A Temporal Framework for Hypergame Analysis of Cyber Physical Systems in Contested Environments

Game theory is used to model conflicts between one or more players over resources. It offers players a way to reason, allowing rationale for selecting strategies that avoid the worst outcome. Game theory lacks the ability to incorporate advantages one player may have over another player. A meta-game, known as a hypergame, occurs when one player does not know or fully understand all the strategies of a game. Hypergame theory builds upon the utility of game theory by allowing a player to outmaneuver an opponent, thus obtaining a more preferred outcome with higher utility. Recent work in hypergame theory has focused on normal form static games that lack the ability to encode several realistic strategies. One example of this is when a player’s available actions in the future is dependent on his selection in the past. This work presents a temporal framework for hypergame models. This framework is the first application of temporal logic to hypergames and provides a more flexible modeling for domain experts. With this new framework for hypergames, the concepts of trust, distrust, mistrust, and deception are formalized. While past literature references deception in hypergame research, this work is the first to formalize the definition for hypergames. As a demonstration of the new temporal framework for hypergames, it is applied to classical game theoretical examples, as well as a complex supervisory control and data acquisition (SCADA) network temporal hypergame. The SCADA network is an example includes actions that have a temporal dependency, where a choice in the first round affects what decisions can be made in the later round of the game. The demonstration results show that the framework is a realistic and flexible modeling method for a variety of applications

Empirical Game Theoretic Models for Autonomous Driving: Methods and Applications

In recent years, there has been enormous public interest in autonomous vehicles (AV), with more than 80 billion dollars invested in self-driving car technology. However, for the foreseeable future, self-driving cars will interact with human driven vehicles and other human road users, such as pedestrians and cyclists. Therefore, in order to ensure safe operation of AVs, there is need for computational models of humans traffic behaviour that can be used for testing and verification of autonomous vehicles. Game theoretic models of human driving behaviour is a promising computational tool that can be used in many phases of AV development. However, traditional game theoretic models are typically built around the idea of rationality, i.e., selection of the most optimal action based on individual preferences. In reality, not only is it hard to infer diverse human preferences from observational data, but real-world traffic shows that humans rarely choose the most optimal action that a computational model suggests. The thesis makes a set of methodological contributions towards modelling sub-optimality in driving behaviour within a game theoretic framework. These include solution concepts that account for boundedly rational behaviour in hierarchical games, addressing challenges of bounded rationality in dynamic games, and estimation of multi-objective utility aggregation from observational data. Each of these contributions are evaluated based on a novel multi-agent traffic dataset. Building on the game theoretic models, the second part of the thesis demonstrates the application of the models by developing novel safety validation methodologies for testing AV planners. The first application is an automated generation of interpretable variations of lane change behaviour based on Quantal Best Response model. The proposed model is shown to be effective for generating both rare-event situations and to replicate the typical behaviour distribution observed in naturalistic data. The second application is safety validation of strategic planners in situations of dynamic occlusion. Using the concept of hypergames, in which different agents have different views of the game, the thesis develops a new safety surrogate metric, dynamic occlusion risk (DOR), that can be used to evaluate the risk associated with each action in situations of dynamic occlusion. The thesis concludes with a taxonomy of strategic interactions that maps complex design specific strategies in a game to a simpler taxonomy of traffic interactions. Regulations around what strategies an AV should execute in traffic can be developed over the simpler taxonomy, and a process of automated mapping can protect the proprietary design decisions of an AV manufacturer

A network-based framework for strategic conflict resolution

Strategic conflict in this work refers to the spectrum of co-operative and oppositional activities in which organisations engage when their interests meet. The origin of the work is in the management and prediction of corporate strategic conflict, but it will be seen that there are significant similarities between corporate struggle and that of international relations. Following a review of the nature of conflict and the characteristics of strategic decision making, the work examines the effectiveness of three existing general approaches to conflict modelling and management, namely informal and qualitative methods; general systems analysis methods; and game theoretic approaches. Desirable criteria for a strategic conflict management framework are derived and a framework is then proposed which has three components: - Setting thefuture environment The future of the organisation is described by a network of states of nature. Resolving the Conflict Within each of the states which represent the future, the options for participants are identified and the possible outcomes and interim states identified. An analysis of the influence and power of the participants over transitions between states is carried out, which indicates likely development paths in the conflict, from which conclusions can be drawn about both the likely outcomes, and about the actions which should be taken by a company to bring about preferred outcomes. Closing the Loop Feedback of information obtained by analysis and by contact with the real world back into the two structures described above allows examination of the effect of changing perspectives and the differing beliefs of participants. The application of the framework is shown through case studies examining thejustifiability and appropriateness of each of its elements and as a whole. These case studies cover both small and large companies, a variety of business conflict cases, both live and retrospective and draw on the recorded material in international relations for examples of non- . commercial conflict. Future development paths are identified for the conceptEThOS - Electronic Theses Online ServiceGBUnited Kingdo

