Defending Cyber-Physical Systems using Federated Learning of Physical Models

Abstract

Project Abstract Cyber-physical systems (CPS), or systems that interact with the physical world through sensory input and cyber-control systems, are becoming increasing ubiquitous. Such systems are often deployed in safety-critical scenarios, e.g., managing power generation and delivery, controlling manufacturing processes, or coordinating automotive systems. As opposed to traditional cyber-systems, physical faults can easily lead to human harm, sometimes on a large scale. Therefore, the reliability, integrity, and availability of physical processes and their control are of paramount concern. We propose to defend cyber-physical systems through two complementary research thrusts: Inferring physical models for cyber-physical systems and federated learning. The goal of the model inference thrust is to identify behavioral models of cyber-physical systems that characterize the system s physical aspects. However, instead of deriving the physical model from engineering blueprints or expert knowledge, we propose to treat the physical process as a black box. We then learn models from observations of the CPS that are augmented with physical constraints that apply for the process under analysis (e.g., maximum values for velocity, acceleration, or other physical dimensions). Messages can then be identified as malicious if they would drive the inferred model into a state that violates the underlying physical constraints. Learning physical models will provide operators with real-time feedback of anomalous and potentially malicious control commands and sensory inputs to cyber-physical systems. However, machine learning in adversarial contexts -- that is, one in which attackers can supply inputs to the protected system that are evaluated by the model, and where an attacker might have knowledge of the model parameters -- has important limitations such as scarcity of training data and concept drift. We propose to address these concerns using federated learning. The intuition behind federated learning is that global information can compensate for local deficiencies. In particular, federated learning involves the use of inputs, behaviors, and models gathered from outside the local system. We propose several instantiations of this idea to provide (i) distributed identification of "black sheep," or systems that behave differently from a community of similar systems (a "flock"); flock behavior as a mechanism for suppressing local false positives; and, compensation for local training data scarcity. Protecting existing and next-generation cyber-physical systems will require significant research that is informed by real-world issues such as limited resources and real-time constraints. Our proposed approach integrates high-fidelity physical models for local cyber-physical systems with federated learning that exploits global information for improved detection capability and minimal false positives. This novel approach will fill a crucial gap in our ability to defend the cyber-physical systems that power our infrastructure and our society.

Document Details

Document Type

DoD Grant Award

Publication Date

Jan 04, 2017

Source ID

N000141712011

Entities

Tags