Security of Machine Learning in Cyber-Physical Systems
Dr. Jinyuan Stella Sun
, University of Tennessee-Knoxville
Despite many of the successes of machine learning in modern commercial application domains like computer vision, speech analysis, and natural language processing, its broader use in critical infrastructure cyber-physical systems (CI-CPS), such as, energy, water, and transportation systems, has been far less than ideal. CI-CPS often borrow techniques directly from commercial applications that fail to consider constraints inherent in these physical systems. Security of machine learning has been extensively studied recently, revealing vulnerabilities of machine learning models and the effectiveness in deviating learning outcomes by polluting the model input. This is especially devastating in CI-CPS where learning can be used for safety-critical operations and such deviation can cause irreversible harm to people and physical assets. In this talk, we discuss our recent attacks on machine learning algorithms used in CI-CPS that incorporate physical and topological constraints, as well as mitigation methods.