Now showing 1 - 10 of 47
PublicationTopological conditions for in-network stabilization of dynamical systems(2013-04-01) Pajic, Miroslav; Sundaram, Shreyas; Mangharam, Rahul; Pappas, George; Pajic, Miroslav; Sundaram, Shreyas; Mangharam, Rahul; Pappas, GeorgeWe study the problem of stabilizing a linear system over a wireless network using a simple in-network computation method. Specifically, we study an architecture called the "Wireless Control Network'' (WCN), where each wireless node maintains a state, and periodically updates it as a linear combination of neighboring plant outputs and node states. This architecture has previously been shown to have low computational overhead and beneficial scheduling and compositionality properties. In this paper we characterize fundamental topological conditions to allow stabilization using such a scheme. To achieve this, we exploit the fact that the WCN scheme causes the network to act as a linear dynamical system, and analyze the coupling between the plant's dynamics and the dynamics of the network. We show that stabilizing control inputs can be computed in-network if the vertex connectivity of the network is larger than the geometric multiplicity of any unstable eigenvalue of the plant. This condition is analogous to the typical min-cut condition required in classical information dissemination problems. Furthermore, we specify equivalent topological conditions for stabilization over a wired (or point-to-point) network that employs network coding in a traditional way -- as a communication mechanism between the plant's sensors and decentralized controllers at the actuators. PublicationAttack-Resilient Sensor Fusion(2014-02-01) Ivanov, Radoslav; Pajic, Miroslav; Lee, Insup; Ivanov, Radoslav; Pajic, Miroslav; Lee, InsupThis work considers the problem of attack-resilient sensor fusion in an autonomous system where multiple sensors measure the same physical variable. A malicious attacker may corrupt a subset of these sensors and send wrong measurements to the controller on their behalf, potentially compromising the safety of the system. We formalize the goals and constraints of such an attacker who also wants to avoid detection by the system. We argue that the attacker’s capabilities depend on the amount of information she has about the correct sensors’ measurements. In the presence of a shared bus where messages are broadcast to all components connected to the network, the attacker may consider all other measurements before sending her own in order to achieve maximal impact. Consequently, we investigate effects of communication schedules on sensor fusion performance. We provide worst- and average-case results in support of the Ascending schedule, where sensors send their measurements in a fixed succession based on their precision, starting from the most precise sensors. Finally, we provide a case study to illustrate the use of this approach. PublicationArchitecture-Centric Software Development for Cyber-Physical Systems(2014-10-01) Sokolsky, Oleg; Pajic, Miroslav; Bezzo, Nicola; Lee, Insup; Sokolsky, Oleg; Pajic, Miroslav; Bezzo, Nicola; Lee, InsupWe discuss the problem of high-assurance development of cyber-physical systems. Specifically, we concentrate on the interaction between the development of the control system layer and platform-specific software engineering for system components. We argue that an architecture-centric approach allows us to streamline the development and increase the level of assurance for the resulting system. The case study of an unmanned ground vehicle illustrates the approach. PublicationResilient Parameter-Invariant Control With Application to Vehicle Cruise Control(2013-03-20) Weimer, James; Bezzo, Nicola; Pajic, Miroslav; Pappas, George J.; Sokolsky, Oleg; Lee, Insup; Weimer, James; Bezzo, Nicola; Pajic, Miroslav; Pappas, George J.; Sokolsky, Oleg; Lee, InsupThis work addresses the general problem of resilient control of unknown stochastic linear time-invariant (LTI) systems in the presence of sensor attacks. Motivated by a vehicle cruise control application, this work considers a first order system with multiple measurements, of which a bounded subset may be corrupted. A frequency-domain-designed resilient parameter-invariant controller is introduced that simultaneously minimizes the effect of corrupted sensors, while maintaining a desired closed-loop performance, invariant to unknown model parameters. Simulated results illustrate that the resilient parameter-invariant controller is capable of stabilizing unknown state disturbances and can perform state trajectory tracking. PublicationTowards Synthesis of Platform-Aware Attack-Resilient Control Systems: Extended Abstract(2013-04-09) Pajic, Miroslav; Bezzo, Nicola; Weimer, James; Alur, Rajeev; Mangharam, Rahul; Michael, Nathan; Pappas, George J; Sokolsky, Oleg; Tabuada, Paulo; Weirich, Stephanie; Lee, Insup; Pajic, Miroslav; Bezzo, Nicola; Weimer, James; Alur, Rajeev; Mangharam, Rahul; Michael, Nathan; Pappas, George J; Sokolsky, Oleg; Tabuada, Paulo; Weirich, Stephanie; Lee, Insup PublicationModel-Based Closed-Loop Testing of Implantable Pacemakers(2011-03-01) Jiang, Zhihao; Pajic, Miroslav; Mangharam, Rahul; Jiang, Zhihao; Pajic, Miroslav; Mangharam, RahulThe increasing complexity of software in implantable medical devices such as cardiac pacemakers and defibrillators accounts for over 40% of device recalls. Testing remains the principal means of verification in the medical device certification regime. Traditional software test generation techniques, where the tests are generated independently of the operational environment, are not effective as the device must be tested within the context of the patient's condition and the current state of the heart. It is necessary for the testing system to observe the system state and conditionally generate the next input to advance the purpose of the test. To this effect, a set of general and patient condition-specific temporal requirements is specified for the closed-loop heart and pacemaker system. Based on these requirements, we describe a closed-loop testing environment between a timed automata-based heart model and a pacemaker. This allows for interactive and physiologically relevant model-based test generation for basic pacemaker