Justin Ruths

Sahand Hadizadeh Kafash, Jairo Giraldo, Carlos Murguia et al.

For LTI control systems, we provide mathematical tools - in terms of Linear Matrix Inequalities - for computing outer ellipsoidal bounds on the reachable sets that attacks can induce in the system when they are subject to the physical limits of the actuators. Next, for a given set of dangerous states, states that (if reached) compromise the integrity or safe operation of the system, we provide tools for designing new artificial limits on the actuators (smaller than their physical bounds) such that the new ellipsoidal bounds (and thus the new reachable sets) are as large as possible (in terms of volume) while guaranteeing that the dangerous states are not reachable. This guarantees that the new bounds cut as little as possible from the original reachable set to minimize the loss of system performance. Computer simulations using a platoon of vehicles are presented to illustrate the performance of our tools.

Carlos Murguia, Iman Shames, Justin Ruths et al.

As more attention is paid to security in the context of control systems and as attacks occur to real control systems throughout the world, it has become clear that some of the most nefarious attacks are those that evade detection. The term stealthy has come to encompass a variety of techniques that attackers can employ to avoid being detected. In this manuscript, for a class of perturbed linear time-invariant systems, we propose two security metrics to quantify the potential impact that stealthy attacks could have on the system dynamics by tampering with sensor measurements. We provide analysis mathematical tools (in terms of linear matrix inequalities) to quantify these metrics for given system dynamics, control structure, system monitor, and set of sensors being attacked. Then, we provide synthesis tools (in terms of semidefinite programs) to redesign controllers and monitors such that the impact of stealthy attacks is minimized and the required attack-free system performance is guaranteed.

Justin Ruths, Jr-Shin Li

Inhomogeneity, in its many forms, appears frequently in practical physical systems. Readily apparent in quantum systems, inhomogeneity is caused by hardware imperfections, measurement inaccuracies, and environmental variations, and subsequently limits the performance and efficiency achievable in current experiments. In this paper, we provide a systematic methodology to mathematically characterize and optimally manipulate inhomogeneous ensembles with concepts taken from ensemble control. In particular, we develop a computational method to solve practical quantum pulse design problems cast as optimal ensemble control problems, based on multidimensional pseudospectral approximations. We motivate the utility of this method by designing pulses for both standard and novel applications. We also show the convergence of the pseudospectral method for optimal ensemble control. The concepts developed here are applicable beyond quantum control, such as to neuron systems, and furthermore to systems with by parameter uncertainty, which pervade all areas of science and engineering.

Tunga R, Carlos Murguia, Justin Ruths

A model-based windowed chi-squared procedure is proposed for identifying falsified sensor measurements. We employ the widely-used static chi-squared and the dynamic cumulative sum (CUSUM) fault/attack detection procedures as benchmarks to compare the performance of the windowed chi-squared detector. In particular, we characterize the state degradation that a class of attacks can induce to the system while enforcing that the detectors do not raise alarms (zero-alarm attacks). We quantify the advantage of using dynamic detectors (windowed chi-squared and CUSUM detectors), which leverages the history of the state, over a static detector (chi-squared) which uses a single measurement at a time. Simulations using a chemical reactor are presented to illustrate the performance of our tools.

Navid Hashemi, Carlos Murguia, Justin Ruths

As more attention is paid to security in the context of control systems and as attacks occur to real control systems throughout the world, it has become clear that some of the most nefarious attacks are those that evade detection. The term stealthy has come to encompass a variety of techniques that attackers can employ to avoid detection. Here we show how the states of the system (in particular, the reachable set corresponding to the attack) can be manipulated under two important types of stealthy attacks. We employ the chi-squared fault detection method and demonstrate how this imposes a constraint on the attack sequence either to generate no alarms (zero-alarm attack) or to generate alarms at a rate indistinguishable from normal operation (hidden attack).

Carlos Murguia, Justin Ruths

For given system dynamics, observer structure, and observer-based fault/attack detection procedure, we provide mathematical tools -- in terms of Linear Matrix Inequalities (LMIs) -- for computing outer ellipsoidal bounds on the set of estimation errors that attacks can induce while maintaining the alarm rate of the detector equal to its attack-free false alarm rate. We refer to these sets to as hidden reachable sets. The obtained ellipsoidal bounds on hidden reachable sets quantify the attacker's potential impact when it is constrained to stay hidden from the detector. We provide tools for minimizing the volume of these ellipsoidal bounds (minimizing thus the reachable sets) by redesigning the observer gains. Simulation results are presented to illustrate the performance of our tools.