An object-oriented approach to structuring multicriteria decision support in natural resource management problems

Includes bibliographical references.The undertaking of MCDM (Multicriteria Decision Making) and the development of DSSs (Decision Support Systems) tend to be complex and inefficient, leading to low productivity in decision analysis and DSSs. Towards this end, this study has developed an approach based on object orientation for MCDM and DSS modelling, with the emphasis on natural resource management. The object-oriented approach provides a philosophy to model decision analysis and DSSs in a uniform way, as shown by the diagrams presented in this study. The solving of natural resource management decision problems, the MCDM decision making procedure and decision making activities are modelled in an object-oriented way. The macro decision analysis system, its DSS, the decision problem, the decision context, and the entities in the decision making procedure are represented as "objects". The object-oriented representation of decision analysis also constitutes the basis for the analysis ofDSSs

Constrained Rationality: Formal Value-Driven Enterprise Knowledge Management Modelling and Analysis Framework for Strategic Business, Technology and Public Policy Decision Making & Conflict Resolution

The complexity of the strategic decision making environments, in which busi- nesses and governments live in, makes such decisions more and more difficult to make. People and organizations with access to the best known decision support modelling and analysis tools and methods cannot seem to benefit from such re- sources. We argue that the reason behind the failure of most current decision and game theoretic methods is that these methods are made to deal with operational and tactical decisions, not strategic decisions. While operational and tactical decisions are clear and concise with limited scope and short-term implications, allowing them to be easily formalized and reasoned about, strategic decisions tend to be more gen- eral, ill-structured, complex, with broader scope and long-term implications. This research work starts with a review of the current dominant modelling and analysis approaches, their strengths and shortcomings, and a look at how pioneers in the field criticize these approaches as restrictive and unpractical. Then, the work goes on to propose a new paradigm shift in how strategic decisions and conflicts should be modelled and analyzed. Constrained Rationality is a formal qualitative framework, with a robust method- ological approach, to model and analyze ill-structured strategic single and multi- agent decision making situations and conflicts. The framework brings back the strategic decision making problem to its roots, from being an optimization/efficiency problem about evaluating predetermined alternatives to satisfy predetermined pref- erences or utility functions, as most current decision and game theoretic approaches treats it, to being an effectiveness problem of: 1) identifying and modelling explic- itly the strategic and conflicting goals of the involved agents (also called players and decision makers in our work), and the decision making context (the external and internal constraints including the agents priorities, emotions and attitudes); 2) finding, uncovering and/or creating the right set of alternatives to consider; and then 3) reasoning about the ability of each of these alternatives to satisfy the stated strategic goals the agents have, given their constraints. Instead of assuming that the agents’ alternatives and preferences are well-known, as most current decision and game theoretic approaches do, the Constrained Rationality framework start by capturing and modelling clearly the context of the strategic decision making situation, and then use this contextual knowledge to guide the process of finding the agents’ alternatives, analyzing them, and choosing the most effective one. The Constrained Rationality framework, at its heart, provides a novel set of modelling facilities to capture the contextual knowledge of the decision making sit- uations. These modelling facilities are based on the Viewpoint-based Value-Driven - Enterprise Knowledge Management (ViVD-EKM) conceptual modelling frame- work proposed by Al-Shawa (2006b), and include facilities: to capture and model the goals and constraints of the different involved agents, in the decision making situation, in complex graphs within viewpoint models; and to model the complex cause-effect interrelationships among theses goals and constraints. The framework provides a set of robust, extensible and formal Goal-to-Goal and Constraint-to Goal relationships, through which qualitative linguistic value labels about the goals’ op- erationalization, achievement and prevention propagate these relationships until they are finalized to reflect the state of the goals’ achievement at any single point of time during the situation. The framework provides also sufficient, but extensible, representation facilities to model the agents’ priorities, emotional valences and attitudes as value properties with qualitative linguistic value labels. All of these goals and constraints, and the value labels of their respective value properties (operationalization, achievement, prevention, importance, emotional valence, etc.) are used to evaluate the different alternatives (options, plans, products, product/design features, etc.) agents have, and generate cardinal and ordinal preferences for the agents over their respective alternatives. For analysts, and decision makers alike, these preferences can easily be verified, validates and traced back to how much each of these alternatives con- tribute to each agent’s strategic goals, given his constraints, priorities, emotions and attitudes. The Constrained Rationality framework offers a detailed process to model and analyze decision making situations, with special paths and steps to satisfy the spe- cific needs of: 1) single-agent decision making situations, or multi-agent situations in which agents act in an individualistic manner with no regard to others’ current or future options and decisions; 2) collaborative multi-agent decision making situ- ations, where agents disclose their goals and constraints, and choose from a set of shared alternatives one that best satisfy the collective goals of the group; and 3) adversarial competitive multi-agent decision making situations (called Games, in gamete theory literature, or Conflicts, in the broader management science litera- ture). The framework’s modelling and analysis process covers also three types of con- flicts/games: a) non-cooperative games, where agents can take unilateral moves among the game’s states; b) cooperative games, with no coalitions allowed, where agents still act individually (not as groups/coalitions) taking both unilateral moves and cooperative single-step moves when it benefit them; and c) cooperative games, with coalitions allowed, where the games include, in addition to individual agents, agents who are grouped in formal alliances/coalitions, giving themselves the ability to take multi-step group moves to advance their collective position in the game. ...

