Real-time Cyber-physical Systems Research Articles

SHIELD: Security-aware Schreduling for Real-Time DAGs on Heterogeneous Systems

Many control applications in real-time cyber-physical systems are represented as Directed Acyclic Graphs ( DAGs ) due to complex interactions among their functional components, and executed on distributed heterogeneous platforms. Data communication between dependent task nodes running on different processing elements are often realized through message transmission over a public network, and are hence susceptible to multiple security threats such as snooping , alteration and spoofing . Several alternative security protocols having varying security strengths and associated implementation overheads are available in the market, for incorporating confidentiality , integrity and authentication on the transmitted messages. While message size and conceptually its associated transmission overheads may be marginally increased due to the assignment of security protocols, significant computation overheads must be incurred for securing the message at the location of its source task node and for unlocking security/message extraction at the destination. Obtained security strengths and associated computation overheads vary depending on the set of protocols chosen for a given message from an available pool of protocols. Given lower bounds on the security demands of an application's messages, selecting the appropriate protocols for each message such that a system's overall security is maximized while satisfying constraints related to the resource, task precedence and deadline, is a challenging and computationally hard problem. In this paper, we propose an efficient heuristic strategy called SHIELD for security-aware real-time scheduling of DAG-structured applications to be executed on distributed heterogeneous systems. The efficacy of the proposed scheduler is exhibited through extensive simulation-based experiments using two DAG-structured application benchmarks. Our performance evaluation results demonstrate that SHIELD significantly outperforms two greedy baseline strategies SHIELDb in terms of solution generation times (i.e., run-times) and SHIELDf in terms of achieved security utility. Additionally, a case study on the Traction Control application in automotive systems has been included to exhibit the applicability of SHIELD in real-world settings.

Design Procedure for Real-Time Cyber–Physical Systems Tolerant to Cyberattacks

Modern industrial automation supported by Cyber–Physical Systems (CPSs) requires high flexibility, which is achieved through increased interconnection between modules. This interconnection introduces a layer of symmetry into the design and operation of CPSs, balancing the distribution of tasks and resources across the system and streamlining the flow of information. However, this adaptability also exposes control systems to security threats, particularly through novel communication links that are vulnerable to cyberattacks. Traditional strategies may have limitations in these applications. This research proposes a design approach for control applications supported by CPSs that incorporates cyberattack detection and tolerance strategies. Using a modular and adaptive approach, the system is partitioned into microservices for scalability and resilience, allowing structural symmetry to be maintained. Schedulability assessments ensure that critical timing constraints are met, improving overall system symmetry and performance. Advanced cyberattack detection and isolation systems generate alarms and facilitate rapid response with replicas of affected components. These replicas enable the system to recover from and tolerate cyberattacks, maintaining uninterrupted operation and preserving the balanced structure of the system. In conclusion, the proposed approach addresses the security challenges in CPS-based control applications and provides an integrated and robust approach to protect industrial automation systems from cyber threats. A case study conducted at a juice production facility in Colima, México, demonstrated how the architecture can be applied to complex processes such as pH control, from simulation to industrial implementation. The study highlighted a plug-and-play approach, starting with component definitions and relationships, and extending to technology integration, thereby reinforcing symmetry and efficiency within the system.

Supporting AI-powered real-time cyber-physical systems on heterogeneous platforms via hypervisor technology

The heavy use of machine learning algorithms in safety-critical systems poses serious questions related to safety, security, and predictability issues, requiring novel architectural approaches to guarantee such properties. This paper presents an architecture solution that leverages heterogeneous platforms and virtualization technologies to support AI-powered applications consisting of modules with mixed criticalities and safety requirements. The hypervisor exploits the security features of the Xilinx ZCU104 MPSoCs to create two isolated execution environments: a high performance domain running deep learning algorithms under the Linux operating system and a safety-critical domain running control and monitoring functions under the freeRTOS real-time operating system. The proposed approach is validated by a use case consisting of an unmanned aerial vehicle capable of tracking moving targets using a deep neural network accelerated on the FGPA available on the platform.

Guest Editorial Age of Information

With the emergence of real-time cyberphysical systems, status updates are becoming an important form of communication. Vehicular messaging, security reports from homes and offices, surveillance video, and video feedback from remote-controlled systems all represent status updates at networked monitors that need to be as timely as possible. However, this is typically constrained by limited network resources. This tension has led to the introduction of new performance metrics based on the Age of Information (AoI) that capture how timely is one’s knowledge of an entity or process. Optimization based on AoI metrics of both the networks and the senders’ updating policies has yielded new and even surprising results.

Specification-Guided Automated Debugging of CPS Models

Simulink/Stateflow is the de facto tool for developing software for safety-critical real-time cyber-physical systems (CPSs). In Simulink, the model of a CPS is captured in a block diagram-based language, the model is simulated using the associated simulators and then the software code is generated automatically for the embedded controller. The presence of a bug in the Simulink model may lead to catastrophic failure during the execution of the system developed based on the model. Unlike in application software, finding bugs in Simulink models is challenging due to the hybrid nature of the model. We present an automated debugging methodology of a CPS model captured in Simulink. Our methodology has two main components-bug localization and model repair. For bug localization, we capture the requirements of the system in signal temporal logic (STL) and employ the runtime monitoring technique to generate a trace that violates the specification. The violating trace is used to identify the internal signals that have the potential to contribute to the violation. For precise bug localization by narrowing down the offending signals, we employ a matrix decomposition technique to find the signals contributing to the bug accurately. Our bug localization technique is precise enough to enable us to repair the model. If the bug is due to an inappropriate value for a model parameter, we employ a parameter tuning method to find a value for the parameter that repairs the model automatically. We carry out numerous case studies on Simulink models obtained from different sources and demonstrate that our automated debugging technology can fix the bugs in the Simulink models effectively.

