Visible to the public Foundations of a CPS Resilience - October 2022Conflict Detection Enabled

Submitted by Xenofon Koutsoukos on Fri, 11/04/2022 - 5:22pm

PI: Xenofon Koutsoukos

HARD PROBLEM(S) ADDRESSED

The goals of this project are to develop the principles and methods for designing and analyzing resilient CPS architectures that deliver required service in the face of compromised components. A fundamental challenge is to understand the basic tenets of CPS resilience and how they can be used in developing resilient architectures. The primary hard problem addressed is resilient architectures. In addition, the work addresses scalability and composability as well as metrics and evaluation. 

PUBLICATIONS

[1]    Jiani Li, Waseem Abbas, Mudassir Shabbir, and Xenofon Koutsoukos, “Byzantine Resilient Distributed Learning in Multi-Robot Systems”, IEEE Transactions on Robotics. Published online (early access).
[2]    Zihao Zhan, Zhenkai Zhang, and Xenofon Koutsoukos, “A High-Speed, Long-Distance and Wall-Penetrating Covert Channel based on EM Emanations from DRAM Clock”, Journal of Hardware and Systems Security. 6, 47-65, 2022.
[3]    Feiyang Cai and Xenofon Koutsoukos, “Real-time Out-of-distribution Detection in Cyber-Physical Systems with Learning-enabled Components”, IET Cyber-Physical Systems: Theory & Applications. 1-23, 2022.
[4]    Feiyang Cai, Ali Irmak Ozdagli, and Xenofon Koutsoukos. “Variational Autoencoder for Classification and Regression for Out-of-Distribution Detection in Learning-Enabled Cyber-Physical System”. Applied Artificial Intelligence. 36:1, 2022.

KEY HIGHLIGHTS

This quarterly report presents two key highlights that demonstrate: (1) Byzantine resilient distributed learning in multi-robot systems and (2) A high-speed, long-distance and wall-penetrating covert channel based on EM emanations from DRAM clock. 

Highlight 1: Byzantine Resilient Distributed Learning in Multi-Robot Systems

Distributed machine learning algorithms are increasingly used in multirobot systems and are prone to Byzantine attacks. In this article, we consider a distributed implementation of the stochastic gradient descent (SGD) algorithm in a cooperative network, where networked agents optimize a global loss function using SGD on the local data and aggregation of the estimates of immediate neighbors. Byzantine agents can send arbitrary estimates to their neighbors, which may disrupt the convergence of normal agents to the optimum state. We show that if every normal agent combines its neighbors’ estimates (states) such that the aggregated state is in the convex hull of its normal neighbors’ states, then the resilient convergence is guaranteed. To assure this sufficient condition, we propose a resilient aggregation rule based on the notion of centerpoint, which is a generalization of the median in the higher-dimensional Euclidean space. We evaluate our results using examples of target pursuit and pattern recognition in multirobot systems. The evaluation results demonstrate that distributed learning with average, coordinate-wise median, and geometric median-based aggregation rules fail to converge to the optimum state, whereas the centerpoint-based aggregation rule is resilient in the same scenario. Our results are presented in [1]. 

[1]    Jiani Li, Waseem Abbas, Mudassir Shabbir, and Xenofon Koutsoukos, “Byzantine Resilient Distributed Learning in Multi-Robot Systems”, IEEE Transactions on Robotics. Published online (early access).

Highlight 2: A High-Speed, Long-Distance and Wall-Penetrating Covert Channel based on EM Emanations from DRAM Clock

An air-gapped computer is physically isolated from unsecured networks to guarantee effective protection against data exfiltration. Due to air gaps, unauthorized data transfer seems impossible over legitimate communication channels, but in reality many so-called physical covert channels can be constructed to allow data exfiltration across the air gaps. Most of such covert channels are very slow and often require certain strict conditions to work (e.g., no physical obstacles between the sender and the receiver). We introduce a new through-wall physical covert channel named BitJabber that is extremely fast and has a long attacking distance. We show that this covert channel can be easily created by an unprivileged sender running on a victim’s computer. Specifically, the sender constructs the channel by using only memory accesses to modulate the electromagnetic (EM) signals generated by the DRAM clock. While possessing a very high bandwidth (up to 300,000 bps), this new covert channel is also very reliable (less than 1% error rate). More importantly, this covert channel can enable data exfiltration from an air-gapped computer enclosed in a room with thick walls up to 15 cm and the maximum attacking distance is more than 6 m. Our results are presented in [2]. 

[2]    Zihao Zhan, Zhenkai Zhang, and Xenofon Koutsoukos, “A High-Speed, Long-Distance and Wall-Penetrating Covert Channel based on EM Emanations from DRAM Clock”, Journal of Hardware and Systems Security. 6,47-65, 2022.

COMMUNITY ENGAGEMENTS

  • Xenofon Koutsoukos, Resilient Distributed Consensus, Optimization, and Learning in Networked Cyber-Physical Systems, School of Computing seminar, Clemson University, September 13, 2022.
Groups: