Learning from Mutants - Using Code Mutation to Learn and Monitor Invariants of a Cyber-Physical System

Explore a novel approach for constructing models of cyber-physical systems (CPS) automatically in this conference talk presented at the 2018 IEEE Symposium on Security & Privacy. Discover how supervised machine learning can be applied to data traces obtained after systematically seeding software components with faults ("mutants"). Learn about the efficacy of this method demonstrated on a simulator of a real-world water purification plant, including a framework for automatic mutant generation, data trace collection, and SVM-based model learning. Examine the use of cross-validation and statistical model checking to show how the learnt model characterizes an invariant physical property of the system. Understand the practical application of this invariant in detecting 85% of 55 network and code-modification attacks from runtime data logs, highlighting its potential for enhancing CPS security and monitoring.