37 research outputs found
Game Theory for Secure Critical Interdependent Gas-Power-Water Infrastructure
A city's critical infrastructure such as gas, water, and power systems, are
largely interdependent since they share energy, computing, and communication
resources. This, in turn, makes it challenging to endow them with fool-proof
security solutions. In this paper, a unified model for interdependent
gas-power-water infrastructure is presented and the security of this model is
studied using a novel game-theoretic framework. In particular, a zero-sum
noncooperative game is formulated between a malicious attacker who seeks to
simultaneously alter the states of the gas-power-water critical infrastructure
to increase the power generation cost and a defender who allocates
communication resources over its attack detection filters in local areas to
monitor the infrastructure. At the mixed strategy Nash equilibrium of this
game, numerical results show that the expected power generation cost deviation
is 35\% lower than the one resulting from an equal allocation of resources over
the local filters. The results also show that, at equilibrium, the
interdependence of the power system on the natural gas and water systems can
motivate the attacker to target the states of the water and natural gas systems
to change the operational states of the power grid. Conversely, the defender
allocates a portion of its resources to the water and natural gas states of the
interdependent system to protect the grid from state deviations.Comment: 7 pages, in proceedings of Resilience Week 201
Generalized Colonel Blotto Game
Competitive resource allocation between adversarial decision makers arises in
a wide spectrum of real-world applications such as in communication systems,
cyber-physical systems security, as well as financial, political, and electoral
competition. As such, developing analytical tools to model and analyze
competitive resource allocation is crucial for devising optimal allocation
strategies and anticipating the potential outcomes of the competition. To this
end, the Colonel Blotto game is one of the most popular game-theoretic
frameworks for modeling and analyzing such competitive resource allocation
problems. However, in many real-world competitive situations, the Colonel
Blotto game does not admit solutions in deterministic strategies and, hence,
one must rely on analytically complex mixed-strategies with their associated
tractability, applicability, and practicality challenges. In this paper, a
generalization of the Colonel Blotto game which enables the derivation of
deterministic, practical, and implementable equilibrium strategies is proposed
while accounting for the heterogeneity of the battlefields. In addition, the
proposed generalized game enables accounting for the consumed resources in each
battlefield, a feature that is not considered in the classical Blotto game. For
the generalized game, the existence of a Nash equilibrium in pure-strategies is
shown. Then, closed-form analytical expressions of the equilibrium strategies,
are derived and the outcome of the game is characterized; based on the number
of resources of each player as well as the valuation of each battlefield. The
generated results provide invaluable insights on the outcome of the
competition. For example, the results show that, when both players are fully
rational, the more resourceful player can achieve a better total payoff at the
Nash equilibrium, a result that is not mimicked in the classical Blotto game.Comment: 8 pages, 5 figure
Improving the Cybersecurity of Cyber-Physical Systems Through Behavioral Game Theory and Model Checking in Practice and in Education
This dissertation presents automated methods based on behavioral game theory and model checking to improve the cybersecurity of cyber-physical systems (CPSs) and advocates teaching certain foundational principles of these methods to cybersecurity students. First, it encodes behavioral game theory\u27s concept of level-k reasoning into an integer linear program that models a newly defined security Colonel Blotto game. This approach is designed to achieve an efficient allocation of scarce protection resources by anticipating attack allocations. A human subjects experiment based on a CPS infrastructure demonstrates its effectiveness. Next, it rigorously defines the term adversarial thinking, one of cybersecurity educations most important and elusive learning objectives, but for which no proper definition exists. It spells out what it means to think like a hacker by examining the characteristic thought processes of hackers through the lens of Sternberg\u27s triarchic theory of intelligence. Next, a classroom experiment demonstrates that teaching basic game theory concepts to cybersecurity students significantly improves their strategic reasoning abilities. Finally, this dissertation applies the SPIN model checker to an electric power protection system and demonstrates a straightforward and effective technique for rigorously characterizing the degree of fault tolerance of complex CPSs, a key step in improving their defensive posture
Cyber-Physical Power System (CPPS): A Review on Modelling, Simulation, and Analysis with Cyber Security Applications
Cyber-Physical System (CPS) is a new kind of digital technology that increases its attention across academia, government, and industry sectors and covers a wide range of applications like agriculture, energy, medical, transportation, etc. The traditional power systems with physical equipment as a core element are more integrated with information and communication technology, which evolves into the Cyber-Physical Power System (CPPS). The CPPS consists of a physical system tightly integrated with cyber systems (control, computing, and communication functions) and allows the two-way flows of electricity and information for enabling smart grid technologies. Even though the digital technologies monitoring and controlling the electric power grid more efficiently and reliably, the power grid is vulnerable to cybersecurity risk and involves the complex interdependency between cyber and physical systems. Analyzing and resolving the problems in CPPS needs the modelling methods and systematic investigation of a complex interaction between cyber and physical systems. The conventional way of modelling, simulation, and analysis involves the separation of physical domain and cyber domain, which is not suitable for the modern CPPS. Therefore, an integrated framework needed to analyze the practical scenario of the unification of physical and cyber systems. A comprehensive review of different modelling, simulation, and analysis methods and different types of cyber-attacks, cybersecurity measures for modern CPPS is explored in this paper. A review of different types of cyber-attack detection and mitigation control schemes for the practical power system is presented in this paper. The status of the research in CPPS around the world and a new path for recommendations and research directions for the researchers working in the CPPS are finally presented.publishedVersio