Virtual Event: Defeating Logic Bugs in Robotic Vehicles

All dates for this event occur in the past.

Defeating Logic Bugs in Robotic Vehicles

Ph.D. candidate Hyungsub Kim of Purdue University will explore the recent efforts made toward defeating logic bugs in robotic vehicles.

Friday, Feb. 17 at 3 pm EST

REGISTER HERE TO BE SENT A ZOOM LINK

 

Abstract: The use of robotic vehicles (RVs) is dramatically increasing. Indeed, RVs are used in a plethora of different real-world scenarios and environments, such as submarines under the ocean, sailboats on the water, rovers on the ground, and drones in the air. Unfortunately, RVs face diverse threats, including (1) physical sensor attacks such as GPS/GNSS spoofing; (2) memory corruption bugs; and (3) logic bugs that make the RV software behave incorrectly under specific conditions. Security researchers have addressed physical sensor attacks and memory corruption bugs, but logic bugs have not received much attention. In this talk, I will talk about a recent line of efforts to defeat logic bugs in RV control software (ArduPilot, PX4, and Paparazzi) and the lessons learned from those efforts. In particular, I will first introduce a policy-guided fuzzing framework, which leverages policies represented by temporal logic with timing constraints to find logic bugs in RV control software. Then, I will introduce a policy-guided program repair framework, which automatically creates the correct patch for a given logic bug and applies it. Finally, I will discuss why verifying patches on RVs is challenging and introduce an automated patch analysis framework for RV control software.

Bio: Hyungsub Kim is a Ph.D. candidate in the Department of Computer Science at Purdue University, advised by Prof. Dongyan Xu, Prof. Antonio Bianchi, and Prof. Z. Berkay Celik. His main research interest lies in defeating all security threats against RVs. He has been tackling logic bugs via static and dynamic program analysis techniques. Results of his work have been published at top-tier venues such as NDSS, S&P, and USENIX Security.

 

This event is part of the Spring 2023 Guest Speakers Series.