design an attack method that generates the adversarial audios with good performance to attack blackbox DNNs. The experimental results show that the effect of the proposed method is superior to the extant methods, and the attack success rate can reach as high as 94.8% even if only one query is allowed.

Current sensors are widely used in power grid for power metering, automation and power equipment monitoring. Since the tradeoff between the sensitivity and the measurement range needs to be made to design a current sensor, it is difficult to deploy one sensor to measure both the small-magnitude and the large-magnitude current. In this research, we design a surface-mount current sensor by using the tunneling magneto-resistance (TMR) devices and show that the tradeoff between the sensitivity and the detection range can be broken. Two TMR devices of different sensitivity degrees were integrated into one current sensor module, and a signal processing algorithm was implemented to fusion the outputs of the two TMR devices. Then, a platform was setup to test the performance of the surface-mount current sensor. The results showed that the designed current sensor could measure the current from 2 mA to 100 A with an approximate 93 dB dynamic range. Besides, the nonintrusive feature of the surface-mount current sensor could make it convenient to be deployed on-site.

Reconfigurability is very popular in advanced highly integrated wireless communication circuits and systems, which is valuable for mitigating spectrum congestion and reducing signal interference. To reduce interference and meet the different wireless standards in different countries, frequency reconfigurable filters are promising. Concurrently, due to the conductor and semiconductor properties of VO2 at different temperatures or pressures, the phase transition characteristics of new material VO2 are applied to reconfigurable filters. This paper mainly discusses the application of phase transition characteristics of VO2 materials in filter design and proposes a frequency reconfigurable microstrip bandpass filter based on VO2 materials, in which the microstrip filter adopts the design form of end coupling. Through theoretical calculation, data analysis, and the establishment of the equivalent model of VO2 phase transition, a related design is proposed. An end-coupled microband bandpass filter centered at a reconfigurable frequency (6 GHz to 6.5 GHz) with fractional bandwidth of 2.8% has been designed, which shows consistent match with the expected ones and verify the validity of the proposed method.

A threat of eavesdropping display screen image of information device is caused by unintended EM leakage emanation. QR bar-code is capable of error correction, and its information is possibly read from a damaged screen image from EM leakage. A new design of QR bar-code proposed in this paper uses selected colors in consideration of correlation between the EM wave leakage and display color. Proposed design of QR bar-code keeps error correction of displayed image, and makes it difficult to read information on the eavesdropped image.

Discovering vulnerabilities is an information-intensive task that requires a developer to locate the defects in the code that have security implications. The task is difficult due to the growing code complexity and some developer's lack of security expertise. Although tools have been created to ease the difficulty, no single one is sufficient. In practice, developers often use a combination of tools to uncover vulnerabilities. Yet, the basis on which different tools are composed is under explored. In this paper, we examine the composition base by taking advantage of the tool design patterns informed by foraging theory. We follow a design science methodology and carry out a three-step empirical study: mapping 34 foraging-theoretic patterns in a specific vulnerability discovery tool, formulating hypotheses about the value and cost of foraging when considering two composition scenarios, and performing a human-subject study to test the hypotheses. Our work offers insights into guiding developers' tool usage in detecting software vulnerabilities.

This paper studies event-triggered output-based security control of nonlinear system under deception attacks obeying a Bernoulli distribution. Firstly, to save system resources of a T-S fuzzy system, an output-based discrete event-triggered mechanism (ETM) is introduced, which excludes Zeno behavior absolutely. Secondly, a closed-loop T-S fuzzy system model is built, which integrates parameters of the nonlinear plant, the ETM, stochastic attacks, fuzzy dynamic output feedback controller and network-induced delays in a unified framework. Thirdly, sufficient conditions for asymptotic stability of the T-S fuzzy sys$łnot$tem are derived, and the design method of a fuzzy output-based security controller is presented. Finally, an example illustrates effectiveness of the proposed method.

How team members are treated influences their performance in the team and their desire to be a part of the team in the future. Prior research in human-robot teamwork proposes fairness definitions for human-robot teaming that are based on the work completed by each team member. However, metrics that properly capture people’s perception of fairness in human-robot teaming remains a research gap. We present work on assessing how well objective metrics capture people’s perception of fairness. First, we extend prior fairness metrics based on team members’ capabilities and workload to a bigger team. We also develop a new metric to quantify the amount of time that the robot spends working on the same task as each person. We conduct an online user study (n=95) and show that these metrics align with perceived fairness. Importantly, we discover that there are bleed-over effects in people’s assessment of fairness. When asked to rate fairness based on the amount of time that the robot spends working with each person, participants used two factors (fairness based on the robot’s time and teammates’ capabilities). This bleed-over effect is stronger when people are asked to assess fairness based on capability. From these insights, we propose design guidelines for algorithms to enable robotic teammates to consider fairness in its decision-making to maintain positive team social dynamics and team task performance.

