Carl Elks, Ph.D.
Associate Professor, Department of Electrical and Computer Engineering
- Richmond VA UNITED STATES
- Engineering West Hall Room 222
Professor Elks' career focuses on maturing and advancing the state of the art in the areas of safety assessment and fault tolerance.
Media
Links
Social
Biography
His recent research and teaching interests include resilient Cyber Physical Systems, Systematic SW testing, Runtime Verification and Monitoring, Fault injection, cyber threat and vulnerability, and modernization strategies for energy and utility infrastructures.
Areas of Expertise
Education
University of Virginia
Ph.D.
Electrical Engineering
2005
University of Virginia
M.E.
Electrical Engineering
1998
Affiliations
- IEEE
- American Nuclear Society
Research Focus
Cyber Physical Systems
Dependable and Secure Systems
Critical Cyber Physical Systems are becoming much more common in daily life, and better ways of assuring safety/security and preventing failures are essential. The complexity posed by Cyber-Physical Systems present grand challenges to design assurance, testing and verification. The state of practice for these systems is at a point where new methods and novel techniques are needed to adequately ensure trust in these critical systems.
Patents
Idiosyncratic emissions fingerprinting method for identifying electronic devices
7420474
A method of producing idiosyncratic electronic emissions fingerprints from an electronic device is disclosed wherein emissions produced by the electronic device are collected and converted into one or more digital electronic fingerprints. T
Courses
EGRE 429 Advanced Digital System Design
This course provides students with theoretical and practical foundations for advanced embedded systems design and cyber physical system applications. It extends the concepts introduced in EGRE 428. Special emphasis is placed on the design of advanced embedded computing platforms for cyber physical system applications. Topics covered include: introduction to cyber physical systems; cyber physical systems theory; FPGA and system-on-a-chip design environments; designing, developing and implementing cyber physical systems using FPGA and system-on-a-chip technology; real-time computing and operating systems; real-time sensor networks; engineering design standards; and verification and validation of complex designs. In the laboratory the students will use state-of-the-art system development tools to design, construct, test and verify a system-on-a-chip-based
EGRE 428 Introduction to Integrated Systems Design
This course provides an introduction to integrated system design for computer engineers. Topics include hardware/software project design methodologies, integrated hardware and software design tools, life cycle costs analysis and requirements and specification analysis. Students are also introduced to concepts and design tools for FPGA and system-on-a-chip devices. Lectures are intended to support tasks required to execute a successful senior capstone experience. These tasks include, but are not limited to, project configuration management, customer interaction skills, requirements elicitation, simulation, procurement, design, testing and validation.
EGRE 632. Dependable Embedded Systems
This course explores the rich set of issues that must be considered when dealing with dependable embedded systems in smart energy delivery, transportation, interconnected health and medical devices and smart buildings, which have one or more of the following attributes: need for safety, continuous reliable operation, resilient to disruptions, secure against cyber-attacks, operate in real-time, maintainable and designed correctly. Among the topics covered are fault-tolerant computing, reliability and safety engineering, understanding the origins of failures and errors, design criteria, software reliability, formal verification of designs, cyber security, review of standards in safety critical systems and social/legal concerns.
Selected Articles
Understanding and Fixing Complex Faults in Embedded Systems
IEEE Computer Magazine, January 2021Alexander Weiss, Smitha Gautham, Athira Varma Jayakumar, Carl Elks, D. Richard Kuhn, Raghu N. Kacker, and Thomas B. Pressers
Embedded systems are becoming much more common in daily life, and better ways of finding and preventing failures are essential. The complexity posed by Cyber-Physical Systems present grand challenges to testing and verification. The state of practice for embedded software is at a point where new methods and novel techniques are needed to adequately test these critical systems. Advancements in understanding the nature of complex faults, and applying this understanding in maturing testing and verification, make it possible to build embedded Cyber Physical Systems that are safe and secure.
