Agents
Building A Secure Agentic AI Application Leveraging A2A Protocol
Habler, Idan, Huang, Ken, Narajala, Vineeth Sai, Kulkarni, Prashant
As Agentic AI systems evolve from basic workflows to complex multi agent collaboration, robust protocols such as Google's Agent2Agent (A2A) become essential enablers. To foster secure adoption and ensure the reliability of these complex interactions, understanding the secure implementation of A2A is essential. This paper addresses this goal by providing a comprehensive security analysis centered on the A2A protocol. We examine its fundamental elements and operational dynamics, situating it within the framework of agent communication development. Utilizing the MAESTRO framework, specifically designed for AI risks, we apply proactive threat modeling to assess potential security issues in A2A deployments, focusing on aspects such as Agent Card management, task execution integrity, and authentication methodologies. Based on these insights, we recommend practical secure development methodologies and architectural best practices designed to build resilient and effective A2A systems. Our analysis also explores how the synergy between A2A and the Model Context Protocol (MCP) can further enhance secure interoperability. This paper equips developers and architects with the knowledge and practical guidance needed to confidently leverage the A2A protocol for building robust and secure next generation agentic applications.
Enterprise-Grade Security for the Model Context Protocol (MCP): Frameworks and Mitigation Strategies
Narajala, Vineeth Sai, Habler, Idan
The overall security framework (see Figure 2) provides a high-level overview of the security framework. A. MCP Server-Side Mitigations 1) Network Segmentation and Microsegmentation: Network segmentation is a fundamental security strategy that goes beyond traditional perimeter-based defenses. In MCP environments, this approach is exponentially more critical due to the protocol's dynamic nature of tool interactions. Dedicated MCP Security Zones: Isolate MCP servers and critical components within dedicated network segments (e.g., Virtual Local Area Networks (VLANs), Virtual Private Cloud (VPC) subnets) with strict ingress/egress filtering rules based on the principle of least privilege. Use Security groups as well in Cloud Environments like A WS. Service Mesh Implementation: Employ a service mesh (e.g., Istio) to enforce fine-grained, identity-based traffic control (mutual Transport Layer Security - mTLS) between MCP microservices and connected tools, independent of network topology when using Kubernetes architecture. Application-Layer Filtering Gateways: Deploy gateways (e.g., Web Application Firewalls (W AFs), API Gateways) capable of deep packet inspection (DPI) for MCP traffic, configured with rules to detect protocol anomalies, malicious payloads in tool descriptions/parameters, and known attack signatures.
Discovering dynamical laws for speech gestures
A fundamental challenge in the cognitive sciences is discovering the dynamics that govern behaviour. Take the example of spoken language, which is characterised by a highly variable and complex set of physical movements that map onto the small set of cognitive units that comprise language. What are the fundamental dynamical principles behind the movements that structure speech production? In this study, we discover models in the form of symbolic equations that govern articulatory gestures during speech. A sparse symbolic regression algorithm is used to discover models from kinematic data on the tongue and lips. We explore these candidate models using analytical techniques and numerical simulations, and find that a second-order linear model achieves high levels of accuracy, but a nonlinear force is required to properly model articulatory dynamics in approximately one third of cases. This supports the proposal that an autonomous, nonlinear, second-order differential equation is a viable dynamical law for articulatory gestures in speech. We conclude by identifying future opportunities and obstacles in data-driven model discovery and outline prospects for discovering the dynamical principles that govern language, brain and behaviour.
"Trust me on this" Explaining Agent Behavior to a Human Terminator
Menkes, Uri, Hallak, Assaf, Amir, Ofra
Consider a setting where a pre-trained agent is operating in an environment and a human operator can decide to temporarily terminate its operation and take-over for some duration of time. These kind of scenarios are common in human-machine interactions, for example in autonomous driving, factory automation and healthcare. In these settings, we typically observe a trade-off between two extreme cases -- if no take-overs are allowed, then the agent might employ a sub-optimal, possibly dangerous policy. Alternatively, if there are too many take-overs, then the human has no confidence in the agent, greatly limiting its usefulness. In this paper, we formalize this setup and propose an explainability scheme to help optimize the number of human interventions.
