Funded programs 2020
1. Title: AI-assisted Air Traffic Control (ATC) Decision Aid (AADA)
PI: Alan Michaels
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: AADA is a decision aid for air traffic controllers meant to improve aircraft routing upon arrival/departure and alleviate stress on human controllers by highlighting areas of risk. Additionally, components of the system support ground control routing of planes on the tarmac, a likely earlier adopter of AI. At a high level, this system includes three components: AI Engine, Human Machine Interface (HMI), Security Engine. As of January 2020, all aircraft are required to equip Automatic Dependent Surveillance-Broadcast (ADS-B) in order to fly in most controlled airspaces. ADS-B broadcasts data obtained from the aircraft’s navigation system at a specified interval, providing situational awareness to both pilots and controller situational awareness to both pilots and controllers. The system, illustrated in Figure 2.46, will harness ADS-B signals as an input to the AI engine, and we will employ additional authentication or other security measures to ensure that the signal cannot be spoofed or manipulated. The decision aid is intended to act strictly as a supplemental tool for the human controller to inject helpful information into their normal process while not distracting the controller from their core duties. While the primary goal of this system is to improve safety at airports by reducing the potential for human error due to stress of fatigue, it would also allow us to review existing security protocols in ATC towers and associated CPS. Based on this review, additional security measures are required to safely enable the increased automation.
2. Title: Automated Methods to Identify CPS Attacks on Driverless Vehicles
PI: Javier Alcazar
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: CPSS is increasingly important in the fields of Autonomous and Automated Driving Technologies. Automating a CPS typically involves three robotic layers of sensing, planning, and acting. Computer algorithms are being used for each of these layers. Neural Networks (NNs) and deep learning (DL) are some of the algorithms within ML that can be found in the sensing layer. As an example, NVIDIA is a company promoting using NN for what is call an “end-to-end” solution in the autonomous driving field. End-to-end means the raw sensors inputs are fed into the NN which directly controls vehicle actuation (steering and throttle/brakes). Unfortunately, AI/ML are susceptible to cyber-attacks. Prototype automated vehicles, such as sedans, SUVs, trucks, and tractors, are increasingly relying their sensing on AI/ML. This project focuses on defending CPS in their decision-making from attack or deception, reduction of false alarms and cyber-attacks rates, and real-time situational awareness.
3. Title: Internet of Structures: Quantifying Cyber Security Risks for Connected Monitoring of Civil Structures
PI: None
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: Structural Health Monitoring (SHM), an active research field dedicated to the automation of civil infrastructure inspection. Although still far from achieving a fully connected network of structures, many civil structures are currently being monitored remotely, such as the Varina-Enon bridge near Richmond, VA. But what happens if the abnormal pattern is generated by a malicious, interfering device? Or if the interference occludes true damage patterns? If the data is hacked, would ambient vibrations due to traffic and pedestrians contain any information exploitable by a malicious entity? SHM systems are a new class of vulnerable CPS with unique concerns, illustrated by the above scenario. Their architecture, scale, context and use differ greatly from typical cyber-physical security targets, such as mobile phones, automobiles and wearable devices. This uniqueness requires a paradigm shift in how the security of these systems is approached, starting from the basic sensing strategies and algorithmic assumptions. As such, we propose the need for security strategies for the “Internet of Structures” (IoS), the network of connected buildings, bridges, dams, etc., that is the inevitable future of infrastructure inspection in smart cities. This research envisions three primary threat models to SHM systems: fault injection which falsely triggers a system’s damage detection protocol and causes the operator (usually a local government agency) to investigate; spoofing a baseline sensor signal, thereby occluding a physical attack on a structure which causes critical damage without an alarm; and eavesdropping, a side-channel attack whereby information about occupants, occupancy patterns and traffic patterns is inferred from unconventional processing of sensor data. All of threats are focused on unique vulnerabilities at the sensor, algorithm, and raw data levels. The research will leverage Goodwin Hall on VT’s campus as a full-scale, CPS test bed. Goodwin Hall is an instrumented smart building, with a building-wide structural monitoring network composed of 225 accelerometers, the largest vibrations monitoring platform of any building in the world. The network enables continuous tracking of the structural behavior for the purposes of damage detection. It also enables observation of occupant behavior through structural vibrations induced by footsteps, door openings, and other actions. This data has been used to track occupant location and classify occupant information. The building is a research model for what future smart buildings could look like. It presents an opportunity to explore the limits of CPS cyber security at a large scale, with complete flexibility.