Property-Based Fault Injection: A Novel Approach to Model-Based Fault Injection for Safety Critical Systems
International Symposium on Model-Based Safety and Assessment (IMBSA 2020). Springer, Cham, 2020Jayakumar, Athira Varma, and Carl Elks
With the recent popularity of model-based design and verification (MBDE), fault injection testing at the functional model level is gaining significant interest. The reason for this interest is it aids in detecting design errors and incorrect requirements very early in the development lifecycle. The work presented in this paper describes a model based fault injection framework that is property based and applies formal model checking verification methods at the functional model level of design thereby guaranteeing a near-exhaustive state, input and fault space coverage. The framework ensures complete fault injection coverage by offering an automated integration of fault injection saboteurs throughout the model.
An Attacker Modeling Framework for the Assessment of Cyber-Physical Systems Security
39th International Symposium on Safety Security and Reliability (SAFECOMP), September 2020Deloglos, Christopher, Carl Elks, and Ashraf Tantawy
This paper proposes a flexible attacker modeling framework that aids in the security analysis process by simulating a diverse set of attacker behaviors to predict attack progression and provide consistent system vulnerability analysis. The model proposes an expanded architecture of vulnerability databases to maximize its effectiveness and consistency in detecting CPS vulnerabilities while being compatible with existing vulnerability databases. The model has the power to be implemented and simulated against an actual or virtual CPS. Execution of the attacker model is demonstrated against a simulated industrial control system architecture, resulting in a probabilistic prediction of attacker behavior.
Fundamental Challenges of Cyber-Physical Systems Security Modeling
IEEE 50th Dependable Systems and Networks Conference, 2020Bakirtzis, G., Ward, G.L., Deloglos, C.J., Elks, C.R., Horowitz, B.M. and Fleming, C.H
Systems modeling practice lacks security analysis tools that can interface with modeling languages to facilitate security by design. Security by design is a necessity in the age of safety critical cyber-physical systems, where security violations can cause hazards. Currently, the overlap between security and safety is narrow. But deploying cyber-physical systems means that today's adversaries can intentionally trigger accidents. By implementing security assessment tools for modeling languages we are better able to address threats earlier in the system's lifecycle and, therefore, assure their safe and secure behavior in their eventual deployment. We posit that cyber-physical systems security modeling is practiced insufficiently because it is still addressed similarly to information technology systems.
A Model-based Approach to Security Analysis for Cyber-Physical Systems
2018 Annual IEEE International Systems conference (SysCon)Georgios Bakirtzis, Bryan T Carter, Carl R Elks, Cody H Fleming
Evaluating the security of cyber-physical systems throughout their life cycle is necessary to assure that they can be deployed and operated in safety-critical applications, such as infrastructure, military, and transportation. Most safety and security decisions that can have major effects on mitigation strategy options after deployment are made early in the system's life cycle. To allow for a cyber-vulnerability analysis before deployment, a sufficient well-formed model has to be constructed. To construct such a model we produce a taxonomy of attributes; that is, a generalized schema for system attributes. This schema captures the necessary specificity that characterizes a possible real system and can also map to the attack vector space associated with the model's attributes.
Systematic Software Testing of Critical Embedded Digital Devices in Nuclear Power Applications
The 31st IEEE International Symposium on Software Reliability Engineering(ISSRE) - 2020Athira Varma Jayakumar, Smitha Gautham, Richard Kuhn, Brandon Simons, Aidan Collins, Thomas Dirsch, Raghu Kacker, and Carl Elks
The motivation for this research was to investigate the efficacy and challenges that arise when planning, automating, and conducting systematic software testing on actual real time embedded digital device. In this paper we present results on the application of a systematic testing methodology called Pseudo-Exhaustive testing. The systematic testing methods were applied at the unit, module integration levels of the software. The findings suggest that Pseudo Exhaustive testing supported automated testing technology is an effective and efficient approach to testing real time embedded digital devices in support of nuclear regulatory guidelines.
Multilevel Runtime Security and Safety Monitoring for Cyber Physical Systems using Model-based Engineering
39th International Conference on Computer Safety, Reliability, and Security (SAFECOMP)Smitha Gautham, Athira V Jayakumar, Carl Elks
To ensure safety and security of high integrity CPSs, we present a multilevel runtime monitor approach where there are monitors at each level of processing and integration. In the proposed multi-level monitoring framework, some monitoring properties are formally defined using Event Calculus. We then demonstrate the need for multilevel monitors for faster detection and isolation of attacks by performing data attack and fault injection on a Simulink CPS model.
