首页 > 最新文献

ACM Transactions on Cyber-Physical Systems最新文献

英文 中文
Investigating the Security of EV Charging Mobile Applications As an Attack Surface 作为攻击面的电动汽车充电移动应用安全性研究
IF 2.3 Q1 Mathematics Pub Date : 2022-11-19 DOI: 10.1145/3609508
Khaled Sarieddine, M. Sayed, Sadegh Torabi, Ribal Atallah, C. Assi
The adoption rate of EVs has witnessed a significant increase in recent years driven by multiple factors, chief among which is the increased flexibility and ease of access to charging infrastructure. To improve user experience and increase system flexibility, mobile applications have been incorporated into the EV charging ecosystem. EV charging mobile applications allow consumers to remotely trigger actions on charging stations and use functionalities such as start/stop charging sessions, pay for usage, and locate charging stations, to name a few. In this paper, we study the security posture of the EV charging ecosystem against a new type of remote which exploits vulnerabilities in the EV charging mobile applications as an attack surface. We leverage a combination of static and dynamic analysis techniques to analyze the security of widely used EV charging mobile applications. Our analysis was performed on 31 of the most widely used mobile applications including their interactions with various components such as the cloud management systems. The attack, scenarios that exploit these vulnerabilities were verified on a real-time co-simulation test bed. Our discoveries indicate the lack of user/vehicle verification and improper authorization for critical functions, which allow adversaries to remotely hijack charging sessions and launch attacks against the connected critical infrastructure. The attacks were demonstrated using the EVCS mobile applications showing the feasibility and the applicability of our attacks. Indeed, we discuss specific remote attack scenarios and their impact on EV users. More importantly, our analysis results demonstrate the feasibility of leveraging existing vulnerabilities across various EV charging mobile applications to perform wide-scale coordinated remote charging/discharging attacks against the connected critical infrastructure (e.g., power grid), with significant economical and operational implications. Finally, we propose countermeasures to secure the infrastructure and impede adversaries from performing reconnaissance and launching remote attacks using compromised accounts.
近年来,电动汽车的采用率在多种因素的推动下显著提高,其中最主要的是充电基础设施的灵活性和易用性的提高。为了改善用户体验和增加系统灵活性,移动应用程序已被纳入电动汽车充电生态系统。电动汽车充电移动应用程序允许消费者远程触发充电站的操作,并使用诸如开始/停止充电会话、支付使用费用和定位充电站等功能。在本文中,我们研究了针对一种新型远程攻击的电动汽车充电生态系统的安全态势,这种远程攻击利用电动汽车充电移动应用程序中的漏洞作为攻击面。我们利用静态和动态分析技术的结合来分析广泛使用的电动汽车充电移动应用程序的安全性。我们对31个最广泛使用的移动应用程序进行了分析,包括它们与各种组件(如云管理系统)的交互。利用这些漏洞的攻击场景在实时联合模拟测试台上进行了验证。我们的发现表明,关键功能缺乏用户/车辆验证和不当授权,这使得攻击者能够远程劫持充电会话并对连接的关键基础设施发起攻击。使用EVCS移动应用程序演示了这些攻击,显示了我们的攻击的可行性和适用性。实际上,我们讨论了特定的远程攻击场景及其对EV用户的影响。更重要的是,我们的分析结果证明了利用各种电动汽车充电移动应用程序的现有漏洞对连接的关键基础设施(例如电网)进行大规模协调远程充电/放电攻击的可行性,具有重大的经济和运营影响。最后,我们提出了保护基础设施并阻止对手使用受损帐户进行侦察和发起远程攻击的对策。
{"title":"Investigating the Security of EV Charging Mobile Applications As an Attack Surface","authors":"Khaled Sarieddine, M. Sayed, Sadegh Torabi, Ribal Atallah, C. Assi","doi":"10.1145/3609508","DOIUrl":"https://doi.org/10.1145/3609508","url":null,"abstract":"The adoption rate of EVs has witnessed a significant increase in recent years driven by multiple factors, chief among which is the increased flexibility and ease of access to charging infrastructure. To improve user experience and increase system flexibility, mobile applications have been incorporated into the EV charging ecosystem. EV charging mobile applications allow consumers to remotely trigger actions on charging stations and use functionalities such as start/stop charging sessions, pay for usage, and locate charging stations, to name a few. In this paper, we study the security posture of the EV charging ecosystem against a new type of remote which exploits vulnerabilities in the EV charging mobile applications as an attack surface. We leverage a combination of static and dynamic analysis techniques to analyze the security of widely used EV charging mobile applications. Our analysis was performed on 31 of the most widely used mobile applications including their interactions with various components such as the cloud management systems. The attack, scenarios that exploit these vulnerabilities were verified on a real-time co-simulation test bed. Our discoveries indicate the lack of user/vehicle verification and improper authorization for critical functions, which allow adversaries to remotely hijack charging sessions and launch attacks against the connected critical infrastructure. The attacks were demonstrated using the EVCS mobile applications showing the feasibility and the applicability of our attacks. Indeed, we discuss specific remote attack scenarios and their impact on EV users. More importantly, our analysis results demonstrate the feasibility of leveraging existing vulnerabilities across various EV charging mobile applications to perform wide-scale coordinated remote charging/discharging attacks against the connected critical infrastructure (e.g., power grid), with significant economical and operational implications. Finally, we propose countermeasures to secure the infrastructure and impede adversaries from performing reconnaissance and launching remote attacks using compromised accounts.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-11-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48935364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
CAD Support for Security and Robustness Analysis of Safety-critical Automotive Software 安全关键型汽车软件安全性和鲁棒性分析的CAD支持
IF 2.3 Q1 Mathematics Pub Date : 2022-11-18 DOI: 10.1145/3571287
Ipsita Koley, Soumyajit Dey, Debdeep Mukhopadhyay, Sachin Kumar Singh, Lavanya Lokesh, Shantaram Vishwanath Ghotgalkar
