首页 > 最新文献

ACM Transactions on Cyber-Physical Systems最新文献

英文 中文
A Deep Time Delay Filter for Cooperative Adaptive Cruise Control 一种用于协同自适应巡航控制的深度延迟滤波器
Q1 Mathematics Pub Date : 2023-11-08 DOI: 10.1145/3631613
Kuei-Fang Hsueh, Ayleen Farnood, Isam Al-Darabsah, Mohammad Al Saaideh, Mohammad Al Janaideh, Deepa Kundur
Cooperative adaptive cruise control (CACC) is a smart transportation solution to alleviate traffic congestion and enhance road safety. The performance of CACC systems can be remarkably affected by communication time delays, and traditional control methods often compromise control performance by adjusting control gains to maintain system stability. In this paper, we present a study on the stability of a CACC system in the presence of time delays and highlight the trade-off between control performance and tuning controller gains to address increasing delays. We propose a novel approach incorporating a neural network module called the deep time delay filter (DTDF) to overcome this limitation. The DTDF leverages the assumption that time delays primarily originate from the communication layer of the CACC network, which can be subject to adversarial delays of varying magnitudes. By considering time-delayed versions of the car states and predicting the present (un-delayed) states, the DTDF compensates for the effects of communication delays. The proposed approach combines classical control techniques with machine learning, offering a hybrid control system that excels in explainability and robustness to unknown parameters. We conduct comprehensive experiments using various deep-learning architectures to train and evaluate the DTDF models. Our experiments utilize a robot platform consisting of MATLAB, Simulink, the Optitrack motion capture system, and the Qbot2e robots. Through these experiments, we demonstrate that when appropriately trained, our system can effectively mitigate the adverse effects of constant time delays and outperforms a traditional CACC baseline in control performance. This experimental comparison, to the best of the author’s knowledge, is the first of its kind in the context of a hybrid machine learning CACC system. We thoroughly explore initial conditions and range policy parameters to evaluate our system under various experimental scenarios. By providing detailed insights and experimental results, we aim to contribute to the advancement of CACC research and highlight the potential of hybrid machine learning approaches in improving the performance and reliability of CACC systems.
协同自适应巡航控制(CACC)是一种缓解交通拥堵、提高道路安全的智能交通解决方案。通信时延对CACC系统的性能影响很大,传统的控制方法往往通过调整控制增益来维持系统的稳定性,从而降低控制性能。在本文中,我们研究了存在时间延迟的CACC系统的稳定性,并强调了控制性能和调谐控制器增益之间的权衡,以解决不断增加的延迟。我们提出了一种新的方法,结合称为深度延迟滤波器(DTDF)的神经网络模块来克服这一限制。DTDF利用了这样一个假设,即时间延迟主要来自CACC网络的通信层,这可能会受到不同程度的对抗性延迟的影响。通过考虑汽车状态的时滞版本并预测当前(未延迟)状态,DTDF补偿了通信延迟的影响。该方法将经典控制技术与机器学习相结合,提供了一种混合控制系统,该系统在可解释性和对未知参数的鲁棒性方面表现出色。我们使用各种深度学习架构进行了全面的实验来训练和评估DTDF模型。我们的实验利用由MATLAB、Simulink、Optitrack运动捕捉系统和Qbot2e机器人组成的机器人平台。通过这些实验,我们证明,经过适当的训练,我们的系统可以有效地减轻恒定时间延迟的不利影响,并且在控制性能方面优于传统的CACC基线。据作者所知,这种实验比较是混合机器学习CACC系统背景下的第一次。我们深入探索了初始条件和范围策略参数,以在各种实验场景下评估我们的系统。通过提供详细的见解和实验结果,我们的目标是促进CACC研究的进步,并强调混合机器学习方法在提高CACC系统性能和可靠性方面的潜力。
{"title":"A Deep Time Delay Filter for Cooperative Adaptive Cruise Control","authors":"Kuei-Fang Hsueh, Ayleen Farnood, Isam Al-Darabsah, Mohammad Al Saaideh, Mohammad Al Janaideh, Deepa Kundur","doi":"10.1145/3631613","DOIUrl":"https://doi.org/10.1145/3631613","url":null,"abstract":"Cooperative adaptive cruise control (CACC) is a smart transportation solution to alleviate traffic congestion and enhance road safety. The performance of CACC systems can be remarkably affected by communication time delays, and traditional control methods often compromise control performance by adjusting control gains to maintain system stability. In this paper, we present a study on the stability of a CACC system in the presence of time delays and highlight the trade-off between control performance and tuning controller gains to address increasing delays. We propose a novel approach incorporating a neural network module called the deep time delay filter (DTDF) to overcome this limitation. The DTDF leverages the assumption that time delays primarily originate from the communication layer of the CACC network, which can be subject to adversarial delays of varying magnitudes. By considering time-delayed versions of the car states and predicting the present (un-delayed) states, the DTDF compensates for the effects of communication delays. The proposed approach combines classical control techniques with machine learning, offering a hybrid control system that excels in explainability and robustness to unknown parameters. We conduct comprehensive experiments using various deep-learning architectures to train and evaluate the DTDF models. Our experiments utilize a robot platform consisting of MATLAB, Simulink, the Optitrack motion capture system, and the Qbot2e robots. Through these experiments, we demonstrate that when appropriately trained, our system can effectively mitigate the adverse effects of constant time delays and outperforms a traditional CACC baseline in control performance. This experimental comparison, to the best of the author’s knowledge, is the first of its kind in the context of a hybrid machine learning CACC system. We thoroughly explore initial conditions and range policy parameters to evaluate our system under various experimental scenarios. By providing detailed insights and experimental results, we aim to contribute to the advancement of CACC research and highlight the potential of hybrid machine learning approaches in improving the performance and reliability of CACC systems.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135390911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Graph-Based Deadlock Analysis and Prevention for Robust Intelligent Intersection Management 基于图的智能交叉口鲁棒管理死锁分析与预防
Q1 Mathematics Pub Date : 2023-11-08 DOI: 10.1145/3632179
Kai-En Lin, Kuan-Chun Wang, Yu-Heng Chen, Li-Heng Lin, Ying-Hua Lee, Chung-Wei Lin, Iris Hui-Ru Jiang
Intersection management systems, with the assistance of vehicular networks and autonomous vehicles, have potential to perform traffic control more precisely than contemporary signalized intersections. However, as infrastructural intersection management controllers do not directly activate motions of vehicles, it is possible that the vehicles fail to follow the instructions from controllers, undermining system properties such as deadlock-freeness and traffic performance. In this paper, we consider a class of robustness issues, the time violations, which stem from possible discrepancies between scheduled orders and real executions. We refine a graph-based intersection model to build our theoretical foundations and analyze potential deadlocks and their resolvability. We develop solutions that mitigate negative effects of time violations. Particularly, we propose a Robustness-Aware Greedy Scheduling (RGS) algorithm for robust scheduling and evaluate the deadlock-free robustness of different intersection models and scheduling algorithms. Experimental results show that the RGS algorithm is able to significantly improve robustness and keep a good balance with traffic performance.
在车辆网络和自动驾驶汽车的辅助下,交叉口管理系统有可能比现代信号交叉口更精确地执行交通控制。然而,由于基础设施交叉口管理控制器不直接激活车辆的运动,车辆有可能无法遵循控制器的指令,从而破坏系统属性,如无死锁和交通性能。在本文中,我们考虑了一类鲁棒性问题,即时间违反,它源于计划顺序与实际执行之间可能存在的差异。我们改进了一个基于图的交集模型来建立我们的理论基础,并分析了潜在的死锁及其可解性。我们开发解决方案,以减轻违反时间的负面影响。特别地,我们提出了一种鲁棒感知贪婪调度(RGS)算法用于鲁棒调度,并评估了不同交叉口模型和调度算法的无死锁鲁棒性。实验结果表明,RGS算法能够显著提高鲁棒性,并与流量性能保持良好的平衡。
{"title":"Graph-Based Deadlock Analysis and Prevention for Robust Intelligent Intersection Management","authors":"Kai-En Lin, Kuan-Chun Wang, Yu-Heng Chen, Li-Heng Lin, Ying-Hua Lee, Chung-Wei Lin, Iris Hui-Ru Jiang","doi":"10.1145/3632179","DOIUrl":"https://doi.org/10.1145/3632179","url":null,"abstract":"Intersection management systems, with the assistance of vehicular networks and autonomous vehicles, have potential to perform traffic control more precisely than contemporary signalized intersections. However, as infrastructural intersection management controllers do not directly activate motions of vehicles, it is possible that the vehicles fail to follow the instructions from controllers, undermining system properties such as deadlock-freeness and traffic performance. In this paper, we consider a class of robustness issues, the time violations, which stem from possible discrepancies between scheduled orders and real executions. We refine a graph-based intersection model to build our theoretical foundations and analyze potential deadlocks and their resolvability. We develop solutions that mitigate negative effects of time violations. Particularly, we propose a Robustness-Aware Greedy Scheduling (RGS) algorithm for robust scheduling and evaluate the deadlock-free robustness of different intersection models and scheduling algorithms. Experimental results show that the RGS algorithm is able to significantly improve robustness and keep a good balance with traffic performance.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135341889","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
System Resilience through Health Monitoring and Reconfiguration 通过运行状况监视和重新配置实现系统弹性
Q1 Mathematics Pub Date : 2023-11-03 DOI: 10.1145/3631612
Ion Matei, Wiktor Piotrowski, Alexandre Perez, Johan de Kleer, Jorge Tierno, Wendy Mungovan, Vance Turnewitsch
We demonstrate an end-to-end framework to improve the resilience of man-made systems to unforeseen events. The framework is based on a physics-based digital twin model and three modules tasked with real-time fault diagnosis, prognostics and reconfiguration. The fault diagnosis module uses model-based diagnosis algorithms to detect and isolate faults and generates interventions in the system to disambiguate uncertain diagnosis solutions. We scale up the fault diagnosis algorithm to the required real-time performance through the use of parallelization and surrogate models of the physics-based digital twin. The prognostics module tracks fault progression and trains the online degradation models to compute remaining useful life of system components. In addition, we use the degradation models to assess the impact of the fault progression on the operational requirements. The reconfiguration module uses PDDL-based planning endowed with semantic attachments to adjust the system controls to minimize the fault impact on the system operation. We define a resilience metric and use a fuel system example to demonstrate how the metric improves with our framework.
我们展示了一个端到端框架,以提高人工系统对不可预见事件的弹性。该框架基于基于物理的数字孪生模型和三个模块,负责实时故障诊断、预测和重新配置。故障诊断模块使用基于模型的诊断算法检测和隔离故障,并在系统中产生干预措施,消除不确定诊断方案的歧义。通过使用基于物理的数字孪生的并行化和代理模型,我们将故障诊断算法扩展到所需的实时性能。预测模块跟踪故障进展并训练在线退化模型来计算系统组件的剩余使用寿命。此外,我们使用退化模型来评估故障进展对操作需求的影响。重构模块采用基于pddl的规划,赋予语义附件,对系统控制进行调整,使故障对系统运行的影响最小化。我们定义了一个弹性度量,并使用一个燃料系统示例来演示该度量是如何随着我们的框架而改进的。
{"title":"System Resilience through Health Monitoring and Reconfiguration","authors":"Ion Matei, Wiktor Piotrowski, Alexandre Perez, Johan de Kleer, Jorge Tierno, Wendy Mungovan, Vance Turnewitsch","doi":"10.1145/3631612","DOIUrl":"https://doi.org/10.1145/3631612","url":null,"abstract":"We demonstrate an end-to-end framework to improve the resilience of man-made systems to unforeseen events. The framework is based on a physics-based digital twin model and three modules tasked with real-time fault diagnosis, prognostics and reconfiguration. The fault diagnosis module uses model-based diagnosis algorithms to detect and isolate faults and generates interventions in the system to disambiguate uncertain diagnosis solutions. We scale up the fault diagnosis algorithm to the required real-time performance through the use of parallelization and surrogate models of the physics-based digital twin. The prognostics module tracks fault progression and trains the online degradation models to compute remaining useful life of system components. In addition, we use the degradation models to assess the impact of the fault progression on the operational requirements. The reconfiguration module uses PDDL-based planning endowed with semantic attachments to adjust the system controls to minimize the fault impact on the system operation. We define a resilience metric and use a fuel system example to demonstrate how the metric improves with our framework.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135818870","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Techniques for Enhancing Security in Industrial Control Systems 提高工业控制系统安全性的技术
Q1 Mathematics Pub Date : 2023-10-30 DOI: 10.1145/3630103
Vijay Varadharajan, Uday Tupakula, Kallol Krishna Karmakar
Increasingly Industrial Control Systems (ICS) systems are being connected to the Internet to minimise the operational costs and provide additional flexibility. These control systems such as the ones used in power grids, manufacturing and utilities operate continually and have long lifespans measured in decades rather than years as in the case of IT systems. Such industrial control systems require uninterrupted and safe operation. However, they can be vulnerable to a variety of attacks, as successful attacks on critical control infrastructures could have devastating consequences to the safety of human lives as well as a nation’s security and prosperity. Furthermore, there can be a range of attacks that can target ICS and it is not easy to secure these systems against all known attacks let alone unknown ones. In this paper, we propose a software enabled security architecture using Software Defined Networking (SDN) and Network Function Virtualisation (NFV) that can enhance the capability to secure industrial control systems. We have designed such an SDN/NFV enabled security architecture and developed a Control System Security Application (CSSA) in SDN Controller for enhancing security in ICS by achieving real time situational awareness and dynamic policy-driven decision making across the network infrastructure. In particular, CSSA can be used for establishing secure path for end-to-end communication between devices and also deal against certain specific attacks namely denial of service attacks, from unpatched vulnerable control system components and securing the communication flows from the legacy devices that do not support any security functionality. We also discuss how CSSA provides reliable paths for safety critical messages in control systems. We discuss the prototype implementation of the proposed architecture and the results obtained from our analysis.
越来越多的工业控制系统(ICS)系统连接到互联网,以最大限度地降低运营成本并提供额外的灵活性。这些控制系统,如电网、制造业和公用事业中使用的控制系统,持续运行,寿命长,以几十年为单位,而不是像IT系统那样以年为单位。这种工业控制系统需要不间断和安全运行。然而,它们可能容易受到各种攻击,因为对关键控制基础设施的成功攻击可能对人类生命安全和国家安全与繁荣造成毁灭性后果。此外,可能会有一系列针对ICS的攻击,要保护这些系统免受所有已知攻击并不容易,更不用说未知攻击了。在本文中,我们提出了一种使用软件定义网络(SDN)和网络功能虚拟化(NFV)的软件支持的安全架构,可以增强保护工业控制系统的能力。我们设计了这样一个支持SDN/NFV的安全架构,并在SDN控制器中开发了一个控制系统安全应用程序(CSSA),通过实现跨网络基础设施的实时态势感知和动态策略驱动决策来增强ICS的安全性。CSSA可用于为设备之间建立端到端通信的安全路径,并可应对某些特定的攻击,即来自未修补的易受攻击的控制系统组件的拒绝服务攻击,以及保护来自不支持任何安全功能的旧设备的通信流。我们还讨论了CSSA如何为控制系统中的安全关键消息提供可靠的路径。我们讨论了所提出的体系结构的原型实现以及从分析中获得的结果。
{"title":"Techniques for Enhancing Security in Industrial Control Systems","authors":"Vijay Varadharajan, Uday Tupakula, Kallol Krishna Karmakar","doi":"10.1145/3630103","DOIUrl":"https://doi.org/10.1145/3630103","url":null,"abstract":"Increasingly Industrial Control Systems (ICS) systems are being connected to the Internet to minimise the operational costs and provide additional flexibility. These control systems such as the ones used in power grids, manufacturing and utilities operate continually and have long lifespans measured in decades rather than years as in the case of IT systems. Such industrial control systems require uninterrupted and safe operation. However, they can be vulnerable to a variety of attacks, as successful attacks on critical control infrastructures could have devastating consequences to the safety of human lives as well as a nation’s security and prosperity. Furthermore, there can be a range of attacks that can target ICS and it is not easy to secure these systems against all known attacks let alone unknown ones. In this paper, we propose a software enabled security architecture using Software Defined Networking (SDN) and Network Function Virtualisation (NFV) that can enhance the capability to secure industrial control systems. We have designed such an SDN/NFV enabled security architecture and developed a Control System Security Application (CSSA) in SDN Controller for enhancing security in ICS by achieving real time situational awareness and dynamic policy-driven decision making across the network infrastructure. In particular, CSSA can be used for establishing secure path for end-to-end communication between devices and also deal against certain specific attacks namely denial of service attacks, from unpatched vulnerable control system components and securing the communication flows from the legacy devices that do not support any security functionality. We also discuss how CSSA provides reliable paths for safety critical messages in control systems. We discuss the prototype implementation of the proposed architecture and the results obtained from our analysis.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136018959","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Characterizing and Improving Resilience of Accelerators to Memory Errors in Autonomous Robots 自主机器人加速器对记忆错误的表征与改进
Q1 Mathematics Pub Date : 2023-10-23 DOI: 10.1145/3627828
Deval Shah, Zi Yu Xue, Karthik Pattabiraman, Tor M. Aamodt
Motion planning is a computationally intensive and well-studied problem in autonomous robots. However, motion planning hardware accelerators (MPA) must be soft-error resilient for deployment in safety-critical applications, and blanket application of traditional mitigation techniques is ill-suited due to cost, power, and performance overheads. We propose Collision Exposure Factor (CEF), a novel metric to assess the failure vulnerability of circuits processing spatial relationships, including motion planning. CEF is based on the insight that the safety violation probability increases with the surface area of the physical space exposed by a bit-flip. We evaluate CEF on four MPAs. We demonstrate empirically that CEF is correlated with safety violation probability, and that CEF-aware selective error mitigation provides 12.3 ×, 9.6 ×, and 4.2 × lower dangerous Failures-In-Time rate on average for the same amount of protected memory compared to uniform, bit-position, and access-frequency-aware selection of critical data. Furthermore, we show how to employ CEF to enable fault characterization using 23, 000 × fewer fault injection (FI) experiments than exhaustive FI, and evaluate our FI approach on different robots and MPAs. We demonstrate that CEF-aware FI can provide insights on vulnerable bits in an MPA while taking the same amount of time as uniform statistical FI. Finally, we use the CEF to formulate guidelines for designing soft-error resilient MPAs.
