1. Budapest University of Technology and Economics
Challenges in Cyber-Physical Systems
András Pataricza
Budapest University of Technology and Economics
pataric@mit.bme.hu
Fault-Tolerant Systems Research Group
2. Budapest University of Technology and Economics
Let’s reach an unlimited
intelligence by the synergy of
intelligence in the cyber
space and
ES interfacing them to the
physical world
THE NEW ERA:
INTERNET OF THINGS AKA
CYBER-PHYSICAL SYSTEMS
Fault-Tolerant Systems Research Group
ch nn |
Institut nn
| Prof. nn
| 2
3. Budapest University of Technology and Economics
ES paradigm shift
Traditional
Fault-Tolerant Systems Research Group
Industrialized
• Best component technologies
• Standardized components
• Automated system design
4. Budapest University of Technology and Economics
Appearance of cloud-based semantic services
“Drag-and-drop”
application
prototyping
Uniformization
− Meta-algorithms
− Data
●COMPUTED
●SENSED
Fault-Tolerant Systems Research Group
4
IBM Internet of Things (IoT) Foundation
Wolfram Connected Devices Project
5. Budapest University of Technology and Economics
Example
Cameras on riverside
Different applications
concurrently using
the same primary
information
Tasks can change according to
time/season/requirements
●Identification of ships
●Monitoring the break-up of ice
●Monitoring the water level
●Monitoring the speed of flood
●Pollution check
●Supervision of hostile entrance to the ship
Fault-Tolerant Systems Research Group
6. Budapest University of Technology and Economics
Cyber physical systems
Fault-Tolerant Systems Research Group
Cyber
world
Physical
world
Problem
Solution
scheme
Deployment
Service
Solution
pattern
Component
service
offering
7. Budapest University of Technology and Economics
Measurement and
extraction
Parameterization
Fault-Tolerant Systems Research Group
7
Critical CPS design and challenges
Transformation
Design
modell
Communication
synthesis
Behavioral model
Implementation
testing
Hardware
synthesis
Optimization
Software
synthesis
Simulation
Verification
Partitioning
Scheduling
Specification
Completeness
consistency
Fault modelling,
testing
Benchmarking,
data processing
CCoommpplleexxiittyy??
Mobile, ad-hoc,
large scale
8. Budapest University of Technology and Economics
Service Oriented Approach
Embedded systems provide services
− Information of sensors
− information of Internet
− high level information derived
− actuation possibility (limited)
Services in a database
Upon a new task: solution derived based on design
patterns and available resources
new solution deployed with no interference with the
already running ones
Fault-Tolerant Systems Research Group
9. Budapest University of Technology and Economics
Case study: supervising a server room
Observations
temperature
humidity
state of doors/windows
monitoring the power consumption weather
(temp./humidity)
temperature of outflow air of air conditioning
state of server computers/switches (video
based)
Fault-Tolerant Systems Research Group
9
FIRST
10. Budapest University of Technology and Economics
Sensor platform
Beagleboard-XM embedded SBC
Sensors
− temperature
− humidity
− web camera
− power meters
− microswitches to windows/doors
Information from the web
− weather status
− weather forecast
Fault-Tolerant Systems Research Group
10
FIRST
3.25’”×
3.25”
11. Budapest University of Technology and Economics
Processing the camera pictures in the Cloud
Fault-Tolerant Systems Research Group
Motion JPEG stream
− available on the Internet
Threshold
Virtualization for sensor
drivers
11
FIRST
12. Budapest University of Technology and Economics
COMPOSITION OF
CYBER-PHYSICAL SYSTEMS
Fault-Tolerant Systems Research Group
12
13. Budapest University of Technology and Economics
Fault-Tolerant Systems Research Group
Cyber
world
Solutio
Physical
world
Problem
n
scheme
Deployment
Service
Solution
pattern
Component
service
offering
13
14. Budapest University of Technology and Economics
Design schemes
Detecting changes in system state
Detecting changes in environment
Reconfiguration
− Resource allocation
●generation of new application/middleware
●replacement of sensors
●new information fusion etc.