Modern vehicles contain a multitude of electronic control units that implement software features controlling most of the operational, entertainment, connectivity, and safety aspects of the vehicle. However, with security requirements often being an afterthought in automotive software development, incorporation of such software features with intra- and inter-vehicular connectivity requirements often opens up new attack surfaces. Demonstrations of such security vulnerabilities in past reports and literature bring in the necessity to formally analyze how secure automotive control systems really are against adversarial attacks. Modern vehicles often incorporate onboard monitoring systems that test the sanctity of data samples communicated among controllers and detect possible attack/noise insertion scenarios. The performance of such monitors against security threats also needs to be verified. In this work, we outline a rigorous methodology for estimating the vulnerability of automotive CPSs. We provide a computer-aided design framework that considers the model-based representation of safety-critical automotive controllers and monitoring systems working in a closed loop with vehicle dynamics and verifies their safety and robustness w.r.t. false data injection attacks. Symbolically exploring all possible combinations of attack points of the input automotive CPS, the proposed framework tries to find out which sensor and/or actuation signal is vulnerable by generating stealthy and successful attacks using a formal method-based counter-example guided abstract refinement process. We also validate the efficacy of the proposed framework using a case study performed in an industry-scale simulator.
现代车辆包含大量电子控制单元,这些电子控制单元实现软件功能,控制车辆的大部分操作、娱乐、连接和安全方面。然而,在汽车软件开发中,安全要求往往是事后考虑的问题,将此类软件功能与车内和车间连接要求相结合往往会开辟新的攻击面。在过去的报告和文献中对此类安全漏洞的演示使得有必要正式分析汽车控制系统在对抗性攻击中的安全性。现代车辆通常包含车载监测系统,该系统测试控制器之间通信的数据样本的神圣性,并检测可能的攻击/噪声插入场景。还需要验证此类监控器对安全威胁的性能。在这项工作中,我们概述了一种评估汽车消费品安全漏洞的严格方法。我们提供了一个计算机辅助设计框架,该框架考虑了与车辆动力学闭环工作的安全关键型汽车控制器和监控系统的基于模型的表示,并验证了它们的安全性和稳健性。该框架象征性地探索了输入汽车CPS的攻击点的所有可能组合,试图通过使用基于形式方法的反例引导的抽象细化过程生成隐蔽和成功的攻击,找出哪个传感器和/或驱动信号是易受攻击的。我们还通过在行业规模的模拟器中进行的案例研究验证了所提出的框架的有效性。
{"title":"CAD Support for Security and Robustness Analysis of Safety-critical Automotive Software","authors":"Ipsita Koley, Soumyajit Dey, Debdeep Mukhopadhyay, Sachin Kumar Singh, Lavanya Lokesh, Shantaram Vishwanath Ghotgalkar","doi":"10.1145/3571287","DOIUrl":"https://doi.org/10.1145/3571287","url":null,"abstract":"Modern vehicles contain a multitude of electronic control units that implement software features controlling most of the operational, entertainment, connectivity, and safety aspects of the vehicle. However, with security requirements often being an afterthought in automotive software development, incorporation of such software features with intra- and inter-vehicular connectivity requirements often opens up new attack surfaces. Demonstrations of such security vulnerabilities in past reports and literature bring in the necessity to formally analyze how secure automotive control systems really are against adversarial attacks. Modern vehicles often incorporate onboard monitoring systems that test the sanctity of data samples communicated among controllers and detect possible attack/noise insertion scenarios. The performance of such monitors against security threats also needs to be verified. In this work, we outline a rigorous methodology for estimating the vulnerability of automotive CPSs. We provide a computer-aided design framework that considers the model-based representation of safety-critical automotive controllers and monitoring systems working in a closed loop with vehicle dynamics and verifies their safety and robustness w.r.t. false data injection attacks. Symbolically exploring all possible combinations of attack points of the input automotive CPS, the proposed framework tries to find out which sensor and/or actuation signal is vulnerable by generating stealthy and successful attacks using a formal method-based counter-example guided abstract refinement process. We also validate the efficacy of the proposed framework using a case study performed in an industry-scale simulator.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44210288","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A Two-Speed Synchronous Traffic Protocol for Intelligent Intersections: From Single-Vehicle to Platoon Crossing 智能交叉口的双速同步交通协议:从单车到排式交叉口
IF 2.3 Q1 Mathematics Pub Date : 2022-11-18 DOI: 10.1145/3571289
Daniel Markert, Alejandro Masrur
With progress in cooperative and autonomous driving, there is an increasing interest in intelligent intersections to replace conventional traffic lights and, thereby, improve traffic efficiency. To avoid accidents in such safety-critical systems, a traffic protocol needs to be implemented. In this article, we are concerned with synchronous traffic protocols, i.e., those that synchronize the arrival time of vehicles at the intersection. In particular, such protocols are normally conceived for homogeneous vehicles of approximately the same size/length. However, these do not extend well to heterogeneous vehicles, i.e., they lead to unviable requirements on the road infrastructure. To overcome this limitation, based on the observation that large/overlength vehicles like buses and trams are less frequent than passenger vehicles, we propose an approach that treats them as exceptions (rather than the rule) leading to a much more efficient design. In contrast to approaches from the literature, we implement a two-speed policy—with a high speed for drive-through and a low speed for turn maneuvers—and analyze both single-vehicle as well as fairness-based platoon crossing. To conclude, we perform detailed comparisons illustrating the benefits by the proposed approach.
随着合作驾驶和自动驾驶技术的进步,人们对智能十字路口的兴趣越来越大,以取代传统的交通信号灯,从而提高交通效率。为了避免在这些安全关键系统中发生事故,需要实现一个交通协议。在本文中,我们关注的是同步交通协议,即同步车辆到达十字路口时间的协议。特别是,这种协议通常是为大约相同尺寸/长度的同质车辆设计的。然而,这些不能很好地扩展到异构车辆,也就是说,它们导致对道路基础设施的不可行的要求。为了克服这一限制,基于对大型/超长车辆(如公共汽车和有轨电车)比客运车辆更少的观察,我们提出了一种将其视为例外(而不是规则)的方法,从而实现更有效的设计。与文献中的方法相比,我们实现了一种双速策略——高速通过,低速转弯——并分析了单车辆和基于公平性的队列穿越。最后,我们进行了详细的比较,说明了所提出的方法的好处。
{"title":"A Two-Speed Synchronous Traffic Protocol for Intelligent Intersections: From Single-Vehicle to Platoon Crossing","authors":"Daniel Markert, Alejandro Masrur","doi":"10.1145/3571289","DOIUrl":"https://doi.org/10.1145/3571289","url":null,"abstract":"With progress in cooperative and autonomous driving, there is an increasing interest in intelligent intersections to replace conventional traffic lights and, thereby, improve traffic efficiency. To avoid accidents in such safety-critical systems, a traffic protocol needs to be implemented. In this article, we are concerned with synchronous traffic protocols, i.e., those that synchronize the arrival time of vehicles at the intersection. In particular, such protocols are normally conceived for homogeneous vehicles of approximately the same size/length. However, these do not extend well to heterogeneous vehicles, i.e., they lead to unviable requirements on the road infrastructure. To overcome this limitation, based on the observation that large/overlength vehicles like buses and trams are less frequent than passenger vehicles, we propose an approach that treats them as exceptions (rather than the rule) leading to a much more efficient design. In contrast to approaches from the literature, we implement a two-speed policy—with a high speed for drive-through and a low speed for turn maneuvers—and analyze both single-vehicle as well as fairness-based platoon crossing. To conclude, we perform detailed comparisons illustrating the benefits by the proposed approach.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42594375","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
CASCADE: An Asset-driven Approach to Build Security Assurance Cases for Automotive Systems CASCADE:建立汽车系统安全保障案例的资产驱动方法
IF 2.3 Q1 Mathematics Pub Date : 2022-11-16 DOI: 10.1145/3569459
Mazen Mohamad, Rodi Jolak, Örjan Askerdal, Jan-Philipp Steghöfer, R. Scandariato
Security Assurance Cases (SAC) are structured arguments and evidence bodies used to reason about the security of a certain system. SACs are gaining focus in the automotive industry, as the needs for security assurance are growing in this domain. However, the state-of-the-arts lack a mature approach able to suit the needs of the automotive industry. In this article, we present CASCADE, an asset-driven approach for creating SAC, which is inspired by the upcoming security standard ISO/SAE-21434 as well as the internal needs of automotive Original Equipment Manufacturers (OEMs). CASCADE also differentiates itself from the state-of-the-art by incorporating a way to reason about the quality of the constructed security assurance case. We created the approach by conducting an iterative design science research study. We illustrate the results using the example case of the road vehicle’s headlamp provided in the ISO standard. We also illustrate how our approach aligns well with the structure and content of the ISO/SAE-21434 standard, hence demonstrating the practical applicability of CASCADE in an industrial context.
