Project 2: Co-Design of Robust and Secure Networked Embedded Control Systems

Leader: A. Cervin, LU
Participants at LiU: P. Eles, Z. Peng
Participants at LU: K.-E. Årzen

Project description: In the design of embedded control systems it is important to use the limited platform resources (e.g., CPU time, network bandwidth, energy) as efficiently as possible. At the same time, any optimistic assumptions at design time may lead to runtime failures caused by missed deadlines, lost controls, or energy depletion. In previous work, we have developed control and scheduling co-synthesis techniques that enable better performance and higher resource utilization on average, while still guaranteeing the stability of the computing platform and the plant in the worst case. The techniques have relied on off-line optimization, assuming a static system configuration and complete knowledge of relevant system parameters such as execution times and plant models.

Shifting our focus from off-line optimization to on-line operation, in this project we aim to develop theory and co-design methodology for robust and secure embedded control systems that should operate efficiently also in the presence of uncertainties or unforeseen events. We will consider robustness towards, among other things, plant perturbations, malicious intrusion, execution-time overruns, and varying network capacity.

Working along two parallel research paths, we will explore both passive and active approaches to achieve robustness.

In the passive approach, we aim for techniques that take parametric plant and platform uncertainty into account at
design time, while the run-time system should provide predictable exception handling and provable performance bounds. In the active approach, the run-time system should be able to adapt to new and unexpected conditions via reconfiguration and self-optimization. Here a great research challenge is to devise adaptation schemes that do not consume too much resources in themselves.

One aspect of high interest is intrusion detection for highly resource-constrained control applications. In such a context, solutions have to deliver not only according to the traditional metrics of false-positive and false-negative, but also perform well according to new, specific quality metrics: detection latency, power consumption, processor load, and communication overhead. Since our focus is on control applications, we will leverage the fact that more or less accurate models of the device and of the environment are available. This can be exploited for both behavior-based intrusion detection via anomalies and towards efficient recovery actions. While detecting an attack is essential, we are targeting applications such that proper functionality/stability of the system has to be maintained. This can be achieved by an appropriate combination of off-line robust control design and on-line recovery actions.

In this joint project, Linköping University will provide expertise in embedded systems, security, and design-time
optimization, while Lund University will provide expertise in control systems, robustness analysis, and on-line adaptation.