9 research outputs found
A Colonel Blotto Game for Interdependence-Aware Cyber-Physical Systems Security in Smart Cities
Smart cities must integrate a number of interdependent cyber-physical systems
that operate in a coordinated manner to improve the well-being of the city's
residents. A cyber-physical system (CPS) is a system of computational elements
controlling physical entities. Large-scale CPSs are more vulnerable to attacks
due to the cyber-physical interdependencies that can lead to cascading failures
which can have a significant detrimental effect on a city. In this paper, a
novel approach is proposed for analyzing the problem of allocating security
resources, such as firewalls and anti-malware, over the various cyber
components of an interdependent CPS to protect the system against imminent
attacks. The problem is formulated as a Colonel Blotto game in which the
attacker seeks to allocate its resources to compromise the CPS, while the
defender chooses how to distribute its resources to defend against potential
attacks. To evaluate the effects of defense and attack, various CPS factors are
considered including human-CPS interactions as well as physical and topological
characteristics of a CPS such as flow and capacity of interconnections and
minimum path algorithms. Results show that, for the case in which the attacker
is not aware of the CPS interdependencies, the defender can have a higher
payoff, compared to the case in which the attacker has complete information.
The results also show that, in the case of more symmetric nodes, due to
interdependencies, the defender achieves its highest payoff at the equilibrium
compared to the case with independent, asymmetric nodes
Game Theory for Secure Critical Interdependent Gas-Power-Water Infrastructure
A city's critical infrastructure such as gas, water, and power systems, are
largely interdependent since they share energy, computing, and communication
resources. This, in turn, makes it challenging to endow them with fool-proof
security solutions. In this paper, a unified model for interdependent
gas-power-water infrastructure is presented and the security of this model is
studied using a novel game-theoretic framework. In particular, a zero-sum
noncooperative game is formulated between a malicious attacker who seeks to
simultaneously alter the states of the gas-power-water critical infrastructure
to increase the power generation cost and a defender who allocates
communication resources over its attack detection filters in local areas to
monitor the infrastructure. At the mixed strategy Nash equilibrium of this
game, numerical results show that the expected power generation cost deviation
is 35\% lower than the one resulting from an equal allocation of resources over
the local filters. The results also show that, at equilibrium, the
interdependence of the power system on the natural gas and water systems can
motivate the attacker to target the states of the water and natural gas systems
to change the operational states of the power grid. Conversely, the defender
allocates a portion of its resources to the water and natural gas states of the
interdependent system to protect the grid from state deviations.Comment: 7 pages, in proceedings of Resilience Week 201
Characterizing the interplay between information and strength in Blotto games
In this paper, we investigate informational asymmetries in the Colonel Blotto
game, a game-theoretic model of competitive resource allocation between two
players over a set of battlefields. The battlefield valuations are subject to
randomness. One of the two players knows the valuations with certainty. The
other knows only a distribution on the battlefield realizations. However, the
informed player has fewer resources to allocate. We characterize unique
equilibrium payoffs in a two battlefield setup of the Colonel Blotto game. We
then focus on a three battlefield setup in the General Lotto game, a popular
variant of the Colonel Blotto game. We characterize the unique equilibrium
payoffs and mixed equilibrium strategies. We quantify the value of information
- the difference in equilibrium payoff between the asymmetric information game
and complete information game. We find information strictly improves the
informed player's performance guarantee. However, the magnitude of improvement
varies with the informed player's strength as well as the game parameters. Our
analysis highlights the interplay between strength and information in
adversarial environments.Comment: 8 pages, 2 figures. Accepted for presentation at 58th Conference on
Decision and Control (CDC), 201
Cyber-Physical Power System (CPPS): A Review on Modelling, Simulation, and Analysis with Cyber Security Applications
Cyber-Physical System (CPS) is a new kind of digital technology that increases its attention across academia, government, and industry sectors and covers a wide range of applications like agriculture, energy, medical, transportation, etc. The traditional power systems with physical equipment as a core element are more integrated with information and communication technology, which evolves into the Cyber-Physical Power System (CPPS). The CPPS consists of a physical system tightly integrated with cyber systems (control, computing, and communication functions) and allows the two-way flows of electricity and information for enabling smart grid technologies. Even though the digital technologies monitoring and controlling the electric power grid more efficiently and reliably, the power grid is vulnerable to cybersecurity risk and involves the complex interdependency between cyber and physical systems. Analyzing and resolving the problems in CPPS needs the modelling methods and systematic investigation of a complex interaction between cyber and physical systems. The conventional way of modelling, simulation, and analysis involves the separation of physical domain and cyber domain, which is not suitable for the modern CPPS. Therefore, an integrated framework needed to analyze the practical scenario of the unification of physical and cyber systems. A comprehensive review of different modelling, simulation, and analysis methods and different types of cyber-attacks, cybersecurity measures for modern CPPS is explored in this paper. A review of different types of cyber-attack detection and mitigation control schemes for the practical power system is presented in this paper. The status of the research in CPPS around the world and a new path for recommendations and research directions for the researchers working in the CPPS are finally presented.publishedVersio