Defense Notices

Explosion in the use of containers and a shift in software engineering design from monolithic applications into a microservice model has driven a need for software solutions that can manage the deployment and networking of microservices at enterprise-level scale. Service meshes have emerged as a promising solution to the microservice eruption that enterprise software is currently experiencing. This work examines service meshes from the perspective of security solutions offered within the tools and how the available security mechanisms impact the original goals of service meshes. As part of this study, we propose a relevant threat model to the service mesh domain and consider two different levels of configuration of these tools. The first configuration we study is the “idealized” configuration; one in which a system administrator has deep knowledge and the ability to properly configure and enable all available security mechanisms within a service mesh. The second configuration scenario is that of the default configuration deployment of service meshes. Through this work, we consider a range of adversarial approaches and scenarios that comprehensively cover the available attack surface of service meshes. Our experimental results show a distinct lack in security support of service meshes when deployed under default configurations, and additionally, in many idealized scenarios studied, it is possible for attackers to achieve some of their adversarial goals, presenting tempting targets to attackers.

Microwave and mm-wave radars have been used extensively for remote sensing applications, and ultra-wideband (UWB) radars have provided particular utility in geophysical research due to their ability to resolve narrowly-spaced targets or media interface levels. With increased availability of unmanned aerial vehicles (UAS) and expanded application of microwave radars into other realms requiring portability, miniaturization of radar systems is a crucial goal. This thesis presents the design and development of various microwave components for a compact, airborne snow-probing radar with multi-gigahertz bandwidth and cm-scale vertical resolution.

 
First, a set of UWB, compact transmit and receive modules with custom power sequencing circuits is presented. These modules were rapid-prototyped as an initial step toward the miniaturization of the radar’s front-end, using a combination of custom and COTS circuits. The transmitter and receiver modules operate in the 2–18 GHz range. Laboratory and field tests are discussed, demonstrating performance that is comparable to previous, connectorized implementations of the system, while accomplishing a 5:1 size reduction.

Next, a set of miniaturized band-pass and low-pass filters is developed and demonstrated. This work addressed the lack of COTS circuits with adequate performance in a sufficiently small form factor that is compatible with the planar integration required in a multi-chip module.

The filters presented here were designed for manufacture on a multi-layer liquid crystal polymer (LCP) substrate. A detailed trade study to assess the effects of potential manufacturing tolerances is presented. A framework for the automated creation of panelized design variations was developed using CAD tools. Thirty-two design variations with two different types of launches (microstrip and grounded co-planar waveguide) were successfully simulated, fabricated and tested, showing good electrical performance both as individual filters and cascaded to offer outstanding out-of-band rejection. The size of the new filters is 1 cm x 1 cm x 150 µm, a vertical reduction of over 90% and a reduction of total cascaded length by over 80%.

Optical flow is the apparent displacement of objects, surfaces and edges in a visual scene caused because of the relative motion between an observer and the scene. This apparent displacement (parallax) is used to render optical flow lines for such objects which hold invaluable information about their motion. In this research, we apply this technique to study a video file. We will locate pixels of objects with strong optical flow displacements. Which will enable us to identify an aerial multirotor craft (drone) from possible object pixels. Further we will not only mark the drones path using optical flow lines, but we will also add value to the video file by augmenting the drone’s 3D Telemetry data onto its optical flow lines.

The deluge of wireless data traffic catalyzed by the growing number of data-intensive devices has motivated the deployment of small-cell in fifth-generation (5G) networks. A primary challenge for deploying dense small-cell networks comes from the lack of practical techniques that efficiently handle the increased network interference at a low cost. This has aroused considerable interest in the distributed precoder/combiner coordination techniques that leverage the channel reciprocity, while relying on the local channel state information (CSI) available at each communication end. In this project, a distributed approach is proposed to the problem of signal-to-interference-plus-noise-ratio (SINR)-guaranteed power minimization (SGPM) for multicell multiuser (MCMU) multiple-input multiple-output (MIMO) systems. Unlike prior SGPM approaches, the technique is based on solving necessary and sufficient optimality conditions, which are derived by decomposing the original problem into forward and backward (FB) subproblems, while ensuring the strong duality of each subproblems. The proposed distributed SGPM algorithm makes use of FB adaptation and Jacobi recursion for iterative filter design and power allocation, respectively, which guarantees target SINR performance as well as its convergence to a stationary point. Simulation results illustrate the enhanced power efficiency with the performance guarantees of the proposed method compared to the existing distributed techniques.

Proper synchronization between a transmitter and receiver, in terms of carrier phase and symbol timing, is critical for reliable communication. Carrier phase synchronization is related to the frequency translation hardware, where perfect synchronization means that the local oscillators of the transmitter’s upconverter and receiver’s downconverter are aligned in phase and frequency. Timing synchronization is related to the analog-to-digital converter in the receiver, where perfect synchronization means that samples of the received signal are taken at transmitted symbol times. Perfect synchronization is unlikely in practical systems for a number of reasons, including hardware limitations and the independence of the transmitter and receiver. This thesis explores an FPGA implementation of a PLL-based carrier phase and symbol timing synchronization subsystem as part of a 16-APSK aeronautical telemetry receiver. The theory behind this subsystem is presented, and the hardware implementation of each component is described. Results demonstrate successful demodulation of a test signal, and system performance is shown to be comparable to double-precision floating point simulations in terms of error vector magnitude, synchronization lock time, and BER.

Security decisions often rely on trust.  An emerging technology for gaining trust in a remote computing system is remote attestation.  Remote attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser over a network.  Although many existing approaches to remote attestation wisely adopt a layered architecture–where the bottom layers measure layers above–the dependencies between components remain static and measurement orderings fixed.  Further, they are often restricted to a specialized embedded platform, or only perform shallow measurements on a component of interest without considering the trustworthiness of its context or the attestation mechanism itself.  For modern computing environments with diverse topologies, we can no longer fix a target architecture any more than we can fix a protocol to measure that architecture.