在自主机器人中,运动规划是一个计算量大且研究深入的问题。然而,运动规划硬件加速器(MPA)必须具有软错误弹性,才能在安全关键应用中部署,而由于成本、功率和性能开销,传统缓解技术的一揽子应用并不适合。我们提出了碰撞暴露因子(CEF),这是一种评估电路处理空间关系(包括运动规划)的失效脆弱性的新度量。CEF是基于这样一种认识,即安全违规概率随着比特翻转所暴露的物理空间表面积的增加而增加。我们评估了四个海洋保护区的CEF。我们从经验上证明了CEF与安全违反概率相关,并且与统一、位位置和访问频率感知的关键数据选择相比,对于相同数量的受保护内存,CEF感知的选择性错误缓解平均降低了12.3倍、9.6倍和4.2倍的危险及时故障率。此外,我们展示了如何使用CEF来实现故障表征,使用的故障注入(FI)实验比穷举FI少23000倍,并在不同的机器人和MPAs上评估了我们的FI方法。我们证明,cef感知的FI可以提供MPA中脆弱钻头的见解,同时花费与统一统计FI相同的时间。最后,我们使用CEF来制定设计软误差弹性mpa的指导方针。
{"title":"Characterizing and Improving Resilience of Accelerators to Memory Errors in Autonomous Robots","authors":"Deval Shah, Zi Yu Xue, Karthik Pattabiraman, Tor M. Aamodt","doi":"10.1145/3627828","DOIUrl":"https://doi.org/10.1145/3627828","url":null,"abstract":"Motion planning is a computationally intensive and well-studied problem in autonomous robots. However, motion planning hardware accelerators (MPA) must be soft-error resilient for deployment in safety-critical applications, and blanket application of traditional mitigation techniques is ill-suited due to cost, power, and performance overheads. We propose Collision Exposure Factor (CEF), a novel metric to assess the failure vulnerability of circuits processing spatial relationships, including motion planning. CEF is based on the insight that the safety violation probability increases with the surface area of the physical space exposed by a bit-flip. We evaluate CEF on four MPAs. We demonstrate empirically that CEF is correlated with safety violation probability, and that CEF-aware selective error mitigation provides 12.3 ×, 9.6 ×, and 4.2 × lower dangerous Failures-In-Time rate on average for the same amount of protected memory compared to uniform, bit-position, and access-frequency-aware selection of critical data. Furthermore, we show how to employ CEF to enable fault characterization using 23, 000 × fewer fault injection (FI) experiments than exhaustive FI, and evaluate our FI approach on different robots and MPAs. We demonstrate that CEF-aware FI can provide insights on vulnerable bits in an MPA while taking the same amount of time as uniform statistical FI. Finally, we use the CEF to formulate guidelines for designing soft-error resilient MPAs.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135366639","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
RollBack: A New Time-Agnostic Replay Attack Against the Automotive Remote Keyless Entry Systems 回滚:针对汽车远程无钥匙进入系统的一种新的时间不可知重放攻击
Q1 Mathematics Pub Date : 2023-10-19 DOI: 10.1145/3627827
Levente Csikor, Hoon Wei Lim, Jun Wen Wong, Soundarya Ramesh, Rohini Poolat Parameswarath, Mun Choon Chan
Automotive Keyless Entry (RKE) systems provide car owners with a degree of convenience, allowing them to lock and unlock the car without using a mechanical key. Today’s RKE systems implement disposable rolling codes, making every key fob button press unique, effectively preventing simple replay attacks. However, a prior attack called RollJam was proven to break all rolling code-based systems in general. By a careful sequence of signal jamming, capturing, and replaying, an attacker can become aware of the subsequent valid unlock signal that has not been used yet. RollJam, however, requires continuous deployment indefinitely until it is exploited. Otherwise, the captured signals become invalid if the key fob is used again without RollJam in place. We introduce RollBack, a new replay-and-resynchronize attack against most of today’s RKE systems. In particular, we show that even though the one-time code becomes invalid in rolling code systems, replaying a few previously captured signals consecutively can trigger a rollback-like mechanism in the RKE system. Put differently, the rolling codes become resynchronized back to a previous code used in the past from where all subsequent yet already used signals work again. Moreover, the victim can still use the key fob without noticing any difference before and after the attack. Unlike RollJam, RollBack does not necessitate jamming at all. In fact, it requires signal capturing only once and can be exploited at any time in the future as many times as desired. This time-agnostic property is particularly attractive to attackers, especially in car-sharing/renting scenarios where accessing the key fob is straightforward. However, while RollJam defeats virtually any rolling code-based system, vehicles might have additional anti-theft measures against malfunctioning key fobs, hence against RollBack. Our ongoing analysis (with crowd-sourced data) against different vehicle makes and models has revealed that ∼ 50% of the examined vehicles in the Asian region are vulnerable to RollBack, while the impact tends to be smaller in other regions like Europe and North America.