− Design space exploration
●Qualitative
●Quantitative
Fault-Tolerant Systems Research Group
14
FIRST
15. Budapest University of Technology and Economics
Composability
System design principle:
− recombinant components
− can be assembled in various combinations
Meaningful fusion of self-contained services
Provide interoperability of devices
− Bridging the gap between different
●physical,
●computational and
●communication capabilities
Fault-Tolerant Systems Research Group
16. Budapest University of Technology and Economics
Dynamic composition of cyber-physical systems
Fault-Tolerant Systems Research Group
17. Budapest University of Technology and Economics
Requirements of composability
User interface for describing
domain specific constraints
Abstract interfaces between cooperating nodes
− Embedded systems connected to sensors and
actuators
− Mobile devices
− Conventional computing devices,
− cloud resources
Automated system maintenance,
Fault tolerance, redundancy
Fault-Tolerant Systems Research Group
17 / 16
18. Budapest University of Technology and Economics
Composability through abstraction
Finding a conceptual domain where devices
are homogeneous
− Possibly the lowest level of such domains
Abstraction of computing capabilities
− Virtualization (QEMU, Java, Python)
Abstraction of physical capabilities
− Sensor virtualization (SOS),
− Feature discovery
Abstraction of communication capabilities
− Self-describing communication interface (SOS)
Fault-Tolerant Systems Research Group
19. Budapest University of Technology and Economics
Sensor Observation Service (SOS)
Abstracts sensor data
and communication
− Self-describing sensor
information database
− Stores sensor data with
geographic relevance
− Efficient data queries
● temporal or spatial filters
Members of the CPS
− direct communication with
the SOS
Fault-Tolerant Systems Research Group
offering
procedure 1
procedure 2
feature of interest
20. Budapest University of Technology and Economics
Semantic Sensor Network (SSN) ontology
W3C Incubator Group (2009-2011)
Capabilities of sensors and sensor networks
− Formal ontology
Covers:
− system, deployment, sensing device, process
− observed phenomenon (e.g. wind)
●sensor type (e.g. ultrasonic wind sensor)
●property (e.g. wind direction)
●meaning (e.g. blows from direction)
●unit of measure (e.g. radian)
− operating range (e.g. temperature, humidity, ...)
Fault-Tolerant Systems Research Group
21. Budapest University of Technology and Economics
SSN example: wind sensor
Fault-Tolerant Systems Research Group
22. Budapest University of Technology and Economics
Architecture
Application
monitoring
Sensor Observation Service
Register
application
applications performance
virtualization
Fault-Tolerant Systems Research Group
SISRO
OWL ontology
Application
designer
User
applicatio
ns
RDF triplestore
Configurati
on planner
install/uninstall
start/stop
Plan
execution
SOS - OWL
transformation
Sensor metadata
and observations
Node application
performance data
Embedded system
Sensor
search and
monitoring
riporting
host OS (Linux)
Sensor /
actuator
Store observation
23. Budapest University of Technology and Economics
Opportunities and threats in the cps paradigm
RESILIENCE
Fault-Tolerant Systems Research Group
23
24. Budapest University of Technology and Economics
Self-* properties – dynamic challenges and
solutions
Self-configuration
Fault-Tolerant Systems Research Group
Self-healing
Self-protection
Self-optimization
25. Budapest University of Technology and Economics
Opportunities-algorithmic diversity
“Meta-algorithms’
Different principles
− Speed control in Italy:
●Radar
●Laser
●TUTOR
− Resource requirements
External providers
− Aaas –
algorithm as a service
− External validator
Fault-Tolerant Systems Research Group
Algorithm
Cyber
Comm.
Physical
25
26. Budapest University of Technology and Economics
Opportunities- resource redundancy
Cheap computational
redundancy, but
− Depends on the reservation policy
Virtualized network (SDN)
− Fast failover
Cheap sensors
− Multitude of sensors
Fault-Tolerant Systems Research Group
Algorithm
Cyber
Comm.