安全保证案例(SAC)是用于对某个系统的安全性进行推理的结构化论点和证据机构。随着汽车行业对安全保障的需求不断增长,SAC在汽车行业越来越受到关注。然而,现有技术缺乏能够满足汽车行业需求的成熟方法。在本文中,我们介绍了CASCADE,这是一种创建SAC的资产驱动方法,其灵感来自即将推出的安全标准ISO/SAE-21434以及汽车原始设备制造商(OEM)的内部需求。CASCADE还通过引入一种对构建的安全保证案例的质量进行推理的方式,将自己与最先进的技术区分开来。我们通过进行迭代设计科学研究创造了这种方法。我们使用ISO标准中提供的道路车辆前照灯的示例案例来说明结果。我们还说明了我们的方法如何与ISO/SAE-21434标准的结构和内容保持一致,从而证明了CASCADE在工业环境中的实际适用性。
{"title":"CASCADE: An Asset-driven Approach to Build Security Assurance Cases for Automotive Systems","authors":"Mazen Mohamad, Rodi Jolak, Örjan Askerdal, Jan-Philipp Steghöfer, R. Scandariato","doi":"10.1145/3569459","DOIUrl":"https://doi.org/10.1145/3569459","url":null,"abstract":"Security Assurance Cases (SAC) are structured arguments and evidence bodies used to reason about the security of a certain system. SACs are gaining focus in the automotive industry, as the needs for security assurance are growing in this domain. However, the state-of-the-arts lack a mature approach able to suit the needs of the automotive industry. In this article, we present CASCADE, an asset-driven approach for creating SAC, which is inspired by the upcoming security standard ISO/SAE-21434 as well as the internal needs of automotive Original Equipment Manufacturers (OEMs). CASCADE also differentiates itself from the state-of-the-art by incorporating a way to reason about the quality of the constructed security assurance case. We created the approach by conducting an iterative design science research study. We illustrate the results using the example case of the road vehicle’s headlamp provided in the ISO standard. We also illustrate how our approach aligns well with the structure and content of the ISO/SAE-21434 standard, hence demonstrating the practical applicability of CASCADE in an industrial context.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45140128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Security Risk Assessments: Modeling and Risk Level Propagation 安全风险评估:建模和风险水平传播
IF 2.3 Q1 Mathematics Pub Date : 2022-11-04 DOI: 10.1145/3569458
D. Angermeier, Hannah Wester, Kristian Beilke, Gerhard Hansch, Jörn Eichler
Security risk assessment is an important task in systems engineering. It is used to derive security requirements for a secure system design and to evaluate design alternatives as well as vulnerabilities. Security risk assessment is also a complex and interdisciplinary task, where experts from the application domain and the security domain have to collaborate and understand each other. Automated and tool-supported approaches are desired to help manage the complexity. However, the models used for system engineering usually focus on functional behavior and lack security-related aspects. Therefore, we present our modeling approach that alleviates communication between the involved experts and features steps of computer-aided modeling to achieve consistency and avoid omission errors. We demonstrate our approach with an example. We also describe how to model impact rating and attack feasibility estimation in a modular fashion, along with the propagation and aggregation of these estimations through the model. As a result, experts can make local decisions or changes in the model, which in turn provides the impact of these decisions or changes on the overall risk profile. Finally, we discuss the advantages of our model-based method.
安全风险评估是系统工程中的一项重要任务。它用于推导安全系统设计的安全要求,并评估设计备选方案和漏洞。安全风险评估也是一项复杂的跨学科任务,应用领域和安全领域的专家必须相互协作和了解。需要自动化和工具支持的方法来帮助管理复杂性。然而,用于系统工程的模型通常侧重于功能行为,而缺乏与安全相关的方面。因此,我们提出了我们的建模方法,该方法减轻了相关专家之间的沟通,并提供了计算机辅助建模的特征步骤,以实现一致性并避免遗漏错误。我们用一个例子来展示我们的方法。我们还描述了如何以模块化的方式对影响评级和攻击可行性估计进行建模,以及这些估计在模型中的传播和聚合。因此,专家可以对模型进行局部决策或更改,从而提供这些决策或更改对整体风险状况的影响。最后,我们讨论了基于模型的方法的优点。
{"title":"Security Risk Assessments: Modeling and Risk Level Propagation","authors":"D. Angermeier, Hannah Wester, Kristian Beilke, Gerhard Hansch, Jörn Eichler","doi":"10.1145/3569458","DOIUrl":"https://doi.org/10.1145/3569458","url":null,"abstract":"Security risk assessment is an important task in systems engineering. It is used to derive security requirements for a secure system design and to evaluate design alternatives as well as vulnerabilities. Security risk assessment is also a complex and interdisciplinary task, where experts from the application domain and the security domain have to collaborate and understand each other. Automated and tool-supported approaches are desired to help manage the complexity. However, the models used for system engineering usually focus on functional behavior and lack security-related aspects. Therefore, we present our modeling approach that alleviates communication between the involved experts and features steps of computer-aided modeling to achieve consistency and avoid omission errors. We demonstrate our approach with an example. We also describe how to model impact rating and attack feasibility estimation in a modular fashion, along with the propagation and aggregation of these estimations through the model. As a result, experts can make local decisions or changes in the model, which in turn provides the impact of these decisions or changes on the overall risk profile. Finally, we discuss the advantages of our model-based method.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49176055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Timing-Based Framework for Designing Resilient Cyber-Physical Systems under Safety Constraint 基于时序的安全约束下弹性网络物理系统设计框架
IF 2.3 Q1 Mathematics Pub Date : 2022-08-30 DOI: 10.1145/3594638
Abdullah Al Maruf, Luyao Niu, Andrew Clark, J. S. Mertoguno, R. Poovendran