汽车无钥匙进入(RKE)系统为车主提供了一定程度的便利,允许他们在不使用机械钥匙的情况下锁定和解锁汽车。今天的RKE系统实施一次性滚动代码,使每个按键按键都是唯一的,有效防止简单的重放攻击。然而,先前的一种名为RollJam的攻击被证明可以破坏所有基于滚动代码的系统。通过一系列小心的信号干扰、捕获和重放,攻击者可以意识到尚未使用的后续有效解锁信号。然而,RollJam需要持续部署,直到它被利用为止。否则,如果在没有RollJam的情况下再次使用密钥卡,则捕获的信号将无效。我们将介绍RollBack,这是针对当今大多数RKE系统的一种新的重放和重新同步攻击。特别是,我们表明,即使一次性代码在滚动代码系统中变得无效,连续重播以前捕获的一些信号可以触发RKE系统中的类似回滚的机制。换句话说,滚动的代码被重新同步回过去使用的先前代码,从那里所有后续的已使用的信号再次工作。此外,受害者仍然可以使用钥匙扣,而不会注意到攻击前后的任何差异。与RollJam不同,RollBack根本不需要干扰。事实上,它只需要捕获一次信号,并且可以在未来的任何时候根据需要进行多次利用。这种与时间无关的属性对攻击者特别有吸引力,特别是在汽车共享/租赁场景中,访问密钥很简单。然而,虽然RollJam几乎击败了任何基于滚动代码的系统,但车辆可能会有额外的防盗措施来防止钥匙扣故障,从而防止RollBack。我们正在进行的针对不同汽车品牌和车型的分析(使用众包数据)显示,在亚洲地区,约50%的受调查车辆容易受到回滚的影响,而在欧洲和北美等其他地区,影响往往较小。
{"title":"RollBack: A New Time-Agnostic Replay Attack Against the Automotive Remote Keyless Entry Systems","authors":"Levente Csikor, Hoon Wei Lim, Jun Wen Wong, Soundarya Ramesh, Rohini Poolat Parameswarath, Mun Choon Chan","doi":"10.1145/3627827","DOIUrl":"https://doi.org/10.1145/3627827","url":null,"abstract":"Automotive Keyless Entry (RKE) systems provide car owners with a degree of convenience, allowing them to lock and unlock the car without using a mechanical key. Today’s RKE systems implement disposable rolling codes, making every key fob button press unique, effectively preventing simple replay attacks. However, a prior attack called RollJam was proven to break all rolling code-based systems in general. By a careful sequence of signal jamming, capturing, and replaying, an attacker can become aware of the subsequent valid unlock signal that has not been used yet. RollJam, however, requires continuous deployment indefinitely until it is exploited. Otherwise, the captured signals become invalid if the key fob is used again without RollJam in place. We introduce RollBack, a new replay-and-resynchronize attack against most of today’s RKE systems. In particular, we show that even though the one-time code becomes invalid in rolling code systems, replaying a few previously captured signals consecutively can trigger a rollback-like mechanism in the RKE system. Put differently, the rolling codes become resynchronized back to a previous code used in the past from where all subsequent yet already used signals work again. Moreover, the victim can still use the key fob without noticing any difference before and after the attack. Unlike RollJam, RollBack does not necessitate jamming at all. In fact, it requires signal capturing only once and can be exploited at any time in the future as many times as desired. This time-agnostic property is particularly attractive to attackers, especially in car-sharing/renting scenarios where accessing the key fob is straightforward. However, while RollJam defeats virtually any rolling code-based system, vehicles might have additional anti-theft measures against malfunctioning key fobs, hence against RollBack. Our ongoing analysis (with crowd-sourced data) against different vehicle makes and models has revealed that ∼ 50% of the examined vehicles in the Asian region are vulnerable to RollBack, while the impact tends to be smaller in other regions like Europe and North America.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-10-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135729097","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Event-Triggered Control with Intermittent Communications over Erasure Channels for Leader-Follower Problems with the Combined-Slip Effect 具有联合滑移效应的领导-随从问题的擦除信道间歇通信事件触发控制
Q1 Mathematics Pub Date : 2023-10-14 DOI: 10.1145/3625562
Mohammad H. Mamduhi, Ehsan Hashemi
In this article, we investigate the vehicle path-following problem for a vehicle-to-vehicle (V2V)–enabled leader–follower scenario and propose an integrated control policy for the following vehicle to accurately follow the leader’s path. We propose a control strategy for the follower vehicle to maintain a velocity-dependent distance relative to the leader vehicle while stabilizing its longitudinal and lateral dynamics considering the combined-slip effect and tire force saturation. In light of reducing wireless communication errors and efficient usage of battery power and resources, we propose an intermittent V2V communication in which transmissions are scheduled based on an event-triggered law. An event is triggered and a transmission is scheduled in subsequent sample time if some of the well-defined path-following error functions (relative distance error and lateral error) exceed given tolerance bounds. Considering that the V2V communication channel might be erroneous or a transmission fails due to, e.g., vehicles’ distance or low battery power, we consider data loss in the V2V channel. Our proposed control law consists of two components: a receding horizon feedback controller with state constraints based on a safe operation envelop and a feedforward controller that generates complementary control inputs when the leader’s states are successfully communicated to the follower. To mitigate the effects of data loss on the follower’s path-following performance, we design a remote estimator for the follower to predict the leader’s state using its on-board sensor equipment when an event is triggered but the corresponding state information is not received by the follower due to a packet loss. Incorporating this estimator allows the follower to apply cautionary control inputs knowing that the path-following error had exceeded a tolerance bound. We show that while the feedback controller stabilizes the follower’s dynamics, the feedforward component improves the safety margins and reduces the path-following errors even in the presence of data loss. High-fidelity simulations are performed using CarSim to validate the effectiveness of our proposed control architecture specifically in harsh maneuvers and high-slip scenarios on various road surface conditions.