4. Title: Novel Schemes for Ensuring Trustworthiness and Reliability of Crowd-sourced Frequency Occupancy Data in Spectrum Sharing Systems
PI: Carl Dietrich
Lead Institution: Virginia Tech
Co-PIs & Institution: Vijay Shah
Funding Program: FY20 Research
Summary: The overarching goal of this research project is to design and evaluate coordinated spectrum sharing approaches for the CCI-funded Vehicular testbed being developed at Virginia Tech. This is important because the user capacity and data rates supported by currently allocated frequencies in the 5.9 GHz band for vehicular communications may not be sufficient, and additional frequency bands may need to be utilized via coordinated spectrum sharing. Specifically, we plan to develop and assess secure and reliable novel schemes to enhance spectrum sharing by exploiting crowd-sourced spectrum occupancy information. These approaches, illustrated in Figure 2.47 will consider both the trustworthiness of the users who provide this information and the accuracy with which they are able to measure spectrum occupancy. However, such crowd-sourced approach is susceptible to two threats. First, usefulness of data is limited by the receiver sensitivity of the contributing users’ radio hardware. Second, malicious users could deliberately provide inaccurate data. This project proposes novel schemes that ensure the trustworthiness, reliability, and accuracy of crowdsourced spectrum occupancy data obtained from contributing users. Promising approaches include devising a hybrid scheme and applying the cell-division approach. Figure 2.47: (a)An open source spectrum access sharing system under development by Wireless@VT allows radio nodes to be configured and controlled in a geographic area (b) An example scheme for ensuring trustworthiness of crowdsourced data
5. Title: Polar Coding and Its Use in 5G
PI: Gretchen Matthews
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: Polar coding supports 5G technology with a new communication paradigm introduced in 2009. Polar codes have already been of immense value as the source of error correction in 5G wireless infrastructure and they have shown great potential in a diverse range of applications. However, there are key elements in their construction that are still poorly understood at finite length, which is required for actual implementation. The basic construction begins with a kernel matrix which decreases the error rate of some bits through the creation of synthetic channels, some of which are improved while others are degraded relative to the original channel. This polarizing effect is exaggerated by repeated tensoring to concentrate transmission errors into a few parity bits. Ultimately, some channels are near perfect (allowing nearly noiseless communication) while others must be discarded. This project aims to address issues arising from a disconnect between the theoretical construction of polar codes and their practical use and whose resolution stands to improve performance. In practical settings, errors are not randomly separated and can sometimes depend on prior bits in the codeword (a phenomenon known as intersymbol interference). Moreover, there is a need for flexible construction of kernel matrices for on-the-fly decisions about which channels should be discarded.
6. Title: Probabilistic and Evidence-based Insider Threat Reasoning and Detection for Critical Infrastructures
PI: Daphne Yao
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: Organizational insider threat detection has been a long-standing open problem, mainly due to excessive false alarms. For large organizations operating modern critical infrastructures (e.g., telecommunications, power and utilities, and transportations), the threat of insiders may cause serious operational disruption, besides data loss. This work aims to design and develop an accurate and easy-to-deploy solution for an organization to detect insider threat anomalies. Specifically, this project includes design and development of a probabilistic programming language-based insider threat reasoning and detection system. The system will provide the ability to sift through a huge amount of multi-dimensional data and logs and recognize outlier user activities by modeling and capturing uncertainties associated with human behaviors. Our approach will observe, learn, and detect abnormalities among interdependent events and user-actions within a learnable or customizable duration of time. Main features of the approach are high accuracy, plug-and-play deployment, and scalability. The novelty is in the probabilistic computational strategies for maximizing evidence and reducing false alarms, minimizing human guidance in training the detector, and the probabilistic programming language in the context of anomaly detection.