Cyber-physical systems (CPS) are required to satisfy safety constraints in various application domains such as robotics, industrial manufacturing systems, and power systems. Faults and cyber attacks have been shown to cause safety violations, which can damage the system and endanger human lives. Resilient architectures have been proposed to ensure safety of CPS under such faults and attacks via methodologies including redundancy and restarting from safe operating conditions. The existing resilient architectures for CPS utilize different mechanisms to guarantee safety, and currently, there is no common framework to compare them. Moreover, the analysis and design undertaken for CPS employing one architecture is not readily extendable to another. In this article, we propose a timing-based framework for CPS employing various resilient architectures and develop a common methodology for safety analysis and computation of control policies and design parameters. Using the insight that the cyber subsystem operates in one out of a finite number of statuses, we first develop a hybrid system model that captures CPS adopting any of these architectures. Based on the hybrid system, we formulate the problem of joint computation of control policies and associated timing parameters for CPS to satisfy a given safety constraint and derive sufficient conditions for the solution. Utilizing the derived conditions, we provide an algorithm to compute control policies and timing parameters relevant to the employed architecture. We also note that our solution can be applied to a wide class of CPS with polynomial dynamics and also allows incorporation of new architectures. We verify our proposed framework by performing a case study on adaptive cruise control of vehicles.
网络物理系统(CPS)需要满足机器人、工业制造系统和电力系统等各种应用领域的安全约束。故障和网络攻击已被证明会导致安全违规,从而损坏系统并危及人类生命。已经提出了弹性架构,以通过包括冗余和从安全操作条件重启在内的方法来确保CPS在此类故障和攻击下的安全。现有的CPS弹性体系结构利用不同的机制来保证安全,目前还没有通用的框架来比较它们。此外,采用一种架构的CPS的分析和设计不容易扩展到另一种架构。在本文中,我们提出了一个基于时序的CPS框架,该框架采用了各种弹性架构,并开发了一种用于安全分析和计算控制策略和设计参数的通用方法。利用赛博子系统在有限数量的状态中的一种状态下运行的见解,我们首先开发了一个混合系统模型,该模型捕捉采用任何这些架构的CPS。基于混合系统,我们提出了CPS的控制策略和相关时序参数的联合计算问题,以满足给定的安全约束,并导出了求解的充分条件。利用导出的条件,我们提供了一种算法来计算与所采用的架构相关的控制策略和时序参数。我们还注意到,我们的解决方案可以应用于具有多项式动力学的广泛类别的CPS,并且还允许引入新的架构。我们通过对车辆自适应巡航控制进行案例研究来验证我们提出的框架。
{"title":"A Timing-Based Framework for Designing Resilient Cyber-Physical Systems under Safety Constraint","authors":"Abdullah Al Maruf, Luyao Niu, Andrew Clark, J. S. Mertoguno, R. Poovendran","doi":"10.1145/3594638","DOIUrl":"https://doi.org/10.1145/3594638","url":null,"abstract":"Cyber-physical systems (CPS) are required to satisfy safety constraints in various application domains such as robotics, industrial manufacturing systems, and power systems. Faults and cyber attacks have been shown to cause safety violations, which can damage the system and endanger human lives. Resilient architectures have been proposed to ensure safety of CPS under such faults and attacks via methodologies including redundancy and restarting from safe operating conditions. The existing resilient architectures for CPS utilize different mechanisms to guarantee safety, and currently, there is no common framework to compare them. Moreover, the analysis and design undertaken for CPS employing one architecture is not readily extendable to another. In this article, we propose a timing-based framework for CPS employing various resilient architectures and develop a common methodology for safety analysis and computation of control policies and design parameters. Using the insight that the cyber subsystem operates in one out of a finite number of statuses, we first develop a hybrid system model that captures CPS adopting any of these architectures. Based on the hybrid system, we formulate the problem of joint computation of control policies and associated timing parameters for CPS to satisfy a given safety constraint and derive sufficient conditions for the solution. Utilizing the derived conditions, we provide an algorithm to compute control policies and timing parameters relevant to the employed architecture. We also note that our solution can be applied to a wide class of CPS with polynomial dynamics and also allows incorporation of new architectures. We verify our proposed framework by performing a case study on adaptive cruise control of vehicles.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49433790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DeResolver: A Decentralized Conflict Resolution Framework with Autonomous Negotiation for Smart City Services DeResolver:一个具有自主协商的智能城市服务去中心化冲突解决框架
IF 2.3 Q1 Mathematics Pub Date : 2022-07-12 DOI: 10.1145/3529096
Yukun Yuan, Meiyi Ma, Songyang Han, Desheng Zhang, Fei Miao, J. Stankovic, Shan Lin
As various smart services are increasingly deployed in modern cities, many unexpected conflicts arise due to various physical world couplings. Existing solutions for conflict resolution often rely on centralized control to enforce predetermined and fixed priorities of different services, which is challenging due to the inconsistent and private objectives of the services. Also, the centralized solutions miss opportunities to more effectively resolve conflicts according to their spatiotemporal locality of the conflicts. To address this issue, we design a decentralized negotiation and conflict resolution framework named DeResolver, which allows services to resolve conflicts by communicating and negotiating with each other to reach a Pareto-optimal agreement autonomously and efficiently. Our design features a two-step self-supervised learning-based algorithm to predict acceptable proposals and their rankings of each opponent through the negotiation. Our design is evaluated with a smart city case study of three services: intelligent traffic light control, pedestrian service, and environmental control. In this case study, a data-driven evaluation is conducted using a large dataset consisting of the GPS locations of 246 surveillance cameras and an automatic traffic monitoring system with more than 3 million records per day to extract real-world vehicle routes. The evaluation results show that our solution achieves much more balanced results, i.e., only increasing the average waiting time of vehicles, the measurement metric of intelligent traffic light control service, by 6.8% while reducing the weighted sum of air pollutant emission, measured for environment control service, by 12.1%, and the pedestrian waiting time, the measurement metric of pedestrian service, by 33.1%, compared to priority-based solution.