在本文中,我们研究了车辆对车辆(V2V)支持的领导者-追随者场景下的车辆路径跟踪问题,并提出了一种集成控制策略,使后面的车辆能够准确地跟随领导者的路径。在考虑联合滑移效应和轮胎力饱和的情况下,提出了一种随车相对于前车保持速度相关距离的控制策略,同时稳定其纵向和横向动力学。为了减少无线通信错误和有效利用电池电力和资源,我们提出了一种基于事件触发规律的间歇性V2V通信。如果一些定义良好的路径跟踪误差函数(相对距离误差和横向误差)超过给定的容限,则触发事件并在随后的采样时间内调度传输。考虑到由于车辆距离或电池电量不足等原因,V2V通信通道可能出现错误或传输失败,我们考虑V2V通道中的数据丢失。我们提出的控制律由两个部分组成:一个基于安全运行包络的状态约束的后退地平线反馈控制器和一个前馈控制器,当领导者的状态成功地传达给追随者时,前馈控制器产生互补的控制输入。为了减轻数据丢失对follower路径跟踪性能的影响,我们为follower设计了一个远程估计器,当事件被触发但由于数据包丢失而无法接收到相应的状态信息时,follower可以使用其车载传感器设备预测leader的状态。结合此估计器允许跟踪者在知道路径跟踪误差已超过容限范围的情况下应用谨慎控制输入。我们表明,虽然反馈控制器稳定了跟随者的动态,但前馈组件提高了安全裕度,并且即使在存在数据丢失的情况下也减少了路径跟踪错误。使用CarSim进行了高保真仿真,以验证我们提出的控制体系结构的有效性,特别是在各种路面条件下的苛刻机动和高滑移情况下。
{"title":"Event-Triggered Control with Intermittent Communications over Erasure Channels for Leader-Follower Problems with the Combined-Slip Effect","authors":"Mohammad H. Mamduhi, Ehsan Hashemi","doi":"10.1145/3625562","DOIUrl":"https://doi.org/10.1145/3625562","url":null,"abstract":"In this article, we investigate the vehicle path-following problem for a vehicle-to-vehicle (V2V)–enabled leader–follower scenario and propose an integrated control policy for the following vehicle to accurately follow the leader’s path. We propose a control strategy for the follower vehicle to maintain a velocity-dependent distance relative to the leader vehicle while stabilizing its longitudinal and lateral dynamics considering the combined-slip effect and tire force saturation. In light of reducing wireless communication errors and efficient usage of battery power and resources, we propose an intermittent V2V communication in which transmissions are scheduled based on an event-triggered law. An event is triggered and a transmission is scheduled in subsequent sample time if some of the well-defined path-following error functions (relative distance error and lateral error) exceed given tolerance bounds. Considering that the V2V communication channel might be erroneous or a transmission fails due to, e.g., vehicles’ distance or low battery power, we consider data loss in the V2V channel. Our proposed control law consists of two components: a receding horizon feedback controller with state constraints based on a safe operation envelop and a feedforward controller that generates complementary control inputs when the leader’s states are successfully communicated to the follower. To mitigate the effects of data loss on the follower’s path-following performance, we design a remote estimator for the follower to predict the leader’s state using its on-board sensor equipment when an event is triggered but the corresponding state information is not received by the follower due to a packet loss. Incorporating this estimator allows the follower to apply cautionary control inputs knowing that the path-following error had exceeded a tolerance bound. We show that while the feedback controller stabilizes the follower’s dynamics, the feedforward component improves the safety margins and reduces the path-following errors even in the presence of data loss. High-fidelity simulations are performed using CarSim to validate the effectiveness of our proposed control architecture specifically in harsh maneuvers and high-slip scenarios on various road surface conditions.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135767377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A References Architecture for Human Cyber Physical Systems - PART II: Fundamental Design Principles for Human-CPS Interaction 人类网络物理系统的参考体系结构-第二部分:人类- cps交互的基本设计原则
Q1 Mathematics Pub Date : 2023-09-22 DOI: 10.1145/3622880
Klaus Bengler, Werner Damm, Andreas Luedtke, Jochem Rieger, Benedikt Austel, Bianca Biebl, Martin Fränzle, Willem Hagemann, Moritz Held, David Hess, Klas Ihme, Severin Kacianka, Alyssa J. Kerscher, Lain Forrest, Sebastian Lehnhoff, Alexander Pretschner, Astrid Rakow, Daniel Sonntag, Janos Sztipanovits, Maike Schwammberger, Mark Schweda, Anirudh Unni, Eric Veith
As automation increases qualitatively and quantitatively in safety-critical human cyber-physical systems, it is becoming more and more challenging to increase the probability or ensure that human operators still perceive key artefacts and comprehend their roles in the system. In the companion paper, we proposed an abstract reference architecture capable of expressing all classes of system-level interactions in human cyber-physical systems. Here we demonstrate how this reference architecture supports the analysis of levels of communication between agents and helps to identify the potential for misunderstandings and misconceptions. We then develop a metamodel for safe human machine interaction. Therefore, we ask what type of information exchange must be supported on what level so that humans and systems can cooperate as a team, what is the criticality of exchanged information, what are timing requirements for such interactions, and how can we communicate highly critical information in a limited time frame in spite of the many sources of a distorted perception. We highlight shared stumbling blocks and illustrate shared design principles, which rest on established ontologies specific to particular application classes. In order to overcome the partial opacity of internal states of agents, we anticipate a key role of virtual twins of both human and technical cooperation partners for designing a suitable communication.
