Sandeep Kumar Shukla
Sandeep Kumar Shukla
Organization Department of Computer Science and Engineering
Indian Institute of Technology Kanpur (IIT Kanpur)
Phone: +91 512 259 6432
DVP term expires December 2019
Professor Sandeep K. Shukla is an IEEE fellow, an ACM Distinguished speaker, and an ACM Distinguished Scientist. He received his Bachelor’s degree in Computer Science and Engineering at Jadavpur University, Kolkata in 1991, and his Master's and PhD degrees in Computer Science from the State University of New York at Albany, NY, USA in 1995 and 1997 respectively.
He worked as a scientist at the GTE labs on telecommunications network management, distributed object technology, and event correlation technologies between 1997 and 1999. Between 1999 and 2001, he worked at the Intel Corporation on the formal verification of the ITANIUM processor, and on system level design languages.
From 2001 to 2002, he was a research faculty member at the University of California at Irvine working on embedded system design. From 2002 to 2015, he was an assistant, associate, and full professor at Virginia Tech, USA. He co-founded the Center for Embedded Systems for Critical Applications (CESCA) in 2007, and served as director of the center between 2010 and 2012. In 2015, he joined the Computer Science and Engineering Department of the Indian Institute of Technology Kanpur, India.
He received the prestigious Presidential Early Career Award for Scientists and Engineers (PECASE) from the White House in 2004, Frederich Wilhelm Bessel Award in 2008 from the Humboldt Foundation, Germany, Virginia Tech Faculty Fellow Award, a distinguished Alumni Award from the State University of New York at Albany, a best paper award at the Asia-Pacific Design Automation Conference, GTE Laboratories Excellence Award, ASEE/ONR Faculty Fellowship in 2005, ASEE/Air Force Senior Faculty Fellowship in 2007, and an Air Force Labs Faculty Fellowship in 2008. Sandeep was also invited by the highly selective US National Academy of Engineering and US National Academy of Sciences Frontiers of Engineering and Frontiers of Science conferences. He was selected as an ACM Distinguished Scientist in 2013, and IEEE Fellow in 2014.
Sandeep also served as ACM Distinguished Speaker between 2007 and 2015, IEEE Computer Society Distinguished Visitor between 2008 and 2012.
Sandeep has also been a visiting faculty at INRIA, France, University of Kaiserslautern in Germany, MIT, and University of Birmingham UK for various periods of time.
Sandeep is currently the editor-in-chief of the ACM Transactions on Embedded Systems, Associate Editor of ACM Transactions on Cyber-Physical Systems, and Computing Reviews. In the past, he has served as associate editors for IEEE Transactions on Computers, IEEE Transactions on Industrial Informatics, IEEE Design & Test, IEEE Embedded Systems Letters, and many other journals. He has guest-edited more than 15 special issues for various IEEE and ACM journals. He has written or edited 9 books, published over 200 journal and conference papers. He has been program chairs for 4 IEEE/ACM International conferences, and General Chair for 2 of these conferences. He has served on the program committee of more than 100 international conferences and workshops. He supervised 12 PhDs, and directed five post-doctoral scholars at Virginia Tech. He also supervised 10 Masters theses. He has been on examination committee for PhD and Habilitation theses in Sweden, Germany, France and India.
Sandeep was elected an IEEE fellow for his “contributions to applied probabilistic model checking for system design." Sandeep’s work on creating system level design languages with the ability to express distinct models of computation for distinct parts of an embedded hardware/software system led to new kernels of SystemC language. His work on meta-modeling driven component composition pre-dated the standardization effort of the SPIRIT consortium.
His novel interpretation of the ‘clock calculus’ (which lies at the core of the compilation of polychronous languages) as the problem of computing prime has implications in a propositional theory led to a new set of tools for multi-threaded code synthesis, and was funded by US Air Force for an industrial implementation at L-3 Communications.
A new operational semantics for combining synchronous programming models within polychronous models that Sandeep and his colleagues recently published in the Science of Programming journal paved the way to combine the strengths of synchronous language based software synthesis and the asynchronous concurrency model of polychronous languages. More recently, his group developed a number of co-simulation tools for data-communication enabled smart-grid, and a virtual SCADA system for industrial automation for the purpose of cyber-security threat modeling, simulation of cyber-attacks, and mitigation experimentation.
Sandeep's main focus currently is cyber-security of cyber-physical systems, in particular, application of machine learning, and formal analysis to discover ways to distinguish physical dynamics variations due to stochastic variations, and cyber-attack induced variations.
