hero image
Carl Elks, Ph.D. - VCU College of Engineering. Richmond, VA, US

Carl Elks, Ph.D.

Associate Professor, Department of Electrical and Computer Engineering | VCU College of Engineering


Professor Elks' career focuses on maturing and advancing the state of the art in the areas of safety assessment and fault tolerance.





Fun with bikes and rocks loading image





Dr. Elks’ professional experience and interests over the past 20 years are in the analysis, design and assessment of dependable embedded systems which are typically found in critical infrastructure such as nuclear power, medical systems, and autonomous vehicles. As such, his career has been focused on maturing and advancing the state of the art in the areas of safety assessment, cyber-security, and fault tolerance/resilience through education, innovation and technology demonstration projects. He is past recipient of the national technology transfer award from the Federal Laboratory Consortium.

His recent research and teaching interests include resilient Cyber Physical Systems, Systematic SW testing, Runtime Verification and Monitoring, Fault injection, cyber threat and vulnerability, and modernization strategies for energy and utility infrastructures.

Areas of Expertise (7)

Runtime Verification and Monitoring

Fault Injection for Cyber Physical Systems

Complexity Aware Design for Critical Systems

Assessment Methods for Dependable and High Integrity Systems

Cyber Physical Systems

Human System Interactions in Autonomous Systems

Biologically Inspired Self-Healing Systems

Education (2)

University of Virginia: Ph.D., Electrical Engineering 2005

University of Virginia: M.E., Electrical Engineering 1998

Affiliations (2)

  • IEEE
  • American Nuclear Society

Research Focus (1)

Cyber Physical Systems

Dependable and Secure Systems

Critical Cyber Physical Systems are becoming much more common in daily life, and better ways of assuring safety/security and preventing failures are essential. The complexity posed by Cyber-Physical Systems present grand challenges to design assurance, testing and verification. The state of practice for these systems is at a point where new methods and novel techniques are needed to adequately ensure trust in these critical systems.

UCI cycling worlds - ultimate CPSs..

Patents (1)

Idiosyncratic emissions fingerprinting method for identifying electronic devices


A method of producing idiosyncratic electronic emissions fingerprints from an electronic device is disclosed wherein emissions produced by the electronic device are collected and converted into one or more digital electronic fingerprints. T

Courses (3)

EGRE 429 Advanced Digital System Design

This course provides students with theoretical and practical foundations for advanced embedded systems design and cyber physical system applications. It extends the concepts introduced in EGRE 428. Special emphasis is placed on the design of advanced embedded computing platforms for cyber physical system applications. Topics covered include: introduction to cyber physical systems; cyber physical systems theory; FPGA and system-on-a-chip design environments; designing, developing and implementing cyber physical systems using FPGA and system-on-a-chip technology; real-time computing and operating systems; real-time sensor networks; engineering design standards; and verification and validation of complex designs. In the laboratory the students will use state-of-the-art system development tools to design, construct, test and verify a system-on-a-chip-based

view more

EGRE 428 Introduction to Integrated Systems Design

This course provides an introduction to integrated system design for computer engineers. Topics include hardware/software project design methodologies, integrated hardware and software design tools, life cycle costs analysis and requirements and specification analysis. Students are also introduced to concepts and design tools for FPGA and system-on-a-chip devices. Lectures are intended to support tasks required to execute a successful senior capstone experience. These tasks include, but are not limited to, project configuration management, customer interaction skills, requirements elicitation, simulation, procurement, design, testing and validation.

view more

EGRE 632. Dependable Embedded Systems

This course explores the rich set of issues that must be considered when dealing with dependable embedded systems in smart energy delivery, transportation, interconnected health and medical devices and smart buildings, which have one or more of the following attributes: need for safety, continuous reliable operation, resilient to disruptions, secure against cyber-attacks, operate in real-time, maintainable and designed correctly. Among the topics covered are fault-tolerant computing, reliability and safety engineering, understanding the origins of failures and errors, design criteria, software reliability, formal verification of designs, cyber security, review of standards in safety critical systems and social/legal concerns.

Selected Articles (13)

Understanding and Fixing Complex Faults in Embedded Systems

IEEE Computer Magazine, January 2021

Alexander Weiss, Smitha Gautham, Athira Varma Jayakumar, Carl Elks, D. Richard Kuhn, Raghu N. Kacker, and Thomas B. Pressers

Embedded systems are becoming much more common in daily life, and better ways of finding and preventing failures are essential. The complexity posed by Cyber-Physical Systems present grand challenges to testing and verification. The state of practice for embedded software is at a point where new methods and novel techniques are needed to adequately test these critical systems. Advancements in understanding the nature of complex faults, and applying this understanding in maturing testing and verification, make it possible to build embedded Cyber Physical Systems that are safe and secure.