Physical
26
27. Budapest University of Technology and Economics
Dynamic reconfiguration of resources
System state
monitoring
Performance
monitoring
Deployment
Fault-Tolerant Systems Research Group
27 / 16
User
applications
describe
observational
and processing
constraints
Design space
exploration
New system
state
28. Budapest University of Technology and Economics
Self-* properties – dynamic challenges
•Mobility
•Evolution:
• Problem
• Requirement
• Priorities
Fault-Tolerant Systems Research Group
• Data protection
• Detection ,
• Identification ,
• Reaction
• Effectivity of
resource use
• Load balancing
• Workload tuning
• FT
• Detection
• Diagnostics
• Compensation
• Reactiveness
• Adaptation to
the dynamically
changing
enviroment
Self-configuration
Self-healing
Self-protection
Self-optimization
•Evolution:
•Resource set
•Capability
•Capacity
•Workload
•Evolution:
• Fault/failure
modes
•Evolution:
• Requirements
• Threads
29. Budapest University of Technology and Economics
Self-* properties – dynamic challenges
•Mobility
•Evolution:
• Problem
• Requirement
• Priorities
Fault-Tolerant Systems Research Group
• Data protection
• Detection ,
• Identification ,
• Reaction
• Effectivity of
resource use
• Load balancing
• Workload tuning
• FT
• Detection
• Diagnostics
• Compensation
• Reactiveness
• Adaptation to
the dynamically
changing
enviroment
Self-configuration
Self-healing
Self-protection
Self-optimization
•Evolution:
•Resource set
•Capability
•Capacity
•Workload
•Evolution:
• Fault/failure
modes
•Evolution:
• Requirements
• Threads
30. Budapest University of Technology and Economics
Self-* properties – dynamic challenges
•Mobility
•Evolution:
• Problem
• Requirement
• Priorities
Fault-Tolerant Systems Research Group
• Data protection
• Detection ,
• Identification ,
• Reaction
• Effectivity of
resource use
• Load balancing
• Workload tuning
• FT
• Detection
• Diagnostics
• Compensation
• Reactiveness
• Adaptation to
the dynamically
changing
enviroment
Self-configuration
Self-healing
Self-protection
Self-optimization
•Evolution:
•Resource set
•Capability
•Capacity
•Workload
•Evolution:
• Fault/failure
modes
•Evolution:
• Requirements
• Threads
31. Budapest University of Technology and Economics
Safety-critical systems are
• protected against worst-case technical faults, but
• unprotected against malicious attacks
THE HORRIBLE MOTIVATION
- NEW DANGERS ARE HERE…
Fault-Tolerant Systems Research Group
31
32. Budapest University of Technology and Economics
Polish teen derails tram after hacking train network
Fault-Tolerant Systems Research Group
32
A 14-year-old Polish boy turned the tram system
in the city of Lodz into his “train set”.
He used a modified TV remote control to change track
points, and derailed four vehicles.
Twelve people were injured.
33. Budapest University of Technology and Economics
Malware implicated in fatal Spanair plane crash
Authorities investigating the 2008 crash of Spanair
flight 5022 have discovered a central computer
system used to monitor technical problems in the
aircraft was infected with malware.
An internal report issued by the airline revealed the
infected computer failed to detect three technical
problems with the aircraft, which if detected, may
have prevented the plane from taking off...
Flight 5022 crashed just after takeoff from Madrid-
Barajas International Airport two years ago today,
killing 154 and leaving only 18 survivors.
Fault-Tolerant Systems Research Group
33
34. Budapest University of Technology and Economics
Safety contra security?
Safe, but not secure
• People may escape danger
from inside
Fault-Tolerant Systems Research Group
Secure, but not safe
• No intruder can enter the
gate
34
35. Budapest University of Technology and Economics
Specialization:
error propagation/
protection
Introduces:
•Security aspects
•Protection profiles
•Error propagation attributes
Fault-Tolerant Systems Research Group
36. Budapest University of Technology and Economics
System level fault impact analysis
SYSTEM
PROTECTION
PROPERTIES
Component 2
• unprotected?
• limiting ?
INPUT
ERROR
Component 1
• unprotected
Fault-Tolerant Systems Research Group
Component 3
• Reconstructing
OUTPUT
ERROR?
Function
• I/O behavior
States
•Stateful
•Stateless
Faults
• Internal
•External
Resource
Protections
•external
use
Security
properties
37. Budapest University of Technology and Economics
Safety vs. security analysis
Safety Security
Fault HW/SW
Unintentional
defects
LIMITED FAULTS
Fault-Tolerant Systems Research Group
Intrusion
Error Distorted values/states
Failure Critical failure
Propagation
Funtional/
model
architectural
Functional/
architectural +
attack surface
37
38. Budapest University of Technology and Economics
Dependability/security problems and analysis
Fault-Tolerant Systems Research Group
38