Seed Awards – Spring 2021

CISE and ENG Seed Awards for Innovative New Collaborations
Focus Area: Intelligent, Autonomous, and Secure Systems

Four Spring 2021 Seed Grants were awarded by the Boston University Center for Information & Systems Engineering (CISE) and the College of Engineering (ENG).  This joint seed funding program is aimed at enabling CISE affiliates and ENG faculty the opportunity to kickstart innovative interdisciplinary research projects, broaden significant research areas, and collect preliminary data to secure extramural support. The awarded projects focus on the theme of “Intelligent, Autonomous, and Secure Systems”, a mutual strategic core area for CISE and the College of Engineering.

Spring 2021 Seed Award Project Recipients

Securing Wireless Ingestible Medical Devices

PI:  Rabia Yazicigil, CISE affiliate and Assistant Professor (ECE) College of Engineering
Co-PI: David Starobinski, CISE affiliate and Professor (ECE, SE) College of Engineering

Project Summary: Wireless ingestible and implantable medical devices (IMDs), such as on-demand drug delivery systems, allow continuous monitoring and adjustment of healthcare delivery, potentially resulting in improved health outcomes. Security is a critical component in the design of these connected medical devices. Attacks on wireless IMDs are dangerous due to the life-critical nature of these devices and the sensitivity/privacy of the data being exchanged. Given hard constraints on energy and computation, securing these devices cannot solely rely on cryptographic mechanisms. To harden the security of wireless IMDs and as part of a new collaboration between the PIs, this project proposes (i) to assess the vulnerability of wireless IMDs to different types of attacks, such as denial-of-service, privacy breaches, and spoofing; (ii) to develop innovative counter-measures leveraging the physical layer, and (iii) to concretely demonstrate these solutions in the context of low-power wireless ingestible capsules used for inflammatory bowel disease monitoring. Our goal is to obtain preliminary results on these fronts and apply for funding from programs run by various agencies focusing on the cybersecurity of connected devices.

Learning from Interactions with Blind Users for Customized and Scalable Navigation Assistance Systems

PI: Eshed Ohn-Bar, CISE affiliate and Assistant Professor (ECE) Boston University School of Engineering
Co-PIs: Calin Belta, CISE affiliate and Professor (ME, SE, ECE) Boston University School of Engineering, and Venkatesh Saligrama, CISE affiliate and Professor (ECE) Boston University School of Engineering

Project Summary: Navigating to a destination in a new and unfamiliar environment, from finding the button of an elevator, to identifying landmarks along the path while avoiding dynamic obstacles, is an everyday task that we perform predominantly using sight. Due to challenges in non-visual navigation, the most practical solution today for blind individuals traveling across unfamiliar scenarios is to seek help from a sighted person or guide. To improve independence and quality-of-life, researchers have recently developed a variety of carefully engineered prototypical technologies for addressing assistive navigation, from robotic platforms to smart-canes and smartphone-based systems. However, when moved from small lab settings to the real-world, these solutions have limited use in meeting the needs of blind users because they primarily rely on significant manual setup for their operation and guidance feedback properties. Based on our preliminary analysis, the lack of customization can result in sub-optimal guidance, in particular during the most challenging navigation scenarios where certain users may need additional assistance for completing the task, e.g., open spaces, elevators, doors and entrances, etc. Consequently, existing systems are developed over pre-assumed users performing highly controlled and simplified navigation tasks. When encountering a new user (e.g., with different mobility skills or aids) or a new environment (e.g., various acoustic and layout properties), the interaction settings must be manually adjusted in a cumbersome, non-scalable process. Towards advancing the state-of-the-art of navigation technologies, our goal in this project is to develop automatically customizable assistive solutions in the context of guiding diverse blind users in unfamiliar environments. Our proposal studies user-based customization for increasing the utility of assistive navigation solutions beyond their current small-scale development scope, i.e., of narrow navigation tasks with a handful of users (generally between 3-10).

Task-Directed Semantic Exploration with Sparse Sensing

PI: Sean Andersson, CISE affiliate and Professor (ME, SE) College of Engineering
Co-PI: Roberto Tron, CISE affiliate and Assistant Professor (ME, SE) College of Engineering

Project Summary: We propose a novel approach for exploiting prior information about an environment in robot motion planning and control, with the goal of improving efficiency in terms of power, sensing, computation, and data storage in resource-constrained systems. Such constraints arise from the use of centimeter-scale robots such as the Harvard Robobee, the DelFly, or similar vehicles that have extremely limited on-board resources due to their size, from the use of robots for long-duration autonomous missions, or requirements in other application domains. We propose to efficienctly solve a task (such as, e.g., finding a specific object in the environment) under this resource-constrained setting by using the fact that broad types of environments have predictable layouts with predictable elements (such as structured indoor environments with office rooms, hallways and other structures; or unstructured outdoor environments with groupings of trees or meadows), and that tasks can be achieved with predictable sequences of actions that have context-dependent success probabilities. The prior information, formally encoded via graphical models and machine learning models, will be used to direct the limited resources of the robot to specific parts of the environment while taking educated guesses about what was not observed, allowing the robot to take the next action with the highest probability of overall success. By combining prior information, sparse mapping, and perception-aware planning, we will reduce the amount of sensing needed (thus minimizing the power, computation and on-board memory for acquiring, processing, and storing measurements), exploration time (by acquiring only information needed to complete the task), and overall computations.

EasyCSPeasy: Automatic XSS Prevention

PI: Gianluca Stringhini, Assistant Professor (ECE) College of Engineering
Co-PI: Manuel Egele, CISE affiliate and Assistant Professor (ECE) College of Engineering

Project Summary: Web-security is the cornerstone of our online life, and allows us to safely engage in online activities such as shopping, banking, and the management of medical records (e.g., BU’s Healthway to curb the spread of COVID-19 on campus1). The Content Security Policy (CSP) framework ratified by the World Wide Web Consortium (W3C) has developed into a central pillar to enable a secure and trust worthy Web. Unfortunately, the policy language has become sufficiently expressive and complicated leading to most web sites eschewing the use of CSP altogether.2 As hypothesized by prior work [1], the reason is that defining the policy that guards a given web-site is a labor-intensive and largely manual task that does not scale well with the ever-changing nature of today’s Web. Hence, the goal of this project is to research and develop a novel and automated capability that intelligently builds a security policy for arbitrary web-sites. To this end, the project will take a holistic viewpoint and address two complementary and synergistic thrusts of the web security challenge. First, the project will feature an automatic system that extracts a fine-grained CSP based on a web-site’s code. However, previous research highlighted that while CSP significantly reduces the attack surface in a web application, some attacks are still possible. To mitigate this, the second thrust will automatically rewrite a web-application’s source code to retrofit existing applications with the strong security primitive of Trusted Types.