Data-Driven Vulnerability Exploration for Design Phase System Analysis
IEEE Systems Journal (2019)Bakirtzis, Georgios, Brandon J. Simon, Aidan G. Collins, Cody Harrison Fleming, and Carl R. Elks
Applying security as a lifecycle practice is becoming
increasingly important to combat targeted attacks in safety critical systems. Among others there are two significant challenges in this area: (1) the need for models that can characterize a realistic system in the absence of an implementation and (2) an automated way to associate attack vector information; that is, historical data, to such system models. We propose
the cybersecurity body of knowledge (CYBOK), which takes in sufficiently characteristic models of systems and acts as a search engine for potential attack vectors. CYBOK is fundamentally an algorithmic approach to vulnerability exploration, which is a significant extension to the body of knowledge it builds upon. By using CYBOK, security analysts and system designers can
work together to assess the overall security posture of systems early in their lifecycle, during major design decisions and before final product designs. Consequently, assisting in applying security earlier and throughout the systems lifecycle.
A Self-Repairing Hardware Architecture for Safety-Critical Cyber-Physical-Systems
IET Cyber-Physical Systems: Theory & Applications Journal (2019).Khairullah, Shawkat, and Elks, Carl
This paper presents a new self-healing FPGA hardware architecture inspired by integrating biological concepts, fault tolerance techniques, and IEC 61131-3 operational schematics to facilitate adaption in automation and critical infrastructure. The proposed architecture is organized in two levels: the critical functions layer used for providing the intended service of the application and the healing layer that continuously monitors the correct execution of that application and generates health syndromes to heal any failure occurrence inside the functions layer. Finally, two industrial applications have been mapped on this architecture to date and we believe the nexus of its concepts can positively impact the next generation of critical cyber-physical-systems in industrial automation.
Lessons and Experiences Learned Applying Model Based Engineering to Safety Critical FPGA Designs
11th International Workshop on the Application of FPGAs in Nuclear Power - 2018R. Hite, A. Tantawy, M. Gibson, S. Gautham, C. Deloglos, A. Jayakumar, and C.R. Elks
This paper focuses on the design, modeling, verification and validation strategies developed in support of a FPGA based safety critical architecture called SymPle that is targeted for use in Nuclear Protection systems. We present our experiences and lessons learned in developing a model-based IEC 61508 compliant verification workflow to achieve end-to-end verification from the requirements, model, code and hardware implementation using MathWorks Simulink Tools and Mentor Graphics Questa tool.
SymPLe 1131: A novel architecture solution for the realization of verifiable digital I&C systems and embedded digital devices
10th Int. Topical Meeting on Nuclear Plant Instrumentation, Control, and Human Machine Interface Technologies (NPIC/HMIT)- 2017CR Elks, T Bakker, R Hite, S Gautham, V Venkatesh, J Moore
This paper presents the work done regarding an FPGA overlay architecture called SymPLe. SymPLe is designed to reduce the gap between software and hardware approaches for digital I&C systems and increases deterministic behavior and verifiability of the application, architecture and safety-critical system while reasoning about CCF.
Design of a high performance FPGA based fault injector for real-time safety-critical systems
22nd IEEE International Conference on. Application-specific Systems, Architectures and Processors - 2011Marko Miklo, Ron Willaims, and Carl Elks
We demonstrate a novel fault injection system implemented on a commercial Field-Programmable Gate Array board. The fault injector is unobtrusive to the target system as it utilizes only standardized On-Chip-Debugger (OCD) interfaces present on most current processors. This effort resulted in faults being injected orders of magnitude faster than by utilizing a commercial OCD debugger, while incorporating novel features such as concurrent injection of faults into distinct target processors.
Application of a fault injection based dependability assessment process to a commercial safety critical nuclear reactor protection system
IEEE 40th Dependable Systems and Networks (DSN) Conference - 2010C. Elks, M. Reynolds, B. Johnson, N. George, M. Waterman, and J. Dion
In this paper, we present a fault injection based safety assessment methodology that was applied to a commercial safety grade digital Reactor Protection System. Approximately 10,000 fault injections were applied to the system. This paper presents a overview of the research effort, lessons learned, and the results of the endeavor.