Collaborative Research: FMitF: Track I: A Formal Verification and Implementation Stack for Programmable Logic Controllers

合作研究：FMitF：第一轨：可编程逻辑控制器的形式验证和实现堆栈

• 批准号: 2220311
• 负责人: Stefan Mitsch
• 金额: $ 45万
• 依托单位: Carnegie-Mellon University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2025-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2220311&HistoricalAwards=false
• 关键词: Collaborative; Research; FMitF; Track; Formal

Safety-critical industrial control systems, such as the electric power grid or water-treatment plants, provide crucial services in modern societies. Therefore, they must be safe at all times and on all levels, from their design to their operation. This is especially challenging since industrial control software is largely automated to make decisions on behalf of humans while being increasingly targeted by adversarial cyber-physical attacks. In order to act in advance before unsafe or undesired situations occur, models that describe the physics of the system and the effects of potential security attacks need to become a central element in designing industrial control systems. The project's novelties are mathematics- and logic-based software-development methods to make industrial control software aware of real-world effects and threats. The project's impacts are improved support for practitioners in developing trustworthy and resilient industrial control systems, with the aim of providing the crucial missing verification link between industrial control software development and execution.The project's technical approach studies a provably correct development stack for industrial control systems with Programmable Logic Control (PLC) that is expected to provide a chain of fully verified links from high-level models all the way down to the running code, accompanied by synthesized correctness proofs. The correctness proofs entail strong safety guarantees on the actual industrial control system implementation through validation methods to analyze, at runtime, whether models and reality agree and to counteract when deviations occur. To this end, the team of researchers expects to advance techniques for verified runtime monitoring of the operating context and for verified bi-directional translation between code and models. The models combine differential equations with nondeterministic control and environment models to describe physical effects and security threats. Such predictive models, safety proofs, and validation methods are crucial elements of every trustworthy implementation stack so that proofs from models transfer to the running system. To address design safety at the scale of industrial control systems, the investigators bring together complementary expertise in foundations and practical verification for cyber-physical systems, with field expertise in embedded systems for industrial control systems safety and security.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

安全至关重要的工业控制系统，例如电力电网或水处理工厂，可在现代社会中提供至关重要的服务。因此，从设计到操作，它们必须始终和各个级别都安全。这尤其具有挑战性，因为工业控制软件在很大程度上是自动化的，可以代表人类做出决定，同时越来越受到对抗性网络物理攻击的目标。为了在不安全或不希望的情况发生之前提前采取行动，描述系统物理的模型以及潜在安全攻击的影响需要成为设计工业控制系统的核心要素。该项目的新颖性是基于数学和逻辑的软件开发方法，以使工业控制软件了解现实世界的效果和威胁。该项目的影响得到了对从业人员开发值得信赖和弹性的工业控制系统的支持，目的是为了提供工业控制软件开发和执行之间的至关重要的丢失验证联系。该项目的技术方法研究的技术方法研究了一种可证明是正确验证型号的工业控制系统的工业控制系统，该堆栈可提供全面的链接，以供计划良好的链接，以供良好的链接延伸，以供良好的链接延伸，以供高级链接延伸，并将其稳定的链接延续到稳健的链接，从而使运行式的链接延伸到延伸的链路上，该型号的链接链接链接的链接链条链接的链接序列链条链接序列的链接链条链接序列的链接链条链条链接的链接。正确性证明。正确的证明需要通过验证方法来分析，在运行时，模型和现实是否同意并在发生偏差时抵消实现的实际工业控制系统实施。为此，研究人员团队希望推进技术监视操作环境的运行时监控以及代码和模型之间经过验证的双向翻译的技术。这些模型将微分方程与非确定控制和环境模型相结合，以描述物理效果和安全威胁。这样的预测模型，安全证明和验证方法是每个值得信赖的实现堆栈的关键要素，因此模型传输到运行系统的证明。为了解决工业控制系统规模的设计安全性，研究人员将基金会和对网络物理系统的实践验证的补充专业知识汇集在一起​​，并在工业控制系统安全和保障的嵌入式系统中具有现场专业知识。该奖项反映了NSF的法定任务，并认为通过基金会的知识优点和广泛的crietia criteria criperia criperia criperia criperia criperia criperia criperia cribitia cripitia cribitia cripitia criperia recteria rection the Actional afteria奖。