Preference Uncertainty and Trust in Decision Making

A fuzzy approach for handling uncertain preferences is developed within the paradigm of the Graph Model for Conflict Resolution and new advances in trust modeling and assessment are put forward for permitting decision makers (DMs) to decide with whom to cooperate and trust in order to move from a potential resolution to a more preferred one that is not attainable on an individual basis. The applicability and the usefulness of the fuzzy preference and trust research for giving an enhanced strategic understanding about a dispute and its possible resolution are demonstrated by employing a realworld environmental conflict as well as two generic games that represent a wide range of real life encounters dealing with trust and cooperation dilemmas. The introduction of the uncertain preference representation extends the applicability of the Graph Model for Conflict Resolution to handle conflicts with missing or incomplete preference information. Assessing the presence of trust will help to compensate for the missing information and bridge the gap between a desired outcome and a feared betrayal. These advances in the areas of uncertain preferences and trust have potential applications in engineering decision making, electronic commerce, multiagent systems, international trade and many other areas where conflict is present. In order to model a conflict, it is assumed that the decision makers, options, and the preferences of the decision makers over possible states are known. However, it is often the case that the preferences are not known for certain. This could be due to lack of information, impreciseness, or misinformation intentionally supplied by a competitor. Fuzzy logic is applied to handle this type of information. In particular, it allows a decision maker to express preferences using linguistic terms rather than exact values. It also makes use of data intervals rather than crisp values which could accommodate minor shifts in values without drastically changing the overall results. The four solution concepts of Nash, general metarationality, symmetric metarationality, and sequential stability for determining stability and potential resolutions to a conflict, are extended to accommodate the new fuzzy preference representation. The newly proposed solution concepts are designed to work for two and more than two decision maker cases. Hypothetical and real life conflicts are used to demonstrate the applicability of this newly proposed procedure. Upon reaching a conflict resolution, it might be in the best interests of some of the decision makers to cooperate and form a coalition to move from the current resolution to a better one that is not achievable on an individual basis. This may require moving to an intermediate state or states which may be less preferred by some of the coalition members while being more preferred by others compared to the original or the final state. When the move is irreversible, which is the case in most real life situations, this requires the existence of a minimum level of trust to remove any fears of betrayal. The development of trust modeling and assessment techniques, allows decision makers to decide with whom to cooperate and trust. Illustrative examples are developed to show how this modeling works in practice. The new theoretical developments presented in this research enhance the applicability of the Graph Model for Conflict Resolution. The proposed trust modeling allows a reasonable way of analyzing and predicting the formation of coalitions in conflict analysis and cooperative game theory. It also opens doors for further research and developments in trust modeling in areas such as electronic commerce and multiagent systems

