Towards Robust Cyber-Physical Systems

Abstract:

A robust system is one that only modestly deviates from the nominal correct behavior upon the occurrence of small disturbances. Although it is accepted that engineered systems should be robust, it is less clear how to define robustness for Cyber-Physical Systems (CPS) that involve physical components as well as cyber components. In this poster, we sketch a theory of robustness for CPS. Our starting point is the research on robustness in continuous control theory, where one designs a controller for a "nominal" behavior assuming no disturbances and provides two guarantees: bounded disturbances have bounded consequences, and "nominal" behavior is eventually resumed after disturbances disappear. We adapt this view of robustness to the CPS setting by including continuous disturbances, like sensor noise or actuator errors, and cyber disturbances, like hardware or software errors, in our model. All these different disturbances describe the mismatch between the assumptions made about the environment at design time and the environment at run time. What goal should a robust design have? In keeping with robust continuous control, we postulate the following two natural requirements. First, every small disturbance should lead to a small deviation from the nominal behavior. Second, we require the effect of a sporadic disturbance to disappear over time. That is, if the environment deviates from the nominal for one step and subsequently follows the nominal environment, we require the effect of the deviation to disappear over time. In this poster, we sketch a theory of robustness that captures both requirements. Our results are based on symbolic models of CPS that allow us to algorithmically verify robustness in polynomial time on the size of the symbolic model. Moreover, if the system is not robust, we provide a procedure to synthesize a controller enforcing robustness. One of the key features of our approach is the separation of concerns with respect to the nature of disturbances. We make use of existing methods for continuous control systems to render the physical component of the CPS robust against continuous disturbances. Additionally, we use a symbolic model of the CPS to synthesize a controller that enforces robustness against cyber disturbances. The composition of the two controllers then ensures the robustness of the overall CPS.

Department of Electrical Engineering, University of California at Los Angeles Max Planck Institute for Software Systems This work was supported by the NSF award 1035916, CPS: Small: Towards robust cyber-physical systems.