device operations such as maintaining the heart rate and atrial-ventricle synchrony. We also demonstrate the flexibility and efficacy of the testing environment for more complex common timing anomalies such as reentry circuits, pacemaker mode switch operation and pacemaker-mediated tachycardia. This system is a step toward a testing approach for medical cyber-physical systems with the patient-in-the-loop. PublicationThe Wireless Control Network: Monitoring for Malicious Behavior(2010-12-15) Sundaram, Shreyas; Pajic, Miroslav; Hadjicostis, Christoforos N; Mangharam, Rahul; Pappas, George J; Sundaram, Shreyas; Pajic, Miroslav; Hadjicostis, Christoforos N; Mangharam, Rahul; Pappas, George JWe consider the problem of stabilizing a plant with a network of resource constrained wireless nodes. In a companion paper, we developed a protocol where each node repeatedly transmits a linear combination of the values in its neighborhood. For certain topologies, we showed that these linear combinations can be designed so that the closed loop system is stable (i.e., the wireless network itself acts as a controller for the plant). In this paper, we design a Intrusion Detection System (IDS) for this control scheme, which observes the transmissions of certain nodes in the network and uses that information to (a) recover the plant outputs (for data-logging and diagnostic purposes) and (b) identify malicious behavior by any of the wireless nodes in the network. We show that if the connectivity of the network is sufficiently high, the IDS only needs to observe a subset of the nodes in the network in order to achieve this objective. Our approach provides a characterization of the set of nodes that should be observed, a systematic procedure for the IDS to use to identify the malicious nodes and recover the outputs of the plant, and an upper bound on the delay required to obtain the necessary information. PublicationWisperNet: Anti-Jamming for Wireless Sensor Networks(2008-01-01) Pajic, Miroslav; Mangharam, Rahul; Pajic, Miroslav; Mangharam, RahulResilience to electromagnetic jamming and its avoidance are difficult problems. It is often both hard to distinguish malicious jamming from congestion in the broadcast regime and a challenge to conceal the activity patterns of the legitimate communication protocol from the jammer. In the context of energy-constrained wireless sensor networks, nodes are scheduled to maximize the common sleep duration and coordinate communication to extend their battery life. This results in well-defined communication patterns with possibly predictable intervals of activity that are easily detected and jammed by a statistical jammer. We present an anti-jamming protocol for sensor networks which eliminates spatio-temporal patterns of communication while maintaining coordinated and contention-free communication across the network. Our protocol, WisperNet, is time-synchronized and uses coordinated temporal randomization for slot schedules and slot durations at the link layer and adapts routes to avoid jammers in the network layer. Through analysis, simulation and experimentation we demonstrate that WisperNet reduces the efficiency of any statistical jammer to that of a random jammer, which has the lowest censorship-to-link utilization ratio. WisperNet is more energy efficient than low-power listen CSMA protocols such as B-mac and is simple to analyze in terms of effective network throughput, reliability and delay. WisperNet has been implemented on the FireFly sensor network platform. PublicationArchitecture for a Fully Distributed Wireless Control Network(2011-04-12) Pajic, Miroslav; Aneja, Mansimar; Vemuri, Srinivas; Pappas, George; Mangharam, Rahul; Sundaram, Shreyas; Aneja, Mansimar; Vemuri, Srinivas; Pappas, George; Mangharam, RahulWe demonstrate a distributed scheme for control over wireless networks. In our previous work, we introduced the concept of a Wireless Control Network (WCN), where the network itself, with no centralized node, acts as the controller. In this demonstration, we show how the WCN can be utilized for distillation column control, a well-known process control problem. To illustrate the use of a WCN, we have utilized a process-in-the-loop simulation, where the behavior of a distillation column was simulated in Simulink and interfaced with an actual, physical network (used as the control network), which consists of several wireless nodes, sensors and actuators. The goal of this demonstration is to show the benefits of a fully-distributed robust wireless control/actuator network, which include simple scheduling, scalability and compositionality. PublicationEmbedded Virtual Machines for Wireless Industrial Automation (Demo)(2009-01-01) Pajic, Miroslav; Mangharam, Rahul; Pajic, Miroslav; Mangharam, RahulThe factory of the future is the Wireless Factory - fully programmable, nimble and adaptive to planned mode changes and unplanned faults. Today automotive assembly lines loose over $22,000 per minute of downtime. The systems are rigid, difficult to maintain, operate and diagnose. Our goal is to demonstrate the initial architecture and protocols for all-wireless factory control automation. Embedded wireless networks have largely focused on open-loop sensing and monitoring. To address actuation in closed-loop wireless control systems there is a strong need to re-think the communication architectures and protocols for reliability, coordination and control. As the links, nodes and topology of wireless systems are inherently unreliable, such time-critical and safety-critical applications require programming abstractions where the tasks are assigned to the sensors, actuators and controllers as a single component rather than statically mapping a set of tasks to a specific physical node at design time. To this end, we introduce the Embedded Virtual Machine (EVM), a powerful and flexible runtime system where virtual components and their properties are maintained across node boundaries. EVM-based algorithms introduce new capabilities such as provably minimal graceful degradation during sensor/actuator failure, adaptation to mode changes and runtime optimization of resource consumption. Through the design of a micro-factory we aim to demonstrate the capabilities of EVM-based wireless networks.