Dr. Bruce McMillin - The main thread of my research activities has been to create the sound theory and practice of fault tolerance and security for distributed computing applications. My work treats these aspects as functions of the application rather than of the underlying system. Since most work in providing fault tolerance and security is based on assuring the underlying system, my work represents a radical departure from the mainstream of the discipline. Breaking from the main thread of research has required the development of a new theory of how program correctness is understood. The approach is to provide semantics to ensure, at runtime, that a distributed program is survivable (has fault tolerance) and maintains its security, in the presence of system failures and security intrusions. Current federal emphasis on protection of complex distributed systems has proven to be an ideal match for my work. Collaborative, interdisciplinary partnerships are the cornerstone of success in these new programs. Recently, collaborative work with EE has resulted in NSF funding to apply my techniques to the problem of fault-tolerant and secure power grid management. Recently we were awarded an NSF Engineering Research Center for Distributed Energy and Computer Science from S&T is the lead.
Time Period: 10/1/2018 - 09/30/2021
The nation's critical infrastructures are increasingly dependent on systems that use computers to control vital physical components, including water supplies, the electric grid, airline systems, and medical devices. These are all examples of Cyber-Physical Systems (CPS) that are vulnerable to attack through their computer systems, through their physical properties such as power flow, water flow, chemistry, etc., or through both. The potential consequences of such compromised systems include financial disaster, civil disorder, even the loss of life. The proposed work significantly advances the science of protecting CPS by ensuring that the systems "do what they are supposed to do" despite an attacker trying to make them fail or do harm. In this convergent approach, the key is to tell the CPS how it is supposed to behave and build in defenses that make sure each component behaves and works well with others. The proposed work has a clear transition to industrial practice. It will also enhance education and opportunity by opening up securing society as a fascinating discipline for K-12 students to follow.
A sample Cyber-Physical system is a water treatment system in which each component is in its own security domain. Each portion of the process is monitored (each with a wise owl who is an oracle of knowledge) through a valuation V (its spyglass) from that domain to other domains that contain information from the physical owls, cyber owls, and knowledge in the form of invariants (the books) to ensure system operation. ” Figure courtesy of Sarah Martin.