随着各种智能服务越来越多地部署在现代城市中,由于各种物理世界的耦合,出现了许多意想不到的冲突。现有的冲突解决方案往往依赖于集中控制来强制执行不同服务的预定和固定优先级,由于服务的不一致和私人目标,这是具有挑战性的。此外,集中式解决方案根据冲突的时空位置错过了更有效地解决冲突的机会。为了解决这个问题,我们设计了一个名为DeResolver的去中心化协商和冲突解决框架,该框架允许服务通过相互沟通和协商来解决冲突,从而自主高效地达成Pareto最优协议。我们的设计采用了一种基于两步自监督学习的算法来预测谈判中每个对手的可接受提议及其排名。我们的设计是通过三项服务的智能城市案例研究进行评估的:智能红绿灯控制、行人服务和环境控制。在本案例研究中,使用由246个监控摄像头的GPS位置组成的大型数据集和每天有300多万条记录的自动交通监控系统进行数据驱动的评估,以提取真实世界的车辆路线。评估结果表明,我们的解决方案实现了更平衡的结果,即仅将智能红绿灯控制服务的测量指标车辆的平均等待时间提高了6.8%,同时将环境控制服务的空气污染物排放量和行人等待时间的加权和降低了12.1%,与基于优先级的解决方案相比,行人服务的衡量标准提高了33.1%。
{"title":"DeResolver: A Decentralized Conflict Resolution Framework with Autonomous Negotiation for Smart City Services","authors":"Yukun Yuan, Meiyi Ma, Songyang Han, Desheng Zhang, Fei Miao, J. Stankovic, Shan Lin","doi":"10.1145/3529096","DOIUrl":"https://doi.org/10.1145/3529096","url":null,"abstract":"As various smart services are increasingly deployed in modern cities, many unexpected conflicts arise due to various physical world couplings. Existing solutions for conflict resolution often rely on centralized control to enforce predetermined and fixed priorities of different services, which is challenging due to the inconsistent and private objectives of the services. Also, the centralized solutions miss opportunities to more effectively resolve conflicts according to their spatiotemporal locality of the conflicts. To address this issue, we design a decentralized negotiation and conflict resolution framework named DeResolver, which allows services to resolve conflicts by communicating and negotiating with each other to reach a Pareto-optimal agreement autonomously and efficiently. Our design features a two-step self-supervised learning-based algorithm to predict acceptable proposals and their rankings of each opponent through the negotiation. Our design is evaluated with a smart city case study of three services: intelligent traffic light control, pedestrian service, and environmental control. In this case study, a data-driven evaluation is conducted using a large dataset consisting of the GPS locations of 246 surveillance cameras and an automatic traffic monitoring system with more than 3 million records per day to extract real-world vehicle routes. The evaluation results show that our solution achieves much more balanced results, i.e., only increasing the average waiting time of vehicles, the measurement metric of intelligent traffic light control service, by 6.8% while reducing the weighted sum of air pollutant emission, measured for environment control service, by 12.1%, and the pedestrian waiting time, the measurement metric of pedestrian service, by 33.1%, compared to priority-based solution.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49349973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Model-bounded Monitoring of Hybrid Systems 混合系统的模型有界监测
IF 2.3 Q1 Mathematics Pub Date : 2022-04-25 DOI: 10.1145/3529095
Masaki Waga, É. André, I. Hasuo
Monitoring of hybrid systems attracts both scientific and practical attention. However, monitoring algorithms suffer from the methodological difficulty of only observing sampled discrete-time signals, while real behaviors are continuous-time signals. To mitigate this problem of sampling uncertainties, we introduce a model-bounded monitoring scheme, where we use prior knowledge about the target system to prune interpolation candidates. Technically, we express such prior knowledge by linear hybrid automata (LHAs)—the LHAs are called bounding models. We introduce a novel notion of monitored language of LHAs, and we reduce the monitoring problem to the membership problem of the monitored language. We present two partial algorithms—one is via reduction to reachability in LHAs and the other is a direct one using polyhedra—and show that these methods, and thus the proposed model-bounded monitoring scheme, are efficient and practically relevant.