An Efficient Real-Time Planning Method for Swarm Robotics Based on an Optimal Virtual Tube
Mao, Pengda, Lv, Shuli, Min, Chen, Shen, Zhaolong, Quan, Quan
Swarm robotics navigating through unknown obstacle environments is an emerging research area that faces challenges. Performing tasks in such environments requires swarms to achieve autonomous localization, perception, decision-making, control, and planning. The limited computational resources of onboard platforms present significant challenges for planning and control. Reactive planners offer low computational demands and high re-planning frequencies but lack predictive capabilities, often resulting in local minima. Long-horizon planners, on the other hand, can perform multi-step predictions to reduce deadlocks but cost much computation, leading to lower re-planning frequencies. This paper proposes a real-time optimal virtual tube planning method for swarm robotics in unknown environments, which generates approximate solutions for optimal trajectories through affine functions. As a result, the computational complexity of approximate solutions is $O(n_t)$, where $n_t$ is the number of parameters in the trajectory, thereby significantly reducing the overall computational burden. By integrating reactive methods, the proposed method enables low-computation, safe swarm motion in unknown environments. The effectiveness of the proposed method is validated through several simulations and experiments.
Explainable AI Based Diagnosis of Poisoning Attacks in Evolutionary Swarms
Asadi, Mehrdad, Rฤdulescu, Roxana, Nowรฉ, Ann
Swarming systems, such as for example multi-drone networks, excel at cooperative tasks like monitoring, surveillance, or disaster assistance in critical environments, where autonomous agents make decentralized decisions in order to fulfill team-level objectives in a robust and efficient manner. Unfortunately, team-level coordinated strategies in the wild are vulnerable to data poisoning attacks, resulting in either inaccurate coordination or adversarial behavior among the agents. To address this challenge, we contribute a framework that investigates the effects of such data poisoning attacks, using explainable AI methods. We model the interaction among agents using evolutionary intelligence, where an optimal coalition strategically emerges to perform coordinated tasks. Then, through a rigorous evaluation, the swarm model is systematically poisoned using data manipulation attacks. We showcase the applicability of explainable AI methods to quantify the effects of poisoning on the team strategy and extract footprint characterizations that enable diagnosing. Our findings indicate that when the model is poisoned above 10%, non-optimal strategies resulting in inefficient cooperation can be identified.
Autonomous Embodied Agents: When Robotics Meets Deep Learning Reasoning
The increase in available computing power and the Deep Learning revolution have allowed the exploration of new topics and frontiers in Artificial Intelligence research. A new field called Embodied Artificial Intelligence, which places at the intersection of Computer Vision, Robotics, and Decision Making, has been gaining importance during the last few years, as it aims to foster the development of smart autonomous robots and their deployment in society. The recent availability of large collections of 3D models for photorealistic robotic simulation has allowed faster and safe training of learning-based agents for millions of frames and a careful evaluation of their behavior before deploying the models on real robotic platforms. These intelligent agents are intended to perform a certain task in a possibly unknown environment. To this end, during the training in simulation, the agents learn to perform continuous interactions with the surroundings, such as gathering information from the environment, encoding and extracting useful cues for the task, and performing actions towards the final goal; where every action of the agent influences the interactions. This dissertation follows the complete creation process of embodied agents for indoor environments, from their concept to their implementation and deployment. We aim to contribute to research in Embodied AI and autonomous agents, in order to foster future work in this field. We present a detailed analysis of the procedure behind implementing an intelligent embodied agent, comprehending a thorough description of the current state-of-the-art in literature, technical explanations of the proposed methods, and accurate experimental studies on relevant robotic tasks.