Property-Based Fault Injection: A Novel Approach to Model-Based Fault Injection for Safety Critical Systems

International Symposium on Model-Based Safety and Assessment (IMBSA 2020). Springer, Cham, 2020

Jayakumar, Athira Varma, and Carl Elks

With the recent popularity of model-based design and verification (MBDE), fault injection testing at the functional model level is gaining significant interest. The reason for this interest is it aids in detecting design errors and incorrect requirements very early in the development lifecycle. The work presented in this paper describes a model based fault injection framework that is property based and applies formal model checking verification methods at the functional model level of design thereby guaranteeing a near-exhaustive state, input and fault space coverage. The framework ensures complete fault injection coverage by offering an automated integration of fault injection saboteurs throughout the model.

An Attacker Modeling Framework for the Assessment of Cyber-Physical Systems Security

39th International Symposium on Safety Security and Reliability (SAFECOMP), September 2020

Deloglos, Christopher, Carl Elks, and Ashraf Tantawy

This paper proposes a flexible attacker modeling framework that aids in the security analysis process by simulating a diverse set of attacker behaviors to predict attack progression and provide consistent system vulnerability analysis. The model proposes an expanded architecture of vulnerability databases to maximize its effectiveness and consistency in detecting CPS vulnerabilities while being compatible with existing vulnerability databases. The model has the power to be implemented and simulated against an actual or virtual CPS. Execution of the attacker model is demonstrated against a simulated industrial control system architecture, resulting in a probabilistic prediction of attacker behavior.

view more

Fundamental Challenges of Cyber-Physical Systems Security Modeling

IEEE 50th Dependable Systems and Networks Conference, 2020

Bakirtzis, G., Ward, G.L., Deloglos, C.J., Elks, C.R., Horowitz, B.M. and Fleming, C.H

Systems modeling practice lacks security analysis tools that can interface with modeling languages to facilitate security by design. Security by design is a necessity in the age of safety critical cyber-physical systems, where security violations can cause hazards. Currently, the overlap between security and safety is narrow. But deploying cyber-physical systems means that today's adversaries can intentionally trigger accidents. By implementing security assessment tools for modeling languages we are better able to address threats earlier in the system's lifecycle and, therefore, assure their safe and secure behavior in their eventual deployment. We posit that cyber-physical systems security modeling is practiced insufficiently because it is still addressed similarly to information technology systems.

A Model-based Approach to Security Analysis for Cyber-Physical Systems

2018 Annual IEEE International Systems conference (SysCon)

Georgios Bakirtzis, Bryan T Carter, Carl R Elks, Cody H Fleming

Evaluating the security of cyber-physical systems throughout their life cycle is necessary to assure that they can be deployed and operated in safety-critical applications, such as infrastructure, military, and transportation. Most safety and security decisions that can have major effects on mitigation strategy options after deployment are made early in the system's life cycle. To allow for a cyber-vulnerability analysis before deployment, a sufficient well-formed model has to be constructed. To construct such a model we produce a taxonomy of attributes; that is, a generalized schema for system attributes. This schema captures the necessary specificity that characterizes a possible real system and can also map to the attack vector space associated with the model's attributes.

view more

Systematic Software Testing of Critical Embedded Digital Devices in Nuclear Power Applications

The 31st IEEE International Symposium on Software Reliability Engineering(ISSRE) - 2020

Athira Varma Jayakumar, Smitha Gautham, Richard Kuhn, Brandon Simons, Aidan Collins, Thomas Dirsch, Raghu Kacker, and Carl Elks

The motivation for this research was to investigate the efficacy and challenges that arise when planning, automating, and conducting systematic software testing on actual real time embedded digital device. In this paper we present results on the application of a systematic testing methodology called Pseudo-Exhaustive testing. The systematic testing methods were applied at the unit, module integration levels of the software. The findings suggest that Pseudo Exhaustive testing supported automated testing technology is an effective and efficient approach to testing real time embedded digital devices in support of nuclear regulatory guidelines.

