The Game of Drones

We are increasingly surrounded by interconnected embedded systems, which collect sensitive information, and perform safety-critical operations.

Most embedded systems perform simple tasks upon reception of a command, in a predefined manner. However, in recent years, embedded systems have been increasingly designed to carry out autonomous collaborative tasks.

Networks of autonomous embedded systems, such as, vehicular ad-hoc networks, robotic factory workers, search/rescue robots, and drones, are already being used for performing urgent, tiresome, and critical tasks with minimal human intervention.

For example, drones are (envisioned to be) used for various tasks, such as search and rescue, construction site management, security and surveillance, cargo delivery, and natural disasters prediction and warning.

The autonomous operation of autonomous systems over light-weight and constrained embedded devices requires a rethinking of data acquisition and computational tasks. More specifically, such systems must be designed with the efficiency of the data collection and processing in mind. The main challenges are:

Given the practical communications and energy constraints of these autonomous systems, they require their data acquisition to be tightly integrated with the sensing platform. In other words, instead of blindly collecting massive amounts of data, the data acquisition problem must address an active component of information acquisition, learning, and tracking.
Given the practical hardware and energy constraints, the data analytics, inference, learning, and computations are required to be tightly integrated with the hardware (processors, memory architectures, etc). This integration of the hardware and the structure of the data into the design of the algorithms is an essential feature of these systems.
Given the complexity of the design space and scalability requirements of the applications, the integration of data collection and analytics with the machine and sensor platforms must follow a design automation framework.

The interconnection of such systems poses a formidable security challenge, as it increases their susceptibility to attacks, and magnifies the consequences of the success of such attacks.

Attacks against autonomous and collaborating systems can be launched:

exploits: inject malicious code (e.g., Stuxnet, Jeep hack, and HVAC attack) and/or subverting the normal execution of a benign program (e.g., code-reuse attacks) and execute a malicious behaviour. For instance, a memory corruption flaw was found in the embedded webserver software used by over 200 different embedded device models.
adversarial artificial intelligence: since more and more intelligence is built into embedded systems. Recent results on adversarial machine learning have shed light on a new and largely unexplored surface for malicious attacks jeopardizing the reliability of artificial intelligence model and machine learning models.

The goal of this project is to design collaborative autonomous systems that are resilient to classical exploits as well as adversarial artificial intelligence mentioned above.

Current projects

To reach our goals there are a number of challenges to tackle. Our work is currently focusing on the following:

Active Learning, Search, and Tracking: This project considers the problem of noisy search and tracking of a set of potentially moving targets (e.g., lost persons or animals) by a networked collection of small and low cost unmanned aerial vehicles and drones who have the ability to control and orchestrate the inspection sequence of sub-regions of the total search area.
Security architectures for embedded devices: This project consider lightweight security architectures that provide a variety of hardware-based security features for real-time embedded devices such execution-aware memory protection, local and remote attestation, and secure boot.
Swarm attestation: Ensuring software integrity (including OS, apps, and configurations) on smart devices is essential to guarantee both privacy and safety. A distinct emerging security service to protect the software integrity of embedded devices is remote attestation: A process that allows a remote verifier to validate the integrity of the software of a device. While individual device attestation concerns single devices, efficient and secure attestation of large network of devices remains a challenging problem. This project considers the scalable attestation schemes and their application of swarm of drones.
Resilient security: Today's computer systems are increasingly connected to cyberphysical systems bringing together security and safety critical tasks. Dependable solutions aim at fault-tolerant schemes to guarantee the correct functionality and meet the safety goals of the underlying system. However, they do not typically consider malicious attacks. This project considers resiliency aspects for both faults and malicious attacks so that a collaborative system can provide its functionality even if a part of the system (a subset of devices) are under the adversary’s control.
Robust AI: As the first step this project is considers novel end-to-end computing framework and tools for characterizing the assurance and thwarting adversarial space in machine learning. The framework protects neural networks against adversarial samples, which are perturbed inputs carefully crafted by malicious entities to mislead the underlying DL model. The precursor for the proposed methodology is a set of new quantitative metrics to assess the vulnerability of various deep learning architectures to adversarial samples.

Publications

Bita Darvish Rouhani, Mohammad Samragh, Tara Javidi, and Farinaz Koushanfar. CuRTAIL: ChaRacterizing and Thwarting AdversarIal deep Learning. ArXiv preprint. September 2017.
Ahmad-Reza Sadeghi, Matthias Schunter, Ahmad Ibrahim, Mauro Conti, Gregory Neven. SANA: Secure and Scalable Aggregate Network Attestation. In: 23rd ACM Conference on Computer and Communications Security (CCS) 2016. October 2016.
Ahmad Ibrahim, Ahmad-Reza Sadeghi, Gene Tsudik, Shaza Zeitouni. DARPA: Device Attestation Resilient to Physical Attacks. In: ACM WiSEC 2016. July 2016.
Nadarajah Asokan, Ferdinand Brasser, Ahmad Ibrahim, Ahmad-Reza Sadeghi, Matthias Schunter, Gene Tsudik, Christian Wachsmann. SEDA: Scalable Embedded Device Attestation. In: 22nd ACM Conference on Computer and Communications Security (CCS). October 2015.
Ferdinand Brasser, Patrick Koeberl, Brahim El Mahjoub, Ahmad-Reza Sadeghi, Christian Wachsmann. TyTAN: Tiny Trust Anchor for Tiny Devices. In: 52nd Design Automation Conference (DAC) 2015. June 2015.
Patrick Koeberl, Steffen Schulz, Ahmad-Reza Sadeghi, Vijay Varadharajan. TrustLite: A Security Architecture for Tiny Embedded Devices. In: European Conference on Computer Systems (EuroSys). April 2014.

Principal Investigators

Ahmad-Reza Sadeghi, Technische Universität Darmstadt.
Ahmad's expertise includes trusted and secure computing and security and privacy for Internet of Things.

Farinaz Koushanfar, University of California San Diego (UCSD).
Farinaz's expertise includes data analytics in constrained settings, embedded systems security, and robust machine learning.

Tara Javidi, University of California San Diego (UCSD).
Tara's expertise includes statistical analysis and robust machine learning.

Partners

Contacts

Email
Phone +49 (0)6151 16 - 25328
Address Mornewegstrasse 32
D-64293 Darmstadt
Germany