混合系统的监测受到了科学和实践的双重关注。然而,监测算法存在方法上的困难,即只观察采样的离散时间信号,而实际行为是连续时间信号。为了减轻采样不确定性的问题,我们引入了一种模型有界监测方案,其中我们使用关于目标系统的先验知识来修剪插值候选。从技术上讲,我们用线性混合自动机(lha)来表达这种先验知识,lha被称为边界模型。我们引入了lha监控语言的概念,并将监控问题简化为监控语言的隶属性问题。我们提出了两种部分算法——一种是在lha中通过约简到可达性,另一种是使用多面体的直接算法——并表明这些方法以及由此提出的模型有界监测方案是有效的和实际相关的。
{"title":"Model-bounded Monitoring of Hybrid Systems","authors":"Masaki Waga, É. André, I. Hasuo","doi":"10.1145/3529095","DOIUrl":"https://doi.org/10.1145/3529095","url":null,"abstract":"Monitoring of hybrid systems attracts both scientific and practical attention. However, monitoring algorithms suffer from the methodological difficulty of only observing sampled discrete-time signals, while real behaviors are continuous-time signals. To mitigate this problem of sampling uncertainties, we introduce a model-bounded monitoring scheme, where we use prior knowledge about the target system to prune interpolation candidates. Technically, we express such prior knowledge by linear hybrid automata (LHAs)—the LHAs are called bounding models. We introduce a novel notion of monitored language of LHAs, and we reduce the monitoring problem to the membership problem of the monitored language. We present two partial algorithms—one is via reduction to reachability in LHAs and the other is a direct one using polyhedra—and show that these methods, and thus the proposed model-bounded monitoring scheme, are efficient and practically relevant.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42937640","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Automating Safety and Security Co-design through Semantically Rich Architecture Patterns 通过语义丰富的体系结构模式实现安全和安保的自动化协同设计
IF 2.3 Q1 Mathematics Pub Date : 2022-01-25 DOI: 10.1145/3565269
Yuri Gil Dantas, Vivek Nigam
During the design of safety-critical systems, safety and security engineers make use of architecture patterns, such as Watchdog and Firewall, to address identified failures and threats. Often, however, the deployment of safety architecture patterns has consequences on security; e.g., the deployment of a safety architecture pattern may lead to new threats. The other way around may also be possible; i.e., the deployment of a security architecture pattern may lead to new failures. Safety and security co-design is, therefore, required to understand such consequences and tradeoffs in order to reach appropriate system designs. Currently, architecture pattern descriptions, including their consequences, are described using natural language. Therefore, their deployment in system design is carried out manually by experts and thus is time-consuming and prone to human error, especially given the high system complexity. We propose the use of semantically rich architecture patterns to enable automated support for safety and security co-design by using Knowledge Representation and Reasoning (KRR) methods. Based on our domain-specific language, we specify reasoning principles as logic specifications written as answer-set programs. KRR engines enable the automation of safety and security co-engineering activities, including the automated recommendation of which architecture patterns can address failures or threats, and consequences of deploying such patterns. We demonstrate our approach on an example taken from the ISO 21434 standard.
在安全关键型系统的设计过程中,安全和安全工程师使用诸如Watchdog和Firewall之类的体系结构模式来处理已识别的故障和威胁。然而,安全体系结构模式的部署通常会对安全性产生影响;例如,安全体系结构模式的部署可能导致新的威胁。反过来也有可能;例如,安全体系结构模式的部署可能会导致新的故障。因此,需要安全性和安全性协同设计来理解这样的结果和权衡,以便达到适当的系统设计。目前,体系结构模式描述,包括它们的结果,都是使用自然语言描述的。因此,它们在系统设计中的部署是由专家手动执行的,因此非常耗时且容易出现人为错误,特别是考虑到高系统复杂性。我们建议使用语义丰富的体系结构模式,通过使用知识表示和推理(KRR)方法,实现对安全和安全协同设计的自动化支持。基于我们的领域特定语言,我们将推理原则指定为编写为回答集程序的逻辑规范。KRR引擎支持安全和安全协同工程活动的自动化,包括自动推荐哪些体系结构模式可以处理故障或威胁,以及部署这些模式的后果。我们通过取自ISO 21434标准的一个示例来演示我们的方法。
{"title":"Automating Safety and Security Co-design through Semantically Rich Architecture Patterns","authors":"Yuri Gil Dantas, Vivek Nigam","doi":"10.1145/3565269","DOIUrl":"https://doi.org/10.1145/3565269","url":null,"abstract":"During the design of safety-critical systems, safety and security engineers make use of architecture patterns, such as Watchdog and Firewall, to address identified failures and threats. Often, however, the deployment of safety architecture patterns has consequences on security; e.g., the deployment of a safety architecture pattern may lead to new threats. The other way around may also be possible; i.e., the deployment of a security architecture pattern may lead to new failures. Safety and security co-design is, therefore, required to understand such consequences and tradeoffs in order to reach appropriate system designs. Currently, architecture pattern descriptions, including their consequences, are described using natural language. Therefore, their deployment in system design is carried out manually by experts and thus is time-consuming and prone to human error, especially given the high system complexity. We propose the use of semantically rich architecture patterns to enable automated support for safety and security co-design by using Knowledge Representation and Reasoning (KRR) methods. Based on our domain-specific language, we specify reasoning principles as logic specifications written as answer-set programs. KRR engines enable the automation of safety and security co-engineering activities, including the automated recommendation of which architecture patterns can address failures or threats, and consequences of deploying such patterns. We demonstrate our approach on an example taken from the ISO 21434 standard.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2022-01-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44278879","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