Multilevel Runtime Security and Safety Monitoring for Cyber Physical Systems using Model-based Engineering

39th International Conference on Computer Safety, Reliability, and Security (SAFECOMP)

Smitha Gautham, Athira V Jayakumar, Carl Elks

To ensure safety and security of high integrity CPSs, we present a multilevel runtime monitor approach where there are monitors at each level of processing and integration. In the proposed multi-level monitoring framework, some monitoring properties are formally defined using Event Calculus. We then demonstrate the need for multilevel monitors for faster detection and isolation of attacks by performing data attack and fault injection on a Simulink CPS model.

Data-Driven Vulnerability Exploration for Design Phase System Analysis

IEEE Systems Journal (2019)

Bakirtzis, Georgios, Brandon J. Simon, Aidan G. Collins, Cody Harrison Fleming, and Carl R. Elks

Applying security as a lifecycle practice is becoming increasingly important to combat targeted attacks in safety critical systems. Among others there are two significant challenges in this area: (1) the need for models that can characterize a realistic system in the absence of an implementation and (2) an automated way to associate attack vector information; that is, historical data, to such system models. We propose the cybersecurity body of knowledge (CYBOK), which takes in sufficiently characteristic models of systems and acts as a search engine for potential attack vectors. CYBOK is fundamentally an algorithmic approach to vulnerability exploration, which is a significant extension to the body of knowledge it builds upon. By using CYBOK, security analysts and system designers can work together to assess the overall security posture of systems early in their lifecycle, during major design decisions and before final product designs. Consequently, assisting in applying security earlier and throughout the systems lifecycle.

view more

A Self-Repairing Hardware Architecture for Safety-Critical Cyber-Physical-Systems

IET Cyber-Physical Systems: Theory & Applications Journal (2019).

Khairullah, Shawkat, and Elks, Carl

This paper presents a new self-healing FPGA hardware architecture inspired by integrating biological concepts, fault tolerance techniques, and IEC 61131-3 operational schematics to facilitate adaption in automation and critical infrastructure. The proposed architecture is organized in two levels: the critical functions layer used for providing the intended service of the application and the healing layer that continuously monitors the correct execution of that application and generates health syndromes to heal any failure occurrence inside the functions layer. Finally, two industrial applications have been mapped on this architecture to date and we believe the nexus of its concepts can positively impact the next generation of critical cyber-physical-systems in industrial automation.

Lessons and Experiences Learned Applying Model Based Engineering to Safety Critical FPGA Designs

11th International Workshop on the Application of FPGAs in Nuclear Power - 2018

R. Hite, A. Tantawy, M. Gibson, S. Gautham, C. Deloglos, A. Jayakumar, and C.R. Elks

This paper focuses on the design, modeling, verification and validation strategies developed in support of a FPGA based safety critical architecture called SymPle that is targeted for use in Nuclear Protection systems. We present our experiences and lessons learned in developing a model-based IEC 61508 compliant verification workflow to achieve end-to-end verification from the requirements, model, code and hardware implementation using MathWorks Simulink Tools and Mentor Graphics Questa tool.

SymPLe 1131: A novel architecture solution for the realization of verifiable digital I&C systems and embedded digital devices

10th Int. Topical Meeting on Nuclear Plant Instrumentation, Control, and Human Machine Interface Technologies (NPIC/HMIT)- 2017

CR Elks, T Bakker, R Hite, S Gautham, V Venkatesh, J Moore

This paper presents the work done regarding an FPGA overlay architecture called SymPLe. SymPLe is designed to reduce the gap between software and hardware approaches for digital I&C systems and increases deterministic behavior and verifiability of the application, architecture and safety-critical system while reasoning about CCF.

Design of a high performance FPGA based fault injector for real-time safety-critical systems

22nd IEEE International Conference on. Application-specific Systems, Architectures and Processors - 2011

Marko Miklo, Ron Willaims, and Carl Elks

We demonstrate a novel fault injection system implemented on a commercial Field-Programmable Gate Array board. The fault injector is unobtrusive to the target system as it utilizes only standardized On-Chip-Debugger (OCD) interfaces present on most current processors. This effort resulted in faults being injected orders of magnitude faster than by utilizing a commercial OCD debugger, while incorporating novel features such as concurrent injection of faults into distinct target processors.

view more

Application of a fault injection based dependability assessment process to a commercial safety critical nuclear reactor protection system

IEEE 40th Dependable Systems and Networks (DSN) Conference - 2010

C. Elks, M. Reynolds, B. Johnson, N. George, M. Waterman, and J. Dion

In this paper, we present a fault injection based safety assessment methodology that was applied to a commercial safety grade digital Reactor Protection System. Approximately 10,000 fault injections were applied to the system. This paper presents a overview of the research effort, lessons learned, and the results of the endeavor.

view more