7. Title: Scalable Intelligent RAN System for Next-generation Mobile Networks
PI: Vijay Shah
Lead Institution: Virginia Tech
Co-PIs & Institution: Ying Wang
Funding Program: FY20 Research
Summary: The future generation mobile network is expected to support various types of services such as eMBB (enhanced Mobile Broadband), mMTC (massive Machine Type Communications), and URLLC (Ultra-Reliable and Low Latency Communications) and beyond, while at the same time fulfilling different QoS/QoE requirements. These requirements will be determined between the network operator and end-users with specifications of key performance indicators (KPIs), such as throughput, latency, connectivity, etc. As a service-based architecture, network slicing enables a diverse range of services to be accommodated in the same physical radio access network (RAN). To satisfy service requirements, the key is the placement of distributed RAN resources (e.g, spectrum, computation, memory resources etc.) that support dynamic customization of each slice. This proposal aims to architect a RAN-level intelligent system that dynamically predicts network progression and conducts network design strategies and auto-deployment within the network periodically through temporal data mining of the RAN behaviors. The proposed method observes the behavior of the network, translates the policy restrictions of service agreement, spectrum, and physical resources, and applies deep learning to optimize allocations of various RAN resources promptly. Comparing earlier network generations have been designed as general-purpose connectivity platforms with limited differentiation capabilities across use cases, 5G (and Next-G) intends to create an ecosystem for technical and business innovation involving vertical markets such as automotive, energy, healthcare, etc. Through abstracting the features of each scenario, our system adapts to meet the requirements from different fields and markets in an efficient way. The proposed transformative research will result in the following key technical innovations:
• An automated deep learning-based RAN framework that takes in input - the raw information from various 5G components, i.e., BS and Core, and requested QoS/QoE requirements by stakeholders, UEs and mobile virtual network operators (MVNO, defined as reseller for wireless communication services), and outputs in real-time
• A list of optimal 5G network design and deployment strategies that guarantees the QoS/QoE requirements for each UE and MVNO, under the dynamic and unpredictable wireless environment (channel conditions, interference, mobile UEs etc.). The proposed framework will be universal in the sense that it will be auto adaptive to a given 5G wireless scenario (e.g., rural vs urban areas)
8. Title: Security Analysis of Hardware Security Primitives Employed by IoT and Cyber-physical Systems
PI: Matthew Hicks
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: Underlying all cryptographic operations, whether they be encryption, integrity checks, or authentication, is a source of key material. Hardware is in a unique position to serve as a source of key material because, unlike software, it is influenced by chaos—both at manufacturing time and during operation. Research provides three hardware-level mechanisms for providing key material:
• Phase Locked Loops (PLLs) • Ring Oscillators (ROs) • Static Random-Access Memory (SRAM)
While it is clear is that the approach employed by commodity processors (i.e., PLLs) is ill-suited for ultra-low SWaP devices due to their reliance on special-purpose black-box hardware circuits that have a high latency and are high power, it is not clear what the landscape looks like between RO- and SRAM-based approaches. This is because research on RO- and SRAM-based hardware security primitives has bifurcated itself such that it ignores the other class of approach in their evaluation; this self-segregation holds for both defense and attack papers. The goal of this project is to examine the real-world trade-offs of the two most popular hardware security primitives suitable for ultra-low SWaP devices common to cyber-physical systems. The landscape analysis will include both defensive and attack constructions. To support the growth of cyber-related agricultural applications, SWVA CCI has a separate call for Cyberbiosecurity Grants. Figure 2.48 summarizes SWVA CCI Cyberbiosecurity Grants awarded in FY20. Project details follow: Figure 2.48: FY20 Cyberbiosecurity Grants.
9. Title: Agricultural Technology and Big Data: Perceptions From Stakeholders
PI: Tiffany Drape
Lead Institution: Virginia Tech
Co-PIs & Institution: Joseph Oakes; Trent Jones
Funding Program: FY20 Research
Summary: Agricultural technology and big data have revolutionized the food system. This large system creates millions of data points, populates the Internet of Things (IoT), and creates issues of cyberbiosecurity related to the big data that is generated. Stakeholder groups do not know what it means, what to do with it, how to manage it, or how to use it for communications with their stakeholder groups and consumers. Stakeholder groups in agriculture often miss out on opportunities to talk among each other, create a lexicon of words that all can agree on, and educate one another about the aspects they value, what they deem important, and how it can affect purchasing behavior or usage statistics. This project lies within these spaces, at the nexus of stakeholder groups, looking to create synergistic relationships in order to not only spread the land grant mission, but educate multiple stakeholder groups in the advancement of the agriculture industry. Using the SmartFarm Innovation Network and partnering with community college and industry partners, this project analyzes the lens that stakeholder groups operate under related to cyberbiosecurity and big data.
