TY - GEN
T1 - Sandboxing controllers for cyber-physical systems
AU - Bak, Stanley
AU - Manamcheri, Karthik
AU - Mitra, Sayan
AU - Caccamo, Marco
PY - 2011
Y1 - 2011
N2 - Cyber-physical systems bridge the gap between cyber components, typically written in software, and the physical world. Software written with traditional development practices, however, likely contains bugs or unintended interactions among components, which can result in uncontrolled and possibly disastrous physical-world interactions. Complete verification of cyber-physical systems, however, is often impractical due to outsourced development of software, cost, software created without formal models, or excessively large or complex models where the verification process becomes intractable. Rather than mandating complete modeling and verification, we advocate sandboxing of unverified cyber-physical system controllers by augmenting the system with a verified safety wrapper that can take control of the plant in order to avoid violations of formal safety properties. The focus of this work is an automatic method, based on reach ability and time-bounded reach ability of hybrid systems, to generate verified sandboxes. The method is shown to be both more general than previous work, and allows the trade-off of increased computation time for improved reach ability accuracy. We also present an end-to-end toolkit which performs the low-level computation to generate the sandbox source code from Simulink/State flow models of a cyber-physical system.
AB - Cyber-physical systems bridge the gap between cyber components, typically written in software, and the physical world. Software written with traditional development practices, however, likely contains bugs or unintended interactions among components, which can result in uncontrolled and possibly disastrous physical-world interactions. Complete verification of cyber-physical systems, however, is often impractical due to outsourced development of software, cost, software created without formal models, or excessively large or complex models where the verification process becomes intractable. Rather than mandating complete modeling and verification, we advocate sandboxing of unverified cyber-physical system controllers by augmenting the system with a verified safety wrapper that can take control of the plant in order to avoid violations of formal safety properties. The focus of this work is an automatic method, based on reach ability and time-bounded reach ability of hybrid systems, to generate verified sandboxes. The method is shown to be both more general than previous work, and allows the trade-off of increased computation time for improved reach ability accuracy. We also present an end-to-end toolkit which performs the low-level computation to generate the sandbox source code from Simulink/State flow models of a cyber-physical system.
KW - abstraction
KW - control
KW - cyber-physical systems
KW - hybrid systems
KW - verification
UR - https://www.scopus.com/pages/publications/79961140555
U2 - 10.1109/ICCPS.2011.25
DO - 10.1109/ICCPS.2011.25
M3 - Conference contribution
AN - SCOPUS:79961140555
SN - 9780769543611
T3 - Proceedings - 2011 IEEE/ACM 2nd International Conference on Cyber-Physical Systems, ICCPS 2011
SP - 3
EP - 12
BT - Proceedings - 2011 IEEE/ACM 2nd International Conference on Cyber-Physical Systems, ICCPS 2011
T2 - 2011 IEEE/ACM 2nd International Conference on Cyber-Physical Systems, ICCPS 2011
Y2 - 12 April 2011 through 14 April 2011
ER -