PhD, Electrical and Computer Engineering | Next position: Research Scientist, Security&Privacy Research, Intel Labs
- Email Address: vuk DOT lesi AT duke DOT edu
Received B.S. degree in Electrical and Computer Engineering from School of Electrical Engineering, University of Belgrade, Serbia, in July 2015. Started PhD studies at Duke in August 2015 and defended dissertation in August 2019.
My research interests span reconfigurable manufacturing systems, distributed industrial automation, embedded, and real-time systems. I source excitement for systems research from satisfaction of reducing research concepts into embedded platforms that operate in spite of real-world conditions. In systems research, I strive to balance between the beauty of abstract modeling and analysis, and the engineering practice required to utilize research results. I enjoy exercising my engineering skills through facing implementational challenges.
Major Projects and Select Artifacts
Reconfigurable Manufacturing Systems Testbeds
Modern manufacturing systems require fast and effective adaptation to fluctuating market conditions and product diversification. This high level of adaptability can be achieved through the use of Reconfigurable Manufacturing Systems (RMS), which should be based on modular equipment that is easily integrable, scalable, and convertible in terms of functionality, as well as self-diagnosable.
Reconfigurable Machine Tools
Major components of RMS are Reconfigurable Machine Tools that enable online system adaptation to facilitate manufacturing of diverse products through change of position and/or orientation of modules, modules swapping, and adding additional axes and/or spindles as needed. However, to achieve this, RMS necessitate the use of a dynamic controller architecture that is distributed, fully modular and self-configurable. We propose a design framework for reconfigurable machine tools through the use of modularized and distributed Computer Numerical Control (CNC). Specifically, we investigate design challenges for Plug-n-Play automation systems, where new system functionalities (such as adding new degrees of freedom (axes) in existing CNC systems) can be introduced without significant reconfiguration efforts and downtime costs.
We propose a fully distributed motion control architecture realized through a network of individual axis control modules. Reconfiguration of motion control systems based on this architecture can be achieved by only presenting the controller on each axis with information about machine configuration and the type of axis. This effectively enables modularity, reconfigurability, and interoperability of the machine control system. We conduct machining accuracy experiments based on standardized tests defined in ISO 230 and ISO 10791-7 standards under fully distributed motion control settings. Shown above is a distributed machine tool testbed based on multiple single-axis robots controlled by low-cost ARM Cortex-M4F MCUs, with optional wireless or wired communication for low-level synchronization and higher-level process coordination. The single-axis interface of 4 conductors for motor supply, 12 conductors for feedback position signaling and 12 conductors for limit switches is reduced solely to a power connection and a standard network connection (if wired networking is employed) enabling efficient reconfiguration of smart manufacturing resources both from the mechanical/electrical (i.e., HW), and control (i.e., SW) perspectives.
Video emphasizing Plug&Play aspects coming soon...
Resilient and Reliable Distributed Sequential Automation
Industrial Internet-of-Things (IIoT)-enabled equipment supports highly dynamic production environments by offering easily configurable building blocks for distributed manufacturing. These building blocks encapsulate sensing, actuation, and local control in smart manufacturing modules that expose network connectivity. However, most existing production systems are based on sequential automation that is conventionally centralized, i.e., not tailored for the distributed setting. In our work, we propose a framework for resilient and reliable automation distribution that starts from a centralized controller design and distributes the control functionality over IoT-enabled controllers in a manner that preserves functional equivalence of the obtained distributed system, compared to its centralized counterpart (stage 1 in framework figure).
Due to possible communication faults in potentially congested environments, we develop techniques to include stochastic channel models in performance and reliability analysis of the newly obtained distributed control (stage 2 in framework figure). We show how these models can be composed with the previously obtained distributed controller models, for a system-wide performance/reliability analysis (with probabilistic guarantees).
Moreover, we enable formal verification of correctness of the distributed control system by including non-deterministic adversarial models (stage 3). This allows us to provide strong safety/performance guarantees for the distributed control system in the presence of network-based adversaries.
Additionally, we support high-assurance code generation by utilizing verification results; specifically, we introduce suitable firmware patches (i.e., fault tolerant communication constructs and security services) for control code running on IoT-enabled controllers (stage 4). Finally, due to the dynamic operating environments of IoT-based deployments, we introduce runtime edge-based performance/reliability monitoring that is used to promptly alert at operational trends leading to failures/unsafe conditions by re-checking the models with updated process and channel models obtained from measurements during manufacturing process execution (stage 5).