Copland is a domain-specific language and formal framework that provides a vocabulary for specifying the goals of layered attestation protocols.  It remains configurable by measurement capability, participants, and platform topology, yet provides a precise reference semantics that characterizes system measurement events and evidence handling; a foundation for comparing protocol alternatives.  The aim of this work is to refine the Copland semantics to a more fine-grained notion of attestation manager execution–a high-privilege thread of control responsible for invoking attestation services and bundling evidence results.  This refinement consists of two cooperating components called the Copland Compiler and the Attestation Virtual Machine (AVM).  The Copland Compiler translates a Copland specification into a sequence of primitive attestation instructions to be executed in the AVM.  These components are implemented as functional programs in the Coq proof assistant and proved correct with respect to the Copland reference semantics.  This formal connection is critical in order to trust that protocol specifications are faithfully carried out by the attestation manger implementation.  We also explore synthesis of appraisal routines that leverage the same formally verified infrastructure to interpret evidence generated by Copland protocols and make trust decisions.

With the rapid growth in artificial intelligence (AI), AI technologies have completely changed our lives. Especially in the sports field, AI starts to play the role in auxiliary training, data management, and systems that analyze training performance for athletes. Golf is one of the most popular sports in the world, which frequently utilize video analysis during training. Video analysis falls into the computer vision category. Computer vision is the field that benefited most during the AI revolution, especially the emerging of deep learning. 

This thesis focuses on the problem of real-time detection and tracking of a golf ball from video sequences. We introduce an efficient and effective solution by integrating object detection and a discrete Kalman model. For ball detection, five classical convolutional neural network based detection models are implemented, including Faster R-CNN, SSD, RefineDet, YOLOv3, and its lite version, YOLOv3 tiny. At the tracking stage, a discrete Kalman filter is employed to predict the location of the golf ball based on its previous observations. As a trade-off between the detection accuracy and detection time, we took advantage of image patches rather than the entire images for detection. In order to train the detection models and test the tracking algorithm, we collect and annotate a collection of golf ball dataset. Extensive experimental results are performed to demonstrate the effectiveness of the proposed technique and compare the performance of different neural network models.

Roughly 1 in 5 people in the United States have an intellectual or developmental disability (IDD), which is a substantial amount of the population. In the realm of human-robot interaction, there have been many attempts to help these individuals lead more productive and independent lives. However, many of these solutions focus on helping individuals with IDD develop social skills. For the solutions that do focus on helping people with IDD increase their work productivity, many of these involve giving the user control over a robot that augments the worker’s capabilities. In this thesis, it is posited that an autonomous agent could effectively assist workers with IDD, thereby increasing their productivity. The artificially intelligent disability assistant (AIDA) is an autonomous agent that uses social scaffolding techniques to assist workers with IDD. Before designing the system, data was gathered by observing workers with IDD perform tasks in a light manufacturing facility.
To test the hypothesis, an initial Wizard-of-Oz (WoZ) experiment was conducted where subjects had to assemble a box using only either their dominant or non-dominant hand. During the experiment, subjects could ask the robot for assistance, but a human operator controlled whether the robot provided a response. After the experiment, subjects were required to complete a feedback survey. Additionally, this feedback was used to refine and build the autonomous system for AIDA.
The autonomous system is composed of data collection and processing modules, a scaffolding algorithm module, and robot action output modules. This system was tested in a simulated experiment using video recordings from the initial experiment. The results of the simulated experiment provide support for the hypothesis that an autonomous agent using social scaffolding techniques can increase the productivity of workers with IDD. In the future, it is desired to test the current system in a real-time experiment before using it on workers with IDD.

The phenomenal growth of the Internet of Things (IoT) has highlighted the security and privacy concerns associated with these devices. The research literature on the security architectures of IoT makes evident that we need to define and formalize a framework to secure the communications among these devices. To do so, it is important to focus on a zero-trust framework that will work on the principle premise of "trust no one, verify everyone" for every request and response.

In this thesis, we emphasize the immediate need for such a framework and propose a zero-trust communication model for IoT that addresses security and privacy concerns. We employ the existing cryptographic techniques to implement the framework so that it can be easily integrated into the current network infrastructures. The framework provides an end-to-end security framework for users and devices to communicate with each other privately. It is often stated that it is difficult to implement high-end encryption algorithm within the limited resource of an IoT device. For our work, we built a temperature and humidity sensor using NodeMCU V3 and were able to implement the framework and successfully evaluate and document its efficient operation. We defined four areas for evaluation and validation, namely, security of communications, memory utilization of the device, response time of operations, and cost of its implementation. For every aspect we defined a threshold to evaluate and validate our findings. The results are satisfactory and are documented. Our framework provides an easy-to-use solution where the security infrastructure acts as a backbone for every communication to and from the IoT devices.

The IWR6843 mmWave radar device from Texas Instruments (TI) is a complete FMCW radar system-on-chip operating in the 60 to 64 GHz frequency range. The IWR6843ISK is an evaluation platform which includes the IWR6843 connected to patch antennas on a PCB. In this project, the viability of using the IWR6843 sensor for short-range detection of small, high-velocity targets is investigated. Some of the limitations of the device are explored and a specific radar configuration is proposed. To confirm the applicability of the proposed configuration, a similar configuration is used with the IWR6843ISK-ODS evaluation platform to observe the launch of a foil-wrapped dart. The evaluation platform is used to collect raw data, which is then post-processed in a Python program to generate a range-doppler heatmap visualization of the data.