随着自动化在安全关键的人类网络物理系统中的质量和数量的增加,增加或确保人类操作员仍然感知关键人工制品并理解其在系统中的作用的可能性变得越来越具有挑战性。在这篇论文中,我们提出了一个抽象的参考架构,能够表达人类网络物理系统中所有类型的系统级交互。在这里,我们将演示该参考体系结构如何支持对代理之间通信级别的分析,并帮助识别潜在的误解和误解。然后,我们开发了一个安全人机交互的元模型。因此,我们要问什么样的信息交换必须在什么样的层次上得到支持,这样人类和系统才能作为一个团队合作,交换信息的重要性是什么,这种交互的时间要求是什么,以及我们如何在有限的时间框架内沟通高度关键的信息,尽管有许多扭曲的感知来源。我们强调了共享的障碍,并说明了共享的设计原则,这些原则基于特定于特定应用程序类的已建立的本体。为了克服代理内部状态的部分不透明性,我们期望人类和技术合作伙伴的虚拟双胞胎在设计合适的通信方面发挥关键作用。
{"title":"A References Architecture for Human Cyber Physical Systems - PART II: Fundamental Design Principles for Human-CPS Interaction","authors":"Klaus Bengler, Werner Damm, Andreas Luedtke, Jochem Rieger, Benedikt Austel, Bianca Biebl, Martin Fränzle, Willem Hagemann, Moritz Held, David Hess, Klas Ihme, Severin Kacianka, Alyssa J. Kerscher, Lain Forrest, Sebastian Lehnhoff, Alexander Pretschner, Astrid Rakow, Daniel Sonntag, Janos Sztipanovits, Maike Schwammberger, Mark Schweda, Anirudh Unni, Eric Veith","doi":"10.1145/3622880","DOIUrl":"https://doi.org/10.1145/3622880","url":null,"abstract":"As automation increases qualitatively and quantitatively in safety-critical human cyber-physical systems, it is becoming more and more challenging to increase the probability or ensure that human operators still perceive key artefacts and comprehend their roles in the system. In the companion paper, we proposed an abstract reference architecture capable of expressing all classes of system-level interactions in human cyber-physical systems. Here we demonstrate how this reference architecture supports the analysis of levels of communication between agents and helps to identify the potential for misunderstandings and misconceptions. We then develop a metamodel for safe human machine interaction. Therefore, we ask what type of information exchange must be supported on what level so that humans and systems can cooperate as a team, what is the criticality of exchanged information, what are timing requirements for such interactions, and how can we communicate highly critical information in a limited time frame in spite of the many sources of a distorted perception. We highlight shared stumbling blocks and illustrate shared design principles, which rest on established ontologies specific to particular application classes. In order to overcome the partial opacity of internal states of agents, we anticipate a key role of virtual twins of both human and technical cooperation partners for designing a suitable communication.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136061283","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Towards Safe Autonomy in Hybrid Traffic: Detecting Unpredictable Abnormal Behaviors of Human Drivers via Information Sharing 迈向混合交通的安全自主:通过信息共享检测人类驾驶员不可预测的异常行为
Q1 Mathematics Pub Date : 2023-09-22 DOI: 10.1145/3616398
Jiangwei Wang, Lili Su, Songyang Han, Dongjin Song, Fei Miao
Hybrid traffic which involves both autonomous and human-driven vehicles would be the norm of the autonomous vehicles’ practice for a while. On the one hand, unlike autonomous vehicles, human-driven vehicles could exhibit sudden abnormal behaviors such as unpredictably switching to dangerous driving modes – putting its neighboring vehicles under risks; such undesired mode switching could arise from numbers of human driver factors, including fatigue, drunkenness, distraction, aggressiveness, etc. On the other hand, modern vehicle-to-vehicle (V2V) communication technologies enable the autonomous vehicles to efficiently and reliably share the scarce run-time information with each other [1]. In this paper, we propose, to the best of our knowledge, the first efficient algorithm that can (1) significantly improve trajectory prediction by effectively fusing the run-time information shared by surrounding autonomous vehicles, and can (2) accurately and quickly detect abnormal human driving mode switches or abnormal driving behavior with formal assurance without hurting human drivers’ privacy. To validate our proposed algorithm, we first evaluate our proposed trajectory predictor on NGSIM and Argoverse datasets and show that our proposed predictor outperforms the baseline methods. Then through extensive experiments on SUMO simulator, we show that our proposed algorithm has great detection performance in both highway and urban traffic. The best performance achieves detection rate of (97.3% ) , average detection delay of 1.2s, and 0 false alarm.
