Project Details
Program
Computer Science
Field of Study
Intrusion Resilience, Intrusion detection and prevention, Vehicular networks, CAN, Byzantine Fault Tolerance
Division
Computer, Electrical and Mathematical Sciences and Engineering
Faculty Lab Link
Center Affiliation
Resilient Computing and Cybersecurity Center
Project Description
A modern vehicle is composed of around 100 Electronic Control Unit (ECU) connected via several types of networks. An ECU is an embedded device, similar to a RaspberryPI, running an operating system, e.g., Linux-based or real-time OS, on top of which different software and firmware may run, depending on the application. Due to the imperfection of humans, software can have faults and intrusions, which can lead to catastrophic failures that threatens human lives. A Fault and Intrusion Resilient System (FIRS) is a vehicle middleware that can mask the effect of a failure or intrusion. Contrary to Intrusion Detection and Protection Systems, FIRS ensures the continuation of the function despite intrusions. FIRS works as follows: it allows an application to run different replicas on different ECUs simultaneously. For each function executed by the application, an agreement is collected from a majority of ECUs through the (in-vehicle) network, and the corresponding output is returned. As long as the majority is not compromised, the integrity of the returned output is guaranteed despite the existence of faults or intrusions in the rest of ECUs. We have an implementation of a FIRS protocol that we are experimenting on Omnet++ simulator.
About the Researcher
Paulo Esteves-Verissimo
Professor, Computer Science
Affiliations
Education Profile
- Ph.D., Electrical and Computer Engineering, University of Lisbon (PT), 1990
- MSc, Electrical and Computer Engineering, University of Lisbon IST (PT), 1984
- Lic., Electrical Engineering, University of Lisbon IST (PT), 1978
Research Interests
Professor Esteves-VerAssimo is currently interested in architectures, middleware and algorithms for resilient modular and distributed computing. It is increasingly believed that Resilient Computing will become the main paradigm for achieving secure and dependable operation of computer systems and networks in a near future, improving classic Cybersecurity techniques. This is due to important intrinsic characteristics of this B.o.K., such as: common approach to accidental and malicious faults/attacks; incremental and adaptive protection against polymorphic threat surfaces; elasticity, plasticity and sustainability. To this end, he investigates such paradigms and techniques reconciling security and dependability, as well as novel ways to apply them in order to achieve system resilience, in areas like: autonomous vehicles from earth to space; distributed control systems; digital health and genomics; SDN-based infrastructures; or blockchain and cryptocurrencies. His research is published in over 200 peer-refereed international publications and 5 international books. He was invited as well to present it in more than 70 keynote speeches or distinguished lectures at reputed venues. Esteves-VerAssimo also has a solid systems and engineering track record, having contributed to the design and engineering of several advanced industrial prototypes of distributed, fault-tolerant, secure or real-time systems, emerging from R&D projects he took part in.Selected Publications
- Jiangshan Yu, David Kozhaya, JA©rA©mie Decouchant, Paulo Esteves-VerAssimo. RepuCoin: Your Reputation is Your Power (2019). In IEEE Trans. on Computers, 68(8), 1225-1237.
- Kreutz, Diego; Ramos, F. M. V.; Verissimo, Paulo; Rothenberg, C. E.; Azodolmolky, S.; Uhlig, S. ""Software-Defined Networking: A Comprehensive Survey"", in Proceedings of the IEEE (2015), 103(1), 14-76.
- Giuliana Veronese, Miguel Correia, Alysson Bessani, Lau Lung, Paulo Verissimo, ""Efficient Byzantine Fault-Tolerance"", IEEE Tacs. on Computers, vol. 62, no. 1, Jan. 2013.
- Paulo Sousa, Alysson Bessani, Miguel Correia, Nuno Ferreira Neves, Paulo VerAssimo. Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery. IEEE Tacs. on Parallel and Distributed Systems. Apr. 2010.
- VerAssimo, P., Casimiro, A.: The timely computing base model and architecture. IEEE Tacs. on Computers, Special Issue on Asynchronous Real-Time Distr. Systems (2002).
- D. Powell, D. Seaton, G. Bonn, P. VerAssimo, and F. Waeselynk. The Delta-4 approach to dependability in open distributed computing systems. In N. Suri, C. Walter, and M. Hugue, editors, Adv. in Ultra-Dependable Distr. Sys. IEEE Computer Society, 1995.
Desired Project Deliverables
The goal of this project is to create a demo that validates the FIRS on a real hardware and software. The intern will build a small testbed of networked embedded devices, e.g., RaspberryPIs or ECUs. Two network types are of particular importance: (1) the widely used broadcast-based Control Area Network (CAN), can be built using RaspberryPIs and CAN transceivers; and (2) the more recent efficient Ethernet for Automotive that, as the name indicates, has similarities to the Ethernet protocols in IT networks. The objectives of the work are to understand how FIRS behaves empirically, build the small testbed for validation, and demonstrate the work in a sub-real environment.
Recommended Student Background
Embedded systems, e.g., Raspberry pi
CAN Vehicular networks
Vehicular software
Distributed Systems