Zusammenfassung der Projektergebnisse

Cyber-Physical Systems (CPS) connect two quite different worlds, the world of embedded systems (with real-time requirements, sensors and actuators, dependability, deterministic behaviour, etc.) with the world of digital networks (with globally available services, data clouds, multi-modal man-machine interfaces, etc.). CPS are exposed to different security threats, many are not known at the design time of a CPS. In general, the physical surrounding of the CPS may be endangered, but also the components of the CPS or the communication between spatially distributed components, for instance. In the CYPHOC project, we addressed these security problems by means of Organic Computing (OC) techniques. OC focuses on adaptive technical systems, typically empowered with learning abilities, to solve complex problems. Properties such as self-learning, self-adaptation, self-coordination, self-organization, or self-healing play an important role. In CYPHOC, "security-by-design" is complemented by "security-at-runtime", that is, the components of CPS are enabled to detect new kinds of security threats collectively and to react accordingly. In particular, solving this involves three different research topics: collaborative detection and learning of conspicuous situations, generalized mechanisms to react appropriately on unanticipated situations, and guaranteed protection against compromised components. Specifically, we substantially improved techniques that enable CPS to detect conspicuous and suspicious situations in their environment (in particular temporal anomalies) that are not known at design time of the system. Based on the recognition of unanticipated events, we require standardized mechanisms to react appropriately in a self-organizing way. The set of possible strategies to react on these anomalies is too large to be efficiently searched. In many applications, however, dependencies between components exist. By automatically detecting and modelling these dependencies, we can exclude such strategies that do not respect them. Therefore, such dependencies are exploited to realize a faster collaborative learning in different classes of applications. Since most CPS are distributed systems, some components of the overall CPS might be compromised by an attacker. To guarantee protection against such compromised components, we developed mechanisms allowing for any piece of information to be k-resilient. Therefore, an attacker is required to manipulate at least k different components to achieve this goal. Additionally, we investigated the realization of CPS-wide self-tests to detect these compromised components. We design all these developed OC techniques in such a way that they do not affect the real-time capabilities of the underlying CPS.

Projektbezogene Publikationen (Auswahl)

• ”know thyself”-computational self-reflection in intelligent technical systems. In SASO, pages 150–159. IEEE, 2014
  Sven Tomforde, Jorg Hahner, Sebastian von Mammen, Christian Gruhl, Bernhard Sick, and Kurt Geihs
  (Siehe online unter https://doi.org/10.1109/SASOW.2014.25)
• A building block for awareness in technical systems: Online novelty detection and reaction with an application in intrusion detection. In IEEE iCAST, pages 194–200. IEEE, 2015
  Christian Gruhl, Bernhard Sick, Arno Wacker, Sven Tomforde, and Jörg Hähner
  (Siehe online unter https://doi.org/10.1109/ICAwST.2015.7314046)
• A mutual influence detection algorithm for systems with local performance measurement. In SASO, pages 144–149, 2015
  Stefan Rudolph, Sven Tomforde, Bernhard Sick, and Jörg Hähner
  (Siehe online unter https://doi.org/10.1109/SASO.2015.23)
• An online influence detection algorithm for organic computing systems. In ARCS, pages 1–8. VDE, 2015
  Stefan Rudolph, Sven Tomforde, Bernhard Sick, Henner Heck, Arno Wacker, and Joerg Haehner
  
• On the application possibilities of organic computing principles in socio-technical systems. In Organic Computing: Doctoral Dissertation Colloquium 2015, volume 7, page 165. kassel university press, 2015
  Henner Heck, Sarah Edenhofer, Christian Gruhl, Andreas Lund, Romeo Shuka, and Jörg Hähner
  
• Multi-k-Resilience in Distributed Adaptive Cyber-Physical Systems. In ARCS, pages 1–8. VDE, 2016
  Henner Heck, Christian Gruhl, Stefan Rudolph, Arno Wacker, Bernhard Sick, and Joerg Haehner
  
• Novelty detection with candies: a holistic technique based on probabilistic models. International Journal of Machine Learning and Cybernetics, Nov 2016
  Christian Gruhl and Bernhard Sick
  (Siehe online unter https://doi.org/10.1007/s13042-016-0618-8)
• Towards automation of knowledge understanding: An approach for probabilistic generative classifiers. Information Sciences, 370:476–496, 2016
  Dominik Fisch, Christian Gruhl, Edgar Kalkowski, Bernhard Sick, and Seppo J. Ovaska
  (Siehe online unter https://doi.org/10.1016/j.ins.2016.08.016)
• Towards autonomous self-tests at runtime. In International Workshops on Foundations and Applications of Self* Systems (FAS*W), pages 98–99, 2016
  Henner Heck, Stefan Rudolph, Christian Gruhl, Arno Wacker, Jörg Hähner, Bernhard Sick, and Sven Tomforde
  (Siehe online unter https://doi.org/10.1109/FAS-W.2016.32)
• A Concept for Intelligent Collaborative Network Intrusion Detection. In ARCS, pages 1–8. VDE, 2017
  Christian Gruhl, Frank Beer, Henner Heck, Bernhard Sick, Ulrich Buehler, Arno Wacker, and Sven Tomforde