10. Title: An Educational Primer for Foundational Concepts of CyberbioSecurity – In Support of Empowering Agricultural Educators
PI: Hannah Scherer
Lead Institution: Virginia Tech
Co-PIs & Institution: Donna Westfall-Rudd; Erika Bonnett; Joseph Simpson; Karen Vines; Susan Duncan
Funding Program: FY20 Research
Summary: Generally, small agricultural operations do not have the benefit of dedicated information technology support that is focused on maintenance of cybersecurity. This leaves our seed and plant/crop agribusinesses, animal breeding and production enterprises, food processing, and retail industries, and the associated supply chain vulnerable to cyber-attack as the weakest links within the food system. Our agriculture and food system needs a trained workforce at the interface of life sciences and biosecurity, physical systems, and cybersecurity: cyberbiosecurity. Agricultural education, in formal and non-formal contexts, is an essential component of the pipeline into agricultural careers, but cybersecurity is just emerging as a topic in these programs. Within rural communities, contextualizing cybersecurity within the agriculture and food system represents a unique opportunity to spark interest in the emerging field of cyberbiosecurity. A majority of the food production and agribusinesses that support the agricultural industry are situated in rural environments. 4-H and school agricultural programs in rural areas provide youth hands-on opportunity to explore STEM careers associated with this industry. However, existing programs integrating cybersecurity with life sciences applications are significantly lacking, limiting the potential for educators [university faculty, extension specialists and agents, middle school and high school educators] to enter into youth evelopment in cyberbiosecurity. This project designs strategies and supporting materials for translating important concepts of relevance to cyberbiosecurity and overarching concepts of life science in the context of education, including: designing foundational documents that facilitate entry level concept understanding, language, and operational use; characterizing design elements needed for open educational resources. In particular, this project will develop an interdisciplinary primer describing the basic elements of the nascent cyberbiosecurity space. This will be accomplished by integrating terminology of relevance for biosecurity, cybersecurity, and cyber-physical security in context with life science, agriculture, and education and identifying and creating conceptual templates for Open Education Resources and FACT sheets targeted for middle school youth.
11. Title: Integrated Implementation of Real-time Monitoring Tools, Data Analytics, and Treatment Technologies in Soilless Agriculture
PI: Kang Xia
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: Soilless agriculture based on large scale hydroponic systems has becoming increasingly popular because it is considered as environmentally friendly agriculture. Soilless agriculture has the potential for crop production all-year round in climate-conditioned facilities, less transportation costs, reduced land area and quality requirement, greater control of food safety and biosecurity, and substantially reduced inputs with respect to water supply, pesticides, herbicides, and fertilizers. Hydroponic systems therefore represent an ideal application context for Smart Agriculture that requires various cutting edge cyber-physical system technologies and data analytics services. Integrated implementation of real-time monitoring tools, data analytics, and treatment technologies would clearly help improve timely decision on treatment and reuse of the exhausted hydroponic solutions at the end of a productive cycle. Ultimately, it would result in water and fertilizer savings, safer produce for human consumption, and less negative environmental impact on the affected water and soil resources. Seed funding is requested to work with the newly established Controlled Environment Agriculture Innovation Center in Danville to accomplish the following objectives: initiate research integrating real-time water monitoring tools, data analytics, and treatment technologies; establish collaborative experiential learning opportunities between the undergraduate students enrolled in Computer Science and Information Technology Program at Danville Community College and those major in Environmental Sciences at Virginia Tech, both institutions part of SWVA CCI; and facilitate connections and collaborations with private companies in SWVA.
12. Title: Technology Driven Tools for Horse Owners, Trainers and Riders
PI: Sally Johnson
Lead Institution: Virginia Tech
Co-PIs & Institution: Jay Williams; Tait Golightly
Funding Program: FY20 Research
Summary: Nutrient requirements of adult working horses are dated and poorly defined owing to an absence of metabolic data underlying performance measures. The Middleburg Agricultural Research and Extension (MARE) Center, located in the Northern Virginia technology corridor, is uniquely positioned to fill this void by developing new predictive models that couple workload with nutrient intake and metabolic outputs. Relying on inertial sensors and high-speed cameras, the big data phenotyping project will provide the basis for workload modeling efforts that define nutrient requirements for horses. The objective of the grant is to develop a smart app at the intersection of equine exercise and nutrition, provide experiential learning opportunities for engaged students, handle data captured with inertial sensors and high-speed cameras and transmitted to local and cloud storage devices for access by Blacksburg and MARE Center scientists for analysis. Additional benefits are continued partnership with the companies provides a solid foundation for development of commercial equine monitor, asynchronous learning opportunities that breach location and time barriers for students of all ages, and understanding the needs and expectations of the current student generation to accelerate design of appropriate on-line STEM learning modules.
