Improving the resilience of cyber-physical systems under strategic adversaries

Renewable energy resources challenge traditional energy system operations by substituting the stability and predictability of fossil fuel based generation with the unreliability and uncertainty of wind and solar power. Rising demand for green energy drives grid operators to integrate sensors, smart meters, and distributed control to compensate for this uncertainty and improve the operational efficiency of the grid. Real-time negotiations enable producers and consumers to adjust power loads during shortage periods, such as an unexpected outage or weather event, and to adapt to time-varying energy needs. While such systems improve grid performance, practical implementation challenges can derail the operation of these distributed cyber-physical systems. Network disruptions introduce instability into control feedback systems, and strategic adversaries can manipulate power markets for financial gain. This dissertation analyzes the impact of these outages and adversaries on cyber-physical systems and provides methods for improving resilience, with an emphasis on distributed energy systems. First, a financial model of an interdependent energy market lays the groundwork for profit-oriented attacks and defenses, and a game theoretic strategy optimizes attack plans and defensive investments in energy systems with multiple independent actors. Then attacks and defenses are translated from a theoretical context to a real-time energy market via denial of service (DoS) outages and moving target defenses. Analysis on two market mechanisms shows how adversaries can disrupt market operation, destabilize negotiations, and extract profits by attacking network links and disrupting communication. Finally, a low-cost DoS defense technique demonstrates a method that energy systems may use to defend against attacks

Global Risks 2015, 10th Edition.

The 2015 edition of the Global Risks report completes a decade of highlighting the most significant long-term risks worldwide, drawing on the perspectives of experts and global decision-makers. Over that time, analysis has moved from risk identification to thinking through risk interconnections and the potentially cascading effects that result. Taking this effort one step further, this year's report underscores potential causes as well as solutions to global risks. Not only do we set out a view on 28 global risks in the report's traditional categories (economic, environmental, societal, geopolitical and technological) but also we consider the drivers of those risks in the form of 13 trends. In addition, we have selected initiatives for addressing significant challenges, which we hope will inspire collaboration among business, government and civil society communitie

The Global Risks Report 2016, 11th Edition

Now in its 11th edition, The Global Risks Report 2016 draws attention to ways that global risks could evolve and interact in the next decade. The year 2016 marks a forceful departure from past findings, as the risks about which the Report has been warning over the past decade are starting to manifest themselves in new, sometimes unexpected ways and harm people, institutions and economies. Warming climate is likely to raise this year's temperature to 1° Celsius above the pre-industrial era, 60 million people, equivalent to the world's 24th largest country and largest number in recent history, are forcibly displaced, and crimes in cyberspace cost the global economy an estimated US$445 billion, higher than many economies' national incomes. In this context, the Reportcalls for action to build resilience – the "resilience imperative" – and identifies practical examples of how it could be done.The Report also steps back and explores how emerging global risks and major trends, such as climate change, the rise of cyber dependence and income and wealth disparity are impacting already-strained societies by highlighting three clusters of risks as Risks in Focus. As resilience building is helped by the ability to analyse global risks from the perspective of specific stakeholders, the Report also analyses the significance of global risks to the business community at a regional and country-level

Optimizing the Structure and Scale of Urban Water Infrastructure: Integrating Distributed Systems

Large-scale, centralized water infrastructure has provided clean drinking water, wastewater treatment, stormwater management and flood protection for U.S. cities and towns for many decades, protecting public health, safety and environmental quality. To accommodate increasing demands driven by population growth and industrial needs, municipalities and utilities have typically expanded centralized water systems with longer distribution and collection networks. This approach achieves financial and institutional economies of scale and allows for centralized management. It comes with tradeoffs, however, including higher energy demands for longdistance transport; extensive maintenance needs; and disruption of the hydrologic cycle, including the large-scale transfer of freshwater resources to estuarine and saline environments.While smaller-scale distributed water infrastructure has been available for quite some time, it has yet to be widely adopted in urban areas of the United States. However, interest in rethinking how to best meet our water and sanitation needs has been building. Recent technological developments and concerns about sustainability and community resilience have prompted experts to view distributed systems as complementary to centralized infrastructure, and in some situations the preferred alternative.In March 2014, the Johnson Foundation at Wingspread partnered with the Water Environment Federation and the Patel College of Global Sustainability at the University of South Florida to convene a diverse group of experts to examine the potential for distributed water infrastructure systems to be integrated with or substituted for more traditional water infrastructure, with a focus on right-sizing the structure and scale of systems and services to optimize water, energy and sanitation management while achieving long-term sustainability and resilience

Cyberattacks on critical infrastructure: an economic perspective

The aim of this article is to analyze the economic aspects of cybersecurity of critical infrastructure defined as physical or virtual systems and assets that are vital to a country’s functioning and whose incapacitation or destruction would have a debilitating impact on national, economic, military and public security. The functioning of modern states, firms and individuals increasingly relies on digital or cyber technologies and this trend has also materialized in various facets of critical infrastructure. Critical infrastructure presents a new cybersecurity area of attacks and threats that requires the attention of regulators and service providers. Deploying critical infrastructure systems without suitable cybersecurity might make them vulnerable to intrinsic failures or malicious attacks and result in serious negative consequences. In this article a fuller view of costs and losses associated with cyberattacks that includes both private and external (social) costs is proposed. An application of the cost-benefit analysis or the Return on Security Investment (ROSI) indicator is presented to evaluate the worthiness of cybersecurity efforts and analyze the costs associated with some major cyberattacks in recent years. The “Identify, Protect, Detect, Respond and Recover” (IPDRR) framework of organizing cybersecurity efforts is also proposed as well as an illustration as to how the blockchain technology could be utilized to improve security and efficiency within a critical infrastructure

Ready or Not? Protecting the Public's Health From Diseases, Disasters, and Bioterrorism, 2011

Highlights examples of preparedness programs and capacities at risk of federal budget cuts or elimination, examines state and local public health budget cuts, reviews ten years of progress and shortfalls, and outlines policy issues and recommendations

Solving Defender-Attacker-Defender Models for Infrastructure Defense

In Operations Research, Computing, and Homeland Defense, R.K. Wood and R.F. Dell, editors, INFORMS, Hanover, MD, pp. 28-49.The article of record as published may be located at http://dx.doi.org10.1287/ics.2011.0047This paper (a) describes a defender-attacker-defender sequential game model (DAD) to plan defenses for an infrastructure system that will enhance that system's resilience against attacks for an intelligent adversary, (b) describes a realistic formulation of DAD for defending a transportation network, (c) develops a decomposition algorithm for solving this instance of DAD and others, and (d) demonstrates the solution of a small transportation-network example. A DAD model generally evaluates system operation through the solution of an optimization model, and the decomposition algorithm developed here requires only that this system-operation model be continuous and convex. For example, our transportation-network example incorporates a congestion model with a (convex) nonlinear objective function and linear constraints