We successfully applied our framework on real-world industrial systems and show how the usable lifecycle of an existing centralized control designs (based on languages defined in ISO 61131-3 and IEC 60848 standards) can be extended by automatically obtaining a correct-by-design IIoT-enabled distributed manufacturing deployment.
Details on our industrial case study coming soon...
Automotive Security Research Platform
Our eBuggy is an in-lab vehicle sized about 1/8 of an actual car which features a plethora of Electronic Control Units (ECUs) interconnected via standard CAN bus, communicating sensing and actuation information crucial to autonomous driving functionalities in a manner compatible with current automotive technologies. Sensors on the most recent version enable measurement of speed of each of the wheels and the drive motor (encoders), power consumption of the powertrain (Hall-effect sensor), surrounding obstacles and road conditions (camera, ultrasonic, and LIDAR). Besides the low-level CAN bus ECUs, the vehicle features an embedded graphics processing unit enabling autonomous functionalities such as lane keeping/switching (highway pilot) and obstacle detection/avoidance. Due to its realistic architecture, our eBuggy enables in-lab experimentation on a realistic attack surface, as well as efficient validation of research results and serves as a universal automotive systems security research platform. eBuggy was a major artifact in a technology transfer to Intel Labs.
P1) "Physics-based approach for attack detection and localization in closed-loop controls for autonomous vehicles", US Patent App. 16/021,409.
P2) "Methods and apparatus for anomaly detection and recovery", US Patent App. 16/235,812.
P3) "Security reporting via message tagging", US Patent App. 16/712,479.
P4) "Active attack detection in autonomous vehicle networks", US Patent App. 16/723,142.
P5) U.S. Patent App. Pending, Title temporarily undisclosable, application filed March 2020.
P6-11) U.S. Patent App. Drafting in progress, Title temporarily undisclosable.
J6) V. Lesi, I. Jovanov, and M. Pajic, "Integrating Security in Resource-Constrained Cyber-Physical Systems", ACM Transactions on Cyber-Physical Systems (TCPS), 2020.
J5) Z. Jakovljevic, V. Lesi, and M. Pajic, "Attacks on Distributed Sequential Control in Manufacturing Automation”, IEEE Transactions on Industrial Informatics (TII), 2020.
J4) V. Lesi, Z. Jakovljevic and M. Pajic, "Security Analysis for Distributed IoT-Based Industrial Automation”, arXiv preprint, arXiv:2006.00044, 2020.
J3) V. Lesi, Z. Jakovljevic, and M. Pajic, "Distributing Numerical Control for Reconfigurable Manufacturing Systems”, under review.
J2) Z. Jakovljevic, V. Lesi, S. Mitrovic, and M. Pajic, "Distributing Sequential Control for Manufacturing Automation Systems”, IEEE Transactions on Control Systems Technology (TCST), 2019.
J1) V. Lesi, I. Jovanov, and M. Pajic, "Security-Aware Scheduling of Embedded Control Tasks", ACM Transactions on Embedded Computing Systems, part of the ESWEEK-TECS special issue, presented in the ACM SIGBED International Conference on Embedded Software (EMSOFT), 2017. (Best Paper Award)
C6) V. Lesi, Z. Jakovljevic, and M. Pajic, “Synchronization of Distributed Controllers in Cyber-Physical Systems”, 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), 2019.
C5) V. Lesi, Z. Jakovljevic, and M. Pajic, "Reliable Industrial IoT-Based Distributed Automation", ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI), CPS-IoT Week, 2019.
C4) V. Lesi, Z. Jakovljevic, and M. Pajic, "Towards Resilient and Reliable Distributed Automation for Smart Manufacturing Systems", Workshop on Smart Manufacturing Modeling and Analysis (SM²N), CPS-IoT Week, 2019.
C3) V. Lesi, I. Jovanov, and M. Pajic, "Network Scheduling for Secure Cyber-Physical Systems", IEEE Real-Time Systems Symposium (RTSS), 2017.
C2) V. Lesi, I. Jovanov, and M. Pajic, "Security-Aware Scheduling of Embedded Control Tasks", ACM International Conference on Embedded Software (EMSOFT) - journal version appeared in ACM Transactions on Embedded Computing Systems (TECS), 2017. (Best Paper Award)
C1) V. Lesi, Z. Jakovljevic, and M. Pajic, "Towards Plug-n-Play Numerical Control for Reconfigurable Manufacturing Systems", 21st IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), 2016.