Operational Research: Methods and Applications

Throughout its history, Operational Research has evolved to include a variety of methods, models and algorithms that have been applied to a diverse and wide range of contexts. This encyclopedic article consists of two main sections: methods and applications. The first aims to summarise the up-to-date knowledge and provide an overview of the state-of-the-art methods and key developments in the various subdomains of the field. The second offers a wide-ranging list of areas where Operational Research has been applied. The article is meant to be read in a nonlinear fashion. It should be used as a point of reference or first-port-of-call for a diverse pool of readers: academics, researchers, students, and practitioners. The entries within the methods and applications sections are presented in alphabetical order. The authors dedicate this paper to the 2023 Turkey/Syria earthquake victims. We sincerely hope that advances in OR will play a role towards minimising the pain and suffering caused by this and future catastrophes

Modeling Deception for Cyber Security

In the era of software-intensive, smart and connected systems, the growing power and so- phistication of cyber attacks poses increasing challenges to software security. The reactive posture of traditional security mechanisms, such as anti-virus and intrusion detection systems, has not been sufficient to combat a wide range of advanced persistent threats that currently jeopardize systems operation. To mitigate these extant threats, more ac- tive defensive approaches are necessary. Such approaches rely on the concept of actively hindering and deceiving attackers. Deceptive techniques allow for additional defense by thwarting attackers’ advances through the manipulation of their perceptions. Manipu- lation is achieved through the use of deceitful responses, feints, misdirection, and other falsehoods in a system. Of course, such deception mechanisms may result in side-effects that must be handled. Current methods for planning deception chiefly portray attempts to bridge military deception to cyber deception, providing only high-level instructions that largely ignore deception as part of the software security development life cycle. Con- sequently, little practical guidance is provided on how to engineering deception-based techniques for defense. This PhD thesis contributes with a systematic approach to specify and design cyber deception requirements, tactics, and strategies. This deception approach consists of (i) a multi-paradigm modeling for representing deception requirements, tac- tics, and strategies, (ii) a reference architecture to support the integration of deception strategies into system operation, and (iii) a method to guide engineers in deception mod- eling. A tool prototype, a case study, and an experimental evaluation show encouraging results for the application of the approach in practice. Finally, a conceptual coverage map- ping was developed to assess the expressivity of the deception modeling language created.Na era digital o crescente poder e sofisticação dos ataques cibernéticos apresenta constan- tes desafios para a segurança do software. A postura reativa dos mecanismos tradicionais de segurança, como os sistemas antivírus e de detecção de intrusão, não têm sido suficien- tes para combater a ampla gama de ameaças que comprometem a operação dos sistemas de software actuais. Para mitigar estas ameaças são necessárias abordagens ativas de defesa. Tais abordagens baseiam-se na ideia de adicionar mecanismos para enganar os adversários (do inglês deception). As técnicas de enganação (em português, "ato ou efeito de enganar, de induzir em erro; artimanha usada para iludir") contribuem para a defesa frustrando o avanço dos atacantes por manipulação das suas perceções. A manipula- ção é conseguida através de respostas enganadoras, de "fintas", ou indicações erróneas e outras falsidades adicionadas intencionalmente num sistema. É claro que esses meca- nismos de enganação podem resultar em efeitos colaterais que devem ser tratados. Os métodos atuais usados para enganar um atacante inspiram-se fundamentalmente nas técnicas da área militar, fornecendo apenas instruções de alto nível que ignoram, em grande parte, a enganação como parte do ciclo de vida do desenvolvimento de software seguro. Consequentemente, há poucas referências práticas em como gerar técnicas de defesa baseadas em enganação. Esta tese de doutoramento contribui com uma aborda- gem sistemática para especificar e desenhar requisitos, táticas e estratégias de enganação cibernéticas. Esta abordagem é composta por (i) uma modelação multi-paradigma para re- presentar requisitos, táticas e estratégias de enganação, (ii) uma arquitetura de referência para apoiar a integração de estratégias de enganação na operação dum sistema, e (iii) um método para orientar os engenheiros na modelação de enganação. Uma ferramenta protó- tipo, um estudo de caso e uma avaliação experimental mostram resultados encorajadores para a aplicação da abordagem na prática. Finalmente, a expressividade da linguagem de modelação de enganação é avaliada por um mapeamento de cobertura de conceitos