Theses Doctoral

Towards Self-Managing Networked Cyber-Physical Systems

Janak, Jan

Networked systems integrating software with the physical world are known as cyber-physical systems (CPSs). CPSs have been used in diverse sectors, including power generation and distribution, transportation, industrial systems, and building management. The diversity of applications and interdisciplinary nature make CPSs exciting to design and build but challenging to manage once deployed. Deployed CPSs must adapt to changes in the operating environment or the system's architecture, e.g., when outdated or malfunctioning components need to be replaced. Skilled human operators have traditionally performed such adaptations using centralized management protocols. As the CPS grows, management tasks become more complex, tedious, and error-prone.

This dissertation studies management challenges in deployed CPSs. It is based on practical research with CPSs of various sizes and diverse application domains, from the large geographically dispersed electrical grid to small-scale consumer Internet of Things (IoT) systems. We study the management challenges unique to each system and propose network services and protocols specifically designed to reduce the amount of management overhead, drawing inspiration from autonomic systems and networking research.

We first introduce PhoenixSEN, a self-managing ad hoc network designed to restore connectivity in the electrical grid after a large-scale outage. The electrical grid is a large, heterogeneous, geographically dispersed CPS. We analyze the U.S. electrical grid network subsystem, propose an ad hoc network to temporarily replace the network subsystem during a blackout, and discuss the experimental evaluation of the network on a one-of-a-kind physical electrical grid testbed. The novel aspects of PhoenixSEN lie in a combination of existing and new network technologies and manageability by power distribution industry operators.

Motivated by the challenges of running unmodified third-party applications in an ad hoc network like PhoenixSEN, we propose a geographic resource discovery and query processing service for federated CPSs called SenSQL. The service combines a resource discovery protocol inspired by the LoST protocol with a standard SQL-based query interface. SenSQL aims to simplify the development of applications for federated or administratively decoupled autonomous cyber-physical systems without a single administrative or technological point of failure. The SenSQL framework balances control over autonomous cyber-physical devices and their data with service federation, limiting the application's reliance on centralized infrastructures or services.

We conclude the first part of the dissertation by presenting the design and implementation of a testbed for usability experiments with mission-critical voice, a vital communication modality in PhoenixSEN, and during emergency scenarios in general. The testbed can be used to conduct human-subject studies under emulated network conditions to assess the influence of various network parameters on the end-user's quality of experience.

The second dissertation part focuses on network enrollment of IoT devices, a management process that is often complicated, frustrating, and error-prone, particularly in consumer-oriented systems. We motivate the work by reverse-engineering and analyzing Amazon Echo's network enrollment protocol. The Echo is one of the most widely deployed IoT devices and, thus, an excellent case study. We learn that the process is rather complicated and cumbersome.

We then present a systematic study of IoT network enrollment with a focus on consumer IoT devices in advanced deployment scenarios, e.g., third-party installations, shared physical spaces, or evolving IoT systems. We evaluate existing frameworks and their shortcoming and propose WIDE, a network-independent enrollment framework designed to minimize user interactions to enable advanced deployment scenarios. WIDE is designed for large-scale or heterogeneous IoT systems where multiple independent entities cooperate to set the system up. We also discuss the design of a human-subject study to compare and contrast the usability of network enrollment frameworks.

A secure network must authenticate a new device before it can be enrolled. The authentication step usually requires physical device access, which may be impossible in many advanced deployment scenarios, e.g., when IoT devices are installed by a specialist in physically unreachable locations. We propose Lighthouse, a visible-light authentication protocol for physically inaccessible IoT devices. We discuss the protocol's design, develop transmitter and receiver prototypes, and evaluate the system. Our measurements with off-the-shelf components over realistic distances indicate authentication times shorter or comparable with existing methods involving gaining physical access to the device. We also illustrate how the visible-light authentication protocol could be used as another authentication method in other network enrollment frameworks.

Geographic Areas

Files

  • thumnail for Janak_columbia_0054D_18269.pdf Janak_columbia_0054D_18269.pdf application/pdf 6.08 MB Download File

More About This Work

Academic Units
Computer Science
Thesis Advisors
Schulzrinne, Henning G.
Degree
Ph.D., Columbia University
Published Here
January 17, 2024