# REAFFIRM: Model-Based Repair of Hybrid Systems for Improving Resiliency

**Authors:** Luan Viet Nguyen, Gautam Mohan, James Weimer, Oleg Sokolsky, Insup, Lee, and Rajeev Alur

arXiv: 1902.04064 · 2019-02-13

## TL;DR

This paper introduces REAFFIRM, a model-based Matlab toolkit that automates the repair of hybrid system models to enhance resiliency against security threats, reducing the need for complete redesigns.

## Contribution

The paper presents a novel methodology and a new model transformation language, HATL, for repairing hybrid system models to meet safety requirements under attacks.

## Key findings

- Successfully repaired models for ACC, SMIB, and missile guidance systems.
- Automated synthesis of resilient models reduces manual redesign effort.
- Demonstrated effectiveness against various sensor attack scenarios.

## Abstract

Model-based design offers a promising approach for assisting developers to build reliable and secure cyber-physical systems (CPSs) in a systematic manner. In this methodology, a designer first constructs a model, with mathematically precise semantics, of the system under design, and performs extensive analysis with respect to correctness requirements before generating the implementation from the model. However, as new vulnerabilities are discovered, requirements evolve aimed at ensuring resiliency. There is currently a shortage of an inexpensive, automated mechanism that can effectively repair the initial design, and a model-based system developer regularly needs to redesign and reimplement the system from scratch. In this paper, we propose a new methodology along with a Matlab toolkit called REAFFIRM to facilitate the model-based repair for improving the resiliency of CPSs. REAFFIRM takes the inputs including 1) an original hybrid system modeled as a Simulink/Stateflow diagram, 2) a given resiliency pattern specified as a model transformation script, and 3) a safety requirement expressed as a Signal Temporal Logic formula, and then outputs a repaired model which satisfies the requirement. The overall structure of REAFFIRM contains two main modules, a model transformation, and a model synthesizer built on top of the falsification tool Breach. We introduce a new model transformation language for hybrid systems, which we call HATL to allow a designer to specify resiliency patterns. To evaluate the proposed approach, we use REAFFIRM to automatically synthesize repaired models for an adaptive cruise control (ACC) system under a GPS sensor spoofing attack, for a single-machine infinite-bus (SMIB) system under a sliding-mode switching attack, and for a missile guidance system under gyroscopes sensor attack.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1902.04064/full.md

## Figures

27 figures with captions in the complete paper: https://tomesphere.com/paper/1902.04064/full.md

## References

42 references — full list in the complete paper: https://tomesphere.com/paper/1902.04064/full.md

---
Source: https://tomesphere.com/paper/1902.04064