Virtual Force-Based Routing of Modular Agents on a Graph
Casselman, Adam, Vora, Manav, Ornik, Melkior
Modular vehicles have become an area of academic interest in the field of multi-agent systems. Modularity allows vehicles to connect and disconnect with each other mid-transit which provides a balance between efficiency and flexibility when solving complex and large scale tasks in urban or aerial transportation. This paper details a generalized scheme to route multiple modular agents on a graph to a predetermined set of target nodes. The objective is to visit all target nodes while incurring minimum resource expenditure. Agents that are joined together will incur the equivalent cost of a single agent, which is motivated by the logistical benefits of traffic reduction and increased fuel efficiency. To solve this problem, we introduce a heuristic algorithm that seeks to balance the optimality of the path that an agent takes and the cost benefit of joining agents. Our approach models the agents and targets as point charges, where the agents take the path of highest attractive force from its target node and neighboring agents. We validate our approach by simulating multiple modular agents along real-world transportation routes in the road network of Champaign-Urbana, Illinois, USA. For two vehicles, it performed equally compared to an existing modular-agent routing algorithm. Three agents were then routed using our method and the performance was benchmarked against non-modular agents using a simple shortest path policy where it performs better than the non-modular implementation 81 percent of the time. Moreover, we show that the proposed algorithm operates faster than existing routing methods for modular agents.
Wireless Communication as an Information Sensor for Multi-agent Cooperative Perception: A Survey
Song, Zhiying, Xie, Tenghui, Wen, Fuxi, Li, Jun
Wireless Communication as an Information Sensor for Multi-agent Cooperative Perception: A Survey Zhiying Song, Tenghui Xie, Fuxi Wen, Senior Member, IEEE, Jun Li Abstract --Cooperative perception extends the perception capabilities of autonomous vehicles by enabling multi-agent information sharing via V ehicle-to-Everything (V2X) communication. Unlike traditional onboard sensors, V2X acts as a dynamic "information sensor" characterized by limited communication, heterogeneity, mobility, and scalability. This survey provides a comprehensive review of recent advancements from the perspective of information-centric cooperative perception, focusing on three key dimensions: information representation, information fusion, and large-scale deployment. We categorize information representation into data-level, feature-level, and object-level schemes, and highlight emerging methods for reducing data volume and compressing messages under communication constraints. In information fusion, we explore techniques under both ideal and non-ideal conditions, including those addressing heterogeneity, localization errors, latency, and packet loss. Finally, we summarize system-level approaches to support scalability in dense traffic scenarios. Compared with existing surveys, this paper introduces a new perspective by treating V2X communication as an information sensor and emphasizing the challenges of deploying cooperative perception in real-world intelligent transportation systems. I NTRODUCTION Autonomous vehicles rely on perception systems to navigate complex scenarios. These systems typically integrate multiple onboard sensors, such as LiDAR and cameras. However, single-vehicle perception has inherent limitations, such as sensor range constraints and occlusion, which fragment the operational design domain and compromise safety [1].
Fast2comm:Collaborative perception combined with prior knowledge
Zhang, Zhengbin, Wu, Yan, Zhang, Hongkun
Collaborative perception has the potential to significantly enhance perceptual accuracy through the sharing of complementary information among agents. However, real-world collaborative perception faces persistent challenges, particularly in balancing perception performance and bandwidth limitations, as well as coping with localization errors. To address these challenges, we propose Fast2comm, a prior knowledge-based collaborative perception framework. Specifically, (1)we propose a prior-supervised confidence feature generation method, that effectively distinguishes foreground from background by producing highly discriminative confidence features; (2)we propose GT Bounding Box-based spatial prior feature selection strategy to ensure that only the most informative prior-knowledge features are selected and shared, thereby minimizing background noise and optimizing bandwidth efficiency while enhancing adaptability to localization inaccuracies; (3)we decouple the feature fusion strategies between model training and testing phases, enabling dynamic bandwidth adaptation. To comprehensively validate our framework, we conduct extensive experiments on both real-world and simulated datasets. The results demonstrate the superior performance of our model and highlight the necessity of the proposed methods. Our code is available at https://github.com/Zhangzhengbin-TJ/Fast2comm.