The notion of Zero Trust Architecture (ZTA) has been introduced as a fine-grained defense approach. It assumes that no entities outside and inside the protected system can be trusted and therefore requires articulated and high-coverage deployment of security controls. However, ZTA is a complex notion which does not have a single design solution; rather it consists of numerous interconnected concepts and processes that need to be assessed prior to deciding on a solution. In this paper, we outline a ZTA design methodology based on cyber risks and the identification of known high security risks. We then discuss challenges related to the design and deployment of ZTA and related solutions. We also discuss the role that service technology can play in ZTA.

Within a framework for verifying parametric network protocols through induction, one needs to find invariants based on a protocol instance of a small number of nodes. In this paper, we propose a new approach to accelerate parameterized verification by adopting decision trees to represent the state space of a protocol instance. Such trees can be considered as a knowledge base that summarizes all behaviors of the protocol instance. With this knowledge base, we are able to efficiently construct an oracle to effectively assess candidates of invariants of the protocol, which are suggested by an invariant finder. With the discovered invariants, a formal proof for the correctness of the protocol can be derived in the framework after proper generalization. The effectiveness of our method is demonstrated by experiments with typical benchmarks.

In this paper, a technique to design analog circuits with enhanced security is described. The proposed key based obfuscation technique uses a mesh topology to obfuscate the physical dimensions and the threshold voltage of the transistor. To mitigate the additional overhead of implementing the obfuscated circuitry, a satisfiability modulo theory (SMT) based algorithm is proposed to auto-determine the sizes of the transistors selected for obfuscation such that only a limited set of key values produce the correct circuit functionality. The proposed algorithm and the obfuscation methodology is implemented on an LC tank voltage-controlled oscillator (VCO). The operating frequency of the VCO is masked with a 24-bit encryption key applied to a 2×6 mesh structure that obfuscates the dimensions of each varactor transistor. The probability of determining the correct key is 5.96×10-8 through brute force attack. The dimensions of the obfuscated transistors determined by the analog satisfiability (aSAT) algorithm result in at least a 15%, 3%, and 13% deviation in, respectively, the effective transistor dimensions, target frequency, and voltage amplitude when an incorrect key is applied to the VCO. In addition, only one key produces the desired frequency and properly sets the overall performance specifications of the VCO. The simulated results indicate that the proposed design methodology, which quickly and accurately determines the transistor sizes for obfuscation, produces the target specifications and provides protection for analog circuits against IP piracy and reverse engineering.

Field-programmable gate arrays (FPGAs) are widely applied in various fields for its merit of reconfigurability. The reusable intellectual property (IP) design blocks are usually adopted in the more complex FPGA designs to shorten design cycle. IP infringement hence becomes a concern. In this paper, we propose a new pay-per-use scheme using the lock and key mechanism for the protection of FPGA IP. Physical Unclonable Function (PUF) is adopted to generate a unique ID for each IP instance. An extra Finite State Machine (FSM) is introduced for the secure retrieval of PUF information by the FPGA IP vendor. The lock is implemented on the original FSM. Only when the FPGA developer can provide a correct license, can the FSM be unlocked and start normal operation. The FPGA IP can hence be protected from illegal use or distribution. The scheme is applied on some benchmarks and the experimental results show that it just incurs acceptably low overhead while it can resist typical attacks.

Hardware information flow analysis detects security vulnerabilities resulting from unintended design flaws, timing channels, and hardware Trojans. These information flow models are typically generated in a general way, which includes a significant amount of redundancy that is irrelevant to the specified security properties. In this work, we propose a property specific approach for information flow security. We create information flow models tailored to the properties to be verified by performing a property specific search to identify security critical paths. This helps find suspicious signals that require closer inspection and quickly eliminates portions of the design that are free of security violations. Our property specific trimming technique reduces the complexity of the security model; this accelerates security verification and restricts potential security violations to a smaller region which helps quickly pinpoint hardware security vulnerabilities.

Deadlock freedom is a key challenge in the design of communication networks. Wormhole switching is a popular switching technique, which is also prone to deadlocks. Deadlock analysis of routing functions is a manual and complex task. We propose an algorithm that automatically proves routing functions deadlock-free or outputs a minimal counter-example explaining the source of the deadlock. Our algorithm is the first to automatically check a necessary and sufficient condition for deadlock-free routing. We illustrate its efficiency in a complex adaptive routing function for torus topologies. Results are encouraging. Deciding deadlock freedom is co-NP-Complete for wormhole networks. Nevertheless, our tool proves a 13 × 13 torus deadlock-free within seconds. Finding minimal deadlocks is more difficult. Our tool needs four minutes to find a minimal deadlock in a 11 × 11 torus while it needs nine hours for a 12 × 12 network.

Mobile Apps running on smartphones and tablet pes offer a new possibility to enhance the work of engineers because they provide an easy-to-use, touchscreen-based handling and can be used anytime and anywhere. Introducing mobile apps in the engineering domain is difficult because the IT environment is heterogeneous and engineering-specific challenges in the app development arise e. g., large amount of data and high security requirements. There is a need for an engineering-specific middleware to facilitate and standardize the app development. However, such a middleware does not yet exist as well as a holistic set of requirements for the development. Therefore, we propose a design method which offers a systematic procedure to develop Mobile Engineering-Application Middleware.