13. Title: Ultra-low and Multiscale Latency 5G
PI: Tom Hou
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: We aim to implement a private 5G cellular network to support research for secure CPS, thus providing a model that can be propagated throughout the CCI Network to create cellular networks for other nodes specifically designed with extra security and robustness and creating an even larger scale network that would attract partners across the base of Virginia technology companies and potential sponsors. This will enable the nodes to demonstrate the utility of the testbed, supported by skilled researchers who know how to use it, drawing local and distant industries to support their R&D efforts. The intellectual property resulting, such as new security approaches, mechanisms for rapid deployment and management, and specific network slices could become valuable to Virginia-based start-up companies. Low latency solutions are essential to the military who may seed commercial industries to restart U.S. manufacturing of wireless infrastructure.
14. Title: 5G Energy Slice and Securing the Power Grid
PI: Chen-Ching Liu
Lead Institution: Virginia Tech
Co-PIs & Institution: Ali Mehrizi-Sani, Dushan Boroyevich (VT)
Funding Program: FY20 Research
Summary: The US power grid is a critical infrastructure that still relies on a slow and inefficient supervisory control and data acquisition systems for monitoring, control, and operation. On top of the power infrastructure reside layers of information and communications technology that are interconnected with electric grids, constituting a large, complex cyber-physical system. As the power infrastructure has evolved into one with highly connected network environments, the use of firewalls has become a widely adopted access control method against intruders, but firewalls themselves do not guarantee cybersecurity. Consequently, the utility companies are now considering the transition from their current dedicated communication lines to 5G networks not only to address the above mentioned, but also to accommodate large numbers of devices and massive amounts of information within the Internet of Energy (IoE) concept. Moreover, the unrelenting progress in the power electronics field has been the primary reason for massive deployment of renewable energy resources over the past several decades, silently insinuating the necessity for serious revision of conventional practices in electricity production, distribution, and consumption at all levels – from portable electronics to power grid itself. It will not be long before all human energy needs are dominantly provided by electricity and delivered through the power electronics converters functioning as energy routers. Recent reports by the White House suggest that power grid outages cost the U.S. economy $18B to $33B annually. The U.S. utilities already spend between $1M to $10M annually on cybersecurity to meet the NERC (North American Electric Reliability Corporation) standards. However, due to the growing sophistication of computer hacking, there is an increasing need for technologies to secure the power grid. The legacy nature of both physical and cyber layers of the power system provides opportunities that we will pursue and challenges we will address. These include cybersecurity threats, high penetration of distributed and renewable energy systems, low inertia operation of the power system, advanced information and communication technologies as well as physical security issues including intrusions and sabotage and extreme weather events in which the rapidly expanding connectivity leaves the power system prone to cyberattacks. By building a modular testbed, with potential for expansion in future, we can assess the impact of cybersecurity threats and performance of their mitigation methods.
15. Title: Transportation and Secure Communication between Autonomous Systems
PI: None
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY20 Research
Summary: Autonomous vehicles are expected to penetrate the marketplace in the next few years, yet studies have shown than hackers can cause harm to autonomous vehicle occupants, and have demonstrated the feasibility of attacking vulnerable automotive systems. Safety threats might be mitigated if one could quickly identify attacks, but it is not clear that traditional cybersecurity threat detection approaches are well-suited to connected and autonomous vehicles. Secure 5G communications may be the key to unlock the promise of autonomous transportation systems. Low-latency, security, and reliability are clearly necessary for the transportation sector, where lives and livelihoods are on the line. Other concerns with connected and autonomous include confidentiality (privacy of driver information and locations), integrity (of firmware and onboard data between sensors), and availability (risk of denial of service as attackers render a connected car non-responsive, even while driving). All of these add up to a large public safety risk and will hinder the adoption of the technology if breakthroughs are not made soon. There are several communications protocols used or planned today, the two most common are Digital Short Range Communications (DSRC) and Cellular Vehicle to Everything (C-V2X) which will run over 5G. Security is lacking across both protocols. We will test autonomous vehicle security through the 5G network, connecting with the 5G testbed and autonomous vehicle research facilities, allowing for remote testing capability that could simulate and perhaps actually perform end to end remote testing of autonomous vehicle security.