在一段时间内,自动驾驶和人类驾驶的混合交通将成为自动驾驶汽车实践的常态。一方面,与自动驾驶汽车不同,人类驾驶的汽车可能会表现出突然的异常行为,比如不可预测地切换到危险的驾驶模式——使邻近的车辆处于危险之中;这种不受欢迎的模式切换可能是由许多人为驱动因素引起的,包括疲劳、醉酒、分心、攻击性等。另一方面,现代车对车(V2V)通信技术使自动驾驶汽车能够高效可靠地相互共享稀缺的运行时信息[1]。在本文中,据我们所知,我们提出了第一个高效的算法,该算法可以(1)通过有效融合周围自动驾驶车辆共享的运行时信息,显著提高轨迹预测,并且可以(2)在不损害人类驾驶员隐私的情况下,准确快速地检测出人类驾驶模式的异常切换或异常驾驶行为。为了验证我们提出的算法,我们首先在NGSIM和Argoverse数据集上评估了我们提出的轨迹预测器,并表明我们提出的预测器优于基线方法。在SUMO仿真器上进行了大量实验,结果表明该算法在高速公路和城市交通中都具有良好的检测性能。最佳性能达到检测率(97.3% ),平均检测时延1.2s,虚警0。
{"title":"Towards Safe Autonomy in Hybrid Traffic: Detecting Unpredictable Abnormal Behaviors of Human Drivers via Information Sharing","authors":"Jiangwei Wang, Lili Su, Songyang Han, Dongjin Song, Fei Miao","doi":"10.1145/3616398","DOIUrl":"https://doi.org/10.1145/3616398","url":null,"abstract":"Hybrid traffic which involves both autonomous and human-driven vehicles would be the norm of the autonomous vehicles’ practice for a while. On the one hand, unlike autonomous vehicles, human-driven vehicles could exhibit sudden abnormal behaviors such as unpredictably switching to dangerous driving modes – putting its neighboring vehicles under risks; such undesired mode switching could arise from numbers of human driver factors, including fatigue, drunkenness, distraction, aggressiveness, etc. On the other hand, modern vehicle-to-vehicle (V2V) communication technologies enable the autonomous vehicles to efficiently and reliably share the scarce run-time information with each other [1]. In this paper, we propose, to the best of our knowledge, the first efficient algorithm that can (1) significantly improve trajectory prediction by effectively fusing the run-time information shared by surrounding autonomous vehicles, and can (2) accurately and quickly detect abnormal human driving mode switches or abnormal driving behavior with formal assurance without hurting human drivers’ privacy. To validate our proposed algorithm, we first evaluate our proposed trajectory predictor on NGSIM and Argoverse datasets and show that our proposed predictor outperforms the baseline methods. Then through extensive experiments on SUMO simulator, we show that our proposed algorithm has great detection performance in both highway and urban traffic. The best performance achieves detection rate of (97.3% ) , average detection delay of 1.2s, and 0 false alarm.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136059975","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A REFERENCE ARCHITECTURE OF HUMAN CYBER-PHYSICAL SYSTEMS – PART III: SEMANTIC FOUNDATIONS 人类信息物理系统的参考体系结构。第3部分:语义基础
Q1 Mathematics Pub Date : 2023-09-22 DOI: 10.1145/3622881
Werner Damm, Martin Fränzle, Alyssa J. Kerscher, Laine Forrest, Klaus Bengler, Bianca Biebl, Willem Hagemann, Moritz Held, David Hess, Klas Ihme, Severin Kacianka, Sebastian Lehnhoff, Andreas Luedtke, Alexander Pretschner, Astrid Rakow, Rieger Jochem, Daniel Sonntag, Jonas Sztipanovits, Maike Schwammberger, Mark Schweda, Alexander Trende, Anirudh Unni, Eric Veith
The design and analysis of multi-agent human cyber-physical systems in safety-critical or industry-critical domains calls for an adequate semantic foundation capable of exhaustively and rigorously describing all emergent effects in the joint dynamic behavior of the agents that are relevant to their safety and well-behavior. We present such a semantic foundation. This framework extends beyond previous approaches by extending the agent-local dynamic state beyond state components under direct control of the agent and belief about other agents (as previously suggested for understanding cooperative as well as rational behavior) to agent-local evidence and belief about the overall cooperative, competitive, or coopetitive game structure. We argue that this extension is necessary for rigorously analyzing systems of human cyber-physical systems because humans are known to employ cognitive replacement models of system dynamics that are both non-stationary and potentially incongruent. These replacement models induce visible and potentially harmful effects on their joint emergent behavior and the interaction with cyber-physical system components.
安全关键或工业关键领域的多智能体人类网络物理系统的设计和分析需要一个足够的语义基础,能够详尽和严格地描述与其安全和良好行为相关的智能体联合动态行为中的所有紧急效应。我们提出了这样一个语义基础。该框架超越了之前的方法,将代理本地动态状态扩展到代理直接控制下的状态组件和对其他代理的信念(如先前建议的理解合作和理性行为),以代理本地证据和对整体合作,竞争或合作博弈结构的信念。我们认为,这种扩展对于严格分析人类网络-物理系统系统是必要的,因为已知人类采用非平稳和潜在不一致的系统动力学的认知替代模型。这些替代模型对它们的联合涌现行为和与网络物理系统组件的相互作用产生了可见的和潜在的有害影响。
{"title":"A REFERENCE ARCHITECTURE OF HUMAN CYBER-PHYSICAL SYSTEMS – PART III: SEMANTIC FOUNDATIONS","authors":"Werner Damm, Martin Fränzle, Alyssa J. Kerscher, Laine Forrest, Klaus Bengler, Bianca Biebl, Willem Hagemann, Moritz Held, David Hess, Klas Ihme, Severin Kacianka, Sebastian Lehnhoff, Andreas Luedtke, Alexander Pretschner, Astrid Rakow, Rieger Jochem, Daniel Sonntag, Jonas Sztipanovits, Maike Schwammberger, Mark Schweda, Alexander Trende, Anirudh Unni, Eric Veith","doi":"10.1145/3622881","DOIUrl":"https://doi.org/10.1145/3622881","url":null,"abstract":"The design and analysis of multi-agent human cyber-physical systems in safety-critical or industry-critical domains calls for an adequate semantic foundation capable of exhaustively and rigorously describing all emergent effects in the joint dynamic behavior of the agents that are relevant to their safety and well-behavior. We present such a semantic foundation. This framework extends beyond previous approaches by extending the agent-local dynamic state beyond state components under direct control of the agent and belief about other agents (as previously suggested for understanding cooperative as well as rational behavior) to agent-local evidence and belief about the overall cooperative, competitive, or coopetitive game structure. We argue that this extension is necessary for rigorously analyzing systems of human cyber-physical systems because humans are known to employ cognitive replacement models of system dynamics that are both non-stationary and potentially incongruent. These replacement models induce visible and potentially harmful effects on their joint emergent behavior and the interaction with cyber-physical system components.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136062299","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
ACM Transactions on Cyber-Physical Systems
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1