From Lustre to Simulink 从Lustre到Simulink
IF 2.3 Q1 Mathematics Pub Date : 2021-07-29 DOI: 10.1145/3461668
Hamza Bourbouh, P. Garoche, C. Garion, X. Thirioux
Model-based design is now unavoidable when building embedded systems and, more specifically, controllers. Among the available model languages, the synchronous dataflow paradigm, as implemented in languages such as MATLAB Simulink or ANSYS SCADE, has become predominant in critical embedded system industries. Both of these frameworks are used to design the controller itself but also provide code generation means, enabling faster deployment to target and easier V&V activities performed earlier in the design process, at the model level. Synchronous models also ease the definition of formal specification through the use of synchronous observers, attaching requirements to the model in the very same language, mastered by engineers and tooled with simulation means or code generation. However, few works address the automatic synthesis of MATLAB Simulink annotations from lower-level models or code. This article presents a compilation process from Lustre models to genuine MATLAB Simulink, without the need to rely on external C functions or MATLAB functions. This translation is based on the modular compilation of Lustre to imperative code and preserves the hierarchy of the input Lustre model within the generated Simulink one. We implemented the approach and used it to validate a compilation toolchain, mapping Simulink to Lustre and then C, thanks to equivalence testing and checking. This backward compilation from Lustre to Simulink also provides the ability to produce automatically Simulink components modeling specification, proof arguments, or test cases coverage criteria.
在构建嵌入式系统,更具体地说,是控制器时,基于模型的设计现在是不可避免的。在可用的模型语言中,同步数据流范式,如在MATLAB Simulink或ANSYS SCADE等语言中实现的,已经在关键的嵌入式系统行业中占据主导地位。这两个框架都用于设计控制器本身,但也提供了代码生成方法,使更快的部署目标和更容易的V&V活动在设计过程的早期,在模型级别上执行。同步模型还通过使用同步观察者简化了正式规范的定义,用工程师掌握的相同语言将需求附加到模型上,并使用仿真手段或代码生成工具。然而,很少有作品解决了从低级模型或代码自动合成MATLAB Simulink注释的问题。本文介绍了从Lustre模型到真正的MATLAB Simulink的编译过程,不需要依赖外部C函数或MATLAB函数。这种转换是基于Lustre到命令式代码的模块化编译,并在生成的Simulink模型中保留了输入Lustre模型的层次结构。我们实现了这种方法,并使用它来验证编译工具链,通过等效测试和检查,将Simulink映射到Lustre,然后映射到C。这种从Lustre到Simulink的反向编译也提供了自动生成Simulink组件建模规范、证明参数或测试用例覆盖标准的能力。
{"title":"From Lustre to Simulink","authors":"Hamza Bourbouh, P. Garoche, C. Garion, X. Thirioux","doi":"10.1145/3461668","DOIUrl":"https://doi.org/10.1145/3461668","url":null,"abstract":"Model-based design is now unavoidable when building embedded systems and, more specifically, controllers. Among the available model languages, the synchronous dataflow paradigm, as implemented in languages such as MATLAB Simulink or ANSYS SCADE, has become predominant in critical embedded system industries. Both of these frameworks are used to design the controller itself but also provide code generation means, enabling faster deployment to target and easier V&V activities performed earlier in the design process, at the model level. Synchronous models also ease the definition of formal specification through the use of synchronous observers, attaching requirements to the model in the very same language, mastered by engineers and tooled with simulation means or code generation. However, few works address the automatic synthesis of MATLAB Simulink annotations from lower-level models or code. This article presents a compilation process from Lustre models to genuine MATLAB Simulink, without the need to rely on external C functions or MATLAB functions. This translation is based on the modular compilation of Lustre to imperative code and preserves the hierarchy of the input Lustre model within the generated Simulink one. We implemented the approach and used it to validate a compilation toolchain, mapping Simulink to Lustre and then C, thanks to equivalence testing and checking. This backward compilation from Lustre to Simulink also provides the ability to produce automatically Simulink components modeling specification, proof arguments, or test cases coverage criteria.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.3,"publicationDate":"2021-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/3461668","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47509264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
ACM Transactions on Cyber-Physical Systems
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1