Smart-Grid: Where Embedded Computing, Communication and Power Systems Meet
Abstract: The vision of a smart grid is predicated upon the pervasive use of embedded intelligence, and digital communication techniques in today's power system. As wide area measurements and control techniques are being developed and deployed for a more resilient power system, the role of computing and communication network is becoming inalienable. The system state estimation, protection, control of oscillations are real-time computing applications. Similarly, the power system dynamics gets influenced by the communication delays in the network. Therefore, the extensive integration of a power system and its computing/communication infrastructure mandates that the two systems are studied as a single distributed cyber-physical system.
In this talk, we will discuss some of the problems and their solutions germane to this inter-dependency between two critical infrastructures. In particular, a power/network co-simulation framework which integrates power system dynamic simulator and network simulator together using an accurate synchronization mechanism will be discussed. The accuracy of this co-simulation system is tunable based on the time-scale requirements of the phenomena being studied. This co-simulation can improve the practical investigation of a smart grid and evaluate wide area measurement and control schemes. We will also discuss some case studies including an agent-based remote backup relay system simulated and validated on this co-simulation framework.
Cyber Security of Critical Infrastructures: A Case for a Schizoid Design Approach
Abstract: In the past, the design of cyber physical systems required a model based engineering approach, where as a first step of the design process--a physics based mathematical model of the physical system, and a control theoretic model of the control system--were put together in a formal or semi-formal framework. The designers would start from an abstract model, and refine it down to an implementation model in several steps, either formally or informally. The implementation model is then validated for functional correctness, performance, real-time requirements etc. Functional Safety, robustness to input assumptions, reliability under fault assumptions, and resilience to unknown adversities were considered as good design goals. With the increasing networked distributed control of large and geographically distributed critical infrastructures such as smart grid, smart transportation systems, air traffic control system etc.--the exposure to cyber-attacks ushered in by the IP-convergence--the design goals must consider cyber-security and cyber defense as first class design objectives.
However, in order to do so, designers have to don a dual personality -- while designing for robustness, reliability, functional safety--a model driven engineering approach would work--whereas for designing for cyber-security and defense, the designer has to step into the shoes of a malicious attacker. For example, one has to consider the various observation or sampling points of the system (e.g. sensors to read or sample the physical environment), and think how an attacker might compromise the unobservability of those points without authentication, and what knowledge of the system dynamics or the control mechanism of the system might actually be reconstructed by the attacker.
One also has to consider the actuation points of the system, and ponder the least number of such actuation points the attacker has to take over in order to disrupt the dynamics of the system enough to create considerable damage. One has to envision how to obfuscate the dynamics of the system even when certain sensing or actuation points are compromised. Also, it is known that a large percentage of attacks are induced by inside attackers. Thus perimeter defense alone cannot defend the system. In such cases, the question that one is confronted with is whether there is enough indication of an ongoing attack in the dynamics of the system itself.
This approach to viewing the system from an adversarial position requires one to topple the design paradigm over its head, and we will need to build models from data, and not just generate data from models. The designer has to observe a system in action – even through partial observations, and construct a model close enough to the real system model – and then use the partial access to create damages to the because the approximate model allows her to do so. Almost like a schizophrenic duality, the engineer also has to wear the designers hat, and consider a game in which the observations are obfuscated enough to render it impossible for an attacker to build any useful model to induce clever attacks. The designer has to worry if she can construct from unobfuscated observations a dynamics quickly enough so that the difference between the expected dynamics and the real dynamics can trigger alarms to alert the system administrators. In this talk, while discussing this view of system design, we will also talk about VSCADA -- a virtual distributed SCADA lab we created for modeling SCADA systems for critical infrastructures, and how to use such a virtual lab completely implemented in simulation--to achieve the cyber security and cyber defense objectives of critical infrastructures--through attack injections, attack detection, and experiments on new defense mechanisms.
Cyber Security Landscape and the Urgent Need for Cyber Manpower Development
Cyber Security is recognized as one of the most dangerous threats to our increasingly digital society and livelihood. Other than our reliance on smart phones, smart devices, medical implants, our most crucial critical infrastructures such as banking, financial trading, power systems, water and sewage system, manufacturing systems, cars, rail-roads, air traffic control--are all computerized and dependent on network communication.
The cyber security vulnerabilities are therefore common in such systems, but when the effect of a cyber attack spills over from the cyber side to the physical dynamics of such cyber-physical systems, the effect becomes wide spread. In this talk, we discuss a number of such cyber attacks and their genesis from around the world, and explain how simple software of everyday use such as adobe reader, or android on our phones can have exploits that could bring on such attacks. We also explain the darkweb and its role in cyber criminal market place, and how cyber exploits are purchased and sold, pay-per-install services are used by deploying bot-nets, worms, and other vectors. We then go on to explain what different countries around the world are doing in technology development, framework and methodology development, and in policy space to guard against such attacks. One of the most crucial issues here is the development of cyber-security expertise, and man power. We discuss what is happening in that space as well.