Oleg Sokolsky

Robust Medical Monitor Design

Summary form only given. With recent advances in low-power low-cost communication, sensing, and actuation technologies, Medical Cyber Physical Systems (MCPS) have revolutionized automated medical diagnostics and care. With this revolution, dawns a new era of medical monitoring where fusing measurements from multiple devices provides unprecedented early detection of critical conditions. However, often explicit models and/or rich training data relating available measurements to the critical conditions are unavailable or impractical. Under these troublesome scenarios, this tutorial presents a parameter invariant approach to medical monitor design which has been successful in developing monitors for conditions related to hypoxia, diabetes, and hypovolemia. Owing its mathematical origin to the robust radar signal processing literature, the parameter-invariant approach to medical monitor design is presented as consisting of three parts: (1) foundations of parameter-invariant design, (2) modeling physiological processes for monitoring, and (3) constant false alarm rate (CFAR) testing. To illustrate each component, the tutorial makes extensive use of case study monitors related to medical alarms for hypoxia, hypovolemia, and hypoglycemia.

Demo abstract: Synthesis of platform-aware attack-resilient vehicular systems

Over the past decade, the design process in the automotive industry has gone through a period of significant changes. Modern vehicles present a complex interaction of a large number of embedded Electronic Control Units (ECUs), interacting with each other over different types of networks. Furthermore, there is a current shift in vehicle architectures, from isolated control systems to more open automotive architectures with new services such as vehicle-tovehicle communication, and remote diagnostics and code updates. However, this increasing set of functionalities, network interoperability, and complexity of the system design may introduce security vulnerabilities that are easily exploitable. Typically, modern vehicular control systems are not built with security in mind. As shown in [1], attackers can easily disrupt the operation of a car to either disable the vehicle or hijack it, giving the attacker a large control capability over the system. This problem is even more emphasized with the rise of vehicle autonomy; hence, criticality analysis for automotive components must be completely re-done. To address these issues, we have introduced a design framework for development of high-confidence vehicular control systems that can be used in adversarial environments. The framework employs control system design techniques (control-level defenses) that guarantee that the vehicle will maintain control, possibly at a reduced efficiency, under a variety of externally-originating attacks on sensors, actuators, and communication and computation resources. In the system development phase, we provide code-level defenses that prevent injection of malicious code into the operation of the controller itself. Using a formal representation of execution and code generation semantics, we remove the uncertainty from the code generation process and provide secure code synthesis for the derived controllers.

RT-OpenStack: a Real-Time Cloud Management System

Clouds have become appealing platforms for running not only general-purpose applications but also real-time applications. However, current clouds cannot provide real-time performance for virtual machines (VM) for two reasons: (1) the lack of a real-time virtual machine monitor (VMM) scheduler on a single host, and (2) the lack of a real-time aware VM placement scheme by the cloud manager. While real-time VM schedulers do exist, prior solutions employ either heuristics-based approaches that cannot always achieve predictable latency or apply realtime scheduling theory that may result in low CPU utilization. We observe the demand and advantage for co-hosting real-time (RT) VMs with non-real-time (regular) VMs in the same cloud. On the one hand, RT VMs can benefit from the easily deployed, elastic resource provisioning provided by a cloud; on the other hand, regular VMs can fully utilize the cloud without affecting the performance of RT VMs through proper resource management at both the cloud and hypervisor levels. This paper presents RT-OpenStack, a cloud management system for co-hosting both real-time and regular VMs. RT-OpenStack entails three main contributions: (1) integration of a real-time hypervisor (RT-Xen) and a cloud management system (OpenStack) through a realtime resource interface; (2) an extension of the RT-Xen VM scheduler to allow regular VMs to share hosts with RT VMs without jeopardizing the real-time performance of RT VMs; and (3) a VM-to-host mapping strategy that provisions real-time performance to RT VMs while allowing effective resource sharing among regular VMs. Experimental results demonstrate that RTOpenStack can support latency guarantees for RT VMs, and at the same time let regular VMs fully utilize the remaining CPU resources.