Final Report Abstract

Modern society increasingly depends on the so-called Cyber-Physical Systems (CPS), such as self-driving cars, surgical robots, but also the systems comprising our power-distribution network or controlling our fresh-water supply and waste-water removal. CPS are networked computer systems with the ability to control elements of the physical world, and as the above examples show, some are quite sensitive and must operate safely and securely, even in the presence of accidental faults or cyberattacks and, in particular, if such attacks are successful in compromising parts of the system. The ByzRT project set out to develop new protocols and tools by which CPS can withstand and safely operate through such cyberattacks. While such tools already existed for naturally occurring faults and for cyber-only systems, the possibility of an adversary aiming at actively taking control over critical functionality and the fact that CPS interact with the real world created a set of interesting challenges. One such major challenge stems from the requirement to respond within a given time to control physical processes (e.g, engaging the brake well before driving into an obstacle). This dependence on time makes CPS particularly vulnerable to cyberattacks and opens time as a new attack vector. Through this joint project, we were able to advance the state-of-the-art in several aspects. We developed novel communication protocols that guarantee delivery of messages within a bounded amount of time, even if some nodes have been compromised. We developed protocols for coping with highly dynamic situations, like when vehicles cross an intersection, where the number of nodes (vehicles) and hence the number of potentially faulty nodes cannot be known in advance. In one strand of work in our project, we formally verified one such protocol, to assure its correctness to the highest standard known to mankind today. ByzRT was conceived as a project to conduct foundational research on the interplay between real-time systems and measures for tolerating attacks. As such, the main impacts generated from this project are the knowledge gained and the advancement of science. However, we have also seen several potential applications, including resilient autonomous driving, which among other things has spawned industry interest by Huawei on the development of resilience measures for the controller component and for the communication over field busses. Resilience in general and for real-time and cyber-physical systems in particular, are important aspects to consider as misuse of control by adversaries can have devastating consequences. ByzRT contributed to both by developing essential mechanisms and by demonstrating in real-life application scenarios how the developed technologies can be applied.

Publications

• PISTIS: An Event-Triggered Real-Time Byzantine-Resilient Protocol Suite. IEEE Transactions on Parallel and Distributed Systems, 32(9), 2277-2290.
  Kozhaya, David; Decouchant, Jeremie; Rahli, Vincent & Esteves-Verissimo, Paulo
  
• Randomization as Mitigation of Directed Timing Inference Based Attacks on Time-Triggered Real-Time Systems with Task Replication. Leibniz Transactions on Embedded Systems, 7(1):01:1–01:29
  Kristin Krüger, Nils Vreman, Richard Pates, Martina Maggio, Marcus Völp & Gerhard Fohler
  
• Tolerating Resource Exhaustion Attacks in the Time-Triggered Architecture. 2022 XII Brazilian Symposium on Computing Systems Engineering (SBESC), 1-8. IEEE.
  Alkoudsi, Mohammad Ibrahim; Fohler, Gerhard & Volp, Marcus
  
• A Network-Agnostic Approach to Enforcing Collision-Free Time-Triggered Communication. 2023 IEEE 28th Pacific Rim International Symposium on Dependable Computing (PRDC), 71-77. IEEE.
  Alkoudsi, Mohammad Ibrahim; Fohler, Gerhard & Völp, Marcus
  
• Enhancing the Reliability of Perception Systems using N-version Programming and Rejuvenation. 2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), 149-156. IEEE.
  Mendonça, Júlio; Machida, Fumio & Völp, Marcus
  
• Exploiting WCET Derivation for Timing Attacks in Real-Time Systems. Technical report, University of Kaiserslautern and University of Luxembourg and University of Augsburg
  Kristin Krüger, Marcus Völp, Sebastian Altmeyer, Federico Lucchetti & Gerhard Fohler
  
• Confirmed-Location Group Membership for Intrusion-Resilient Cooperative Maneuvers. 2024 IEEE 99th Vehicular Technology Conference (VTC2024-Spring), 01-07. IEEE.
  Mendonça, Júlio; Asl, Azin Bayrami; Lucchetti, Federico & Völp, Marcus