Distributed graph queries over models@run.time for runtime monitoring of cyber-physical systems

Smart cyber-physical systems (CPSs) have complex interaction with their environment which is rarely known in advance, and they heavily depend on intelligent data processing carried out over a heterogeneous and distributed computation platform with resource-constrained devices to monitor, manage and control autonomous behavior. First, we propose a distributed runtime model to capture the operational state and the context information of a smart CPS using directed, typed and attributed graphs as high-level knowledge representation. The runtime model is distributed among the participating nodes, and it is consistently kept up to date in a continuously evolving environment by a time-triggered model management protocol. Our runtime models offer a (domain-specific) model query and manipulation interface over the reliable communication middleware of the Data Distribution Service (DDS) standard widely used in the CPS domain. Then, we propose to carry out distributed runtime monitoring by capturing critical properties of interest in the form of graph queries, and design a distributed graph query evaluation algorithm for evaluating such graph queries over the distributed runtime model. As the key innovation, our (1) distributed runtime model extends existing publish–subscribe middleware (like DDS) used in real-time CPS applications by enabling the dynamic creation and deletion of graph nodes (without compile time limits). Moreover, (2) our distributed query evaluation extends existing graph query techniques by enabling query evaluation in a real-time, resource-constrained environment while still providing scalable performance. Our approach is illustrated, and an initial scalability evaluation is carried out on the MoDeS3 CPS demonstrator and the open Train Benchmark for graph queries.

Improving the Safety and Security of Wide-Area Cyber–Physical Systems Through a Resource-Aware, Service-Oriented Development Methodology

This paper presents a service-oriented development methodology for wide-area cyber–physical systems (CPS) such as smart grid and vehicular networks. Unlike the traditional task-based development approach from the domains of automotive and avionics, the proposed service-oriented development methodology inherently enables disruption-free incremental system deployment and reconfiguration that are fundamental requirements for handling the “always-online” nature of emerging wide-area CPS application domains such as smart grid and vehicular networks. The proposed service-oriented CPS development methodology extends the traditional service-oriented computing (SOC) paradigm for handling hard real-time CPS aspects by introducing resource-aware service deployment and quality-of-service (QoS)-aware service operation phases. The proposed CPS development methodology also supports a streamlined formal interface between the traditional computer-aided feedback controller design environments and SOC paradigm. The paper utilizes a simulation-based smart grid case study to illustrate the advantages of the proposed methodology for developing wide-area cyber–physical systems with improved safety and security characteristics. The paper also identifies a set of technological requirements for the proposed service-oriented CPS development methodology that should guide future research in this area.

Scheduling Co-Design for Reliability and Energy in Cyber-Physical Systems

Energy aware scheduling and reliability are both very critical for real-time cyber-physical system design. However, it has been shown that the transient faults of a system will increase when the processor runs at reduced speed to save energy consumption. In this paper, we study total energy and reliability scheduling co-design problem for real-time cyber-physical systems. Total energy refers the sum of static and dynamic energy. Our goal is to minimize total energy while guaranteeing reliability constraints. We approach the problem from two directions based on the two different ways of guaranteeing the reliability of the tasks. The first approach aims at guaranteeing reliability at least as high as that of without speed scaling by reserving recovery job for each scaled down task. Heuristics have been used to guide the speed scaling and shutdown techniques that are used to lower total energy consumption while guaranteeing the reliability. The second way to guarantee the reliability of the tasks is to satisfy a known minimum reliability constraint for the tasks. The minimum reliable speed guarantees the reliability level of tasks, and is used as a constraint in the energy minimization problem. Both static and dynamic co-design methods are explored. Experimental results show that our methods are effective.

SimConnect and SimTalk for distributed cyber-physical system simulation

Real-time embedded and cyber-physical systems challenge simulation disciplines due to the heterogeneous tools used to model components in the system exploration and design phases. Termed “heterogeneity,” the mixed-model problem challenges multi-simulator coordination, where event causality must be preserved among simulators with different models of computation, signals, criteria for time advancement, and levels of abstraction. SimConnect and SimTalk enable heterogeneous, distributed, hardware/software co-simulation with a simplified backplane approach, emphasizing the simulation of software interacting with simulated world-model electrical, mechanical, and physical effects. The structure of SimConnect and SimTalk is described, adhering to the properties of a Kahn Process Network. Application of the tools to the coordination of three different simulators (TExaS, Ngspice, and Simulink) is presented to simulate closed-loop, hardware/software-based, Proportional-Integral-Derivative/Pulse-Width-Modulated control of a direct current motor. Results demonstrate agreement among simulator coordinations with configurable tradeoffs in speed versus accuracy.