Carlos Murguia, Henk Nijmeijer, Justin Ruths

In this manuscript, we study the problem of robust synchronization in networks of diffusively time-delayed coupled nonlinear systems. In particular, we prove that, under some mild conditions on the input-output dynamics of the systems and the network topology, there always exists a unimodal region in the parameter space (coupling strength versus time-delay), such that if they belong to this region, the systems synchronize. Moreover, we show how this unimodal region scales with the network topology, which, in turn, provides useful insights on how to design the network topology to maximize robustness against time-delays. The results are illustrated by extensive simulation experiments of time-delayed coupled Hindmarsh-Rose neural chaotic oscillators.

Joshua Ortiz, Alyssa Vellucci, Justin Koeln et al.

We show that hybrid zonotopes offer an equivalent representation of feed-forward fully connected neural networks with ReLU activation functions. Our approach demonstrates that the complexity of binary variables is equal to the total number of neurons in the network and hence grows linearly in the size of the network. We demonstrate the utility of the hybrid zonotope formulation through three case studies including nonlinear function approximation, MPC closed-loop reachability and verification, and robustness of classification on the MNIST dataset.

Carlos Murguia, Justin Ruths

A vector-valued model-based cumulative sum (CUSUM) procedure is proposed for identifying faulty/falsified sensor measurements. First, given the system dynamics, we derive tools for tuning the CUSUM procedure in the fault/attack free case to fulfill a desired detection performance (in terms of false alarm rate). We use the widely-used chi-squared fault/attack detection procedure as a benchmark to compare the performance of the CUSUM. In particular, we characterize the state degradation that a class of attacks can induce to the system while enforcing that the detectors (CUSUM and chi-squared) do not raise alarms. In doing so, we find the upper bound of state degradation that is possible by an undetected attacker. We quantify the advantage of using a dynamic detector (CUSUM), which leverages the history of the state, over a static detector (chi-squared) which uses a single measurement at a time. Simulations of a chemical reactor with heat exchanger are presented to illustrate the performance of our tools.

Navid Hashemi, Mahyar Fazlyab, Justin Ruths

We exploit recent results in quantifying the robustness of neural networks to input variations to construct and tune a model-based anomaly detector, where the data-driven estimator model is provided by an autoregressive neural network. In tuning, we specifically provide upper bounds on the rate of false alarms expected under normal operation. To accomplish this, we provide a theory extension to allow for the propagation of multiple confidence ellipsoids through a neural network. The ellipsoid that bounds the output of the neural network under the input variation informs the sensitivity - and thus the threshold tuning - of the detector. We demonstrate this approach on a linear and nonlinear dynamical system.

Navid Hashemi, Justin Ruths, Mahyar Fazlyab

Abstracting neural networks with constraints they impose on their inputs and outputs can be very useful in the analysis of neural network classifiers and to derive optimization-based algorithms for certification of stability and robustness of feedback systems involving neural networks. In this paper, we propose a convex program, in the form of a Linear Matrix Inequality (LMI), to certify incremental quadratic constraints on the map of neural networks over a region of interest. These certificates can capture several useful properties such as (local) Lipschitz continuity, one-sided Lipschitz continuity, invertibility, and contraction. We illustrate the utility of our approach in two different settings. First, we develop a semidefinite program to compute guaranteed and sharp upper bounds on the local Lipschitz constant of neural networks and illustrate the results on random networks as well as networks trained on MNIST. Second, we consider a linear time-invariant system in feedback with an approximate model predictive controller parameterized by a neural network. We then turn the stability analysis into a semidefinite feasibility program and estimate an ellipsoidal invariant set for the closed-loop system.

Tyler Summers, Justin Ruths

Many important complex networks, including critical infrastructure and emerging industrial automation systems, are becoming increasingly intricate webs of interacting feedback control loops. A fundamental concern is to quantify the control properties and performance limitations of the network as a function of its dynamical structure and control architecture. We study performance bounds for networks in terms of optimal feedback control costs. We provide a set of complementary bounds as a function of the system dynamics and actuator structure. For unstable network dynamics, we characterize a tradeoff between feedback control performance and the number of control inputs, in particular showing that optimal cost can increase exponentially with the size of the network. We also derive a bound on the performance of the worst-case actuator subset for stable networks, providing insight into dynamics properties that affect the potential efficacy of actuator selection. We illustrate our results with numerical experiments that analyze performance in regular and random networks.