Failure Analysis in Next-Generation Critical Cellular Communication Infrastructures

The advent of communication technologies marks a transformative phase in critical infrastructure construction, where the meticulous analysis of failures becomes paramount in achieving the fundamental objectives of continuity, security, and availability. This survey enriches the discourse on failures, failure analysis, and countermeasures in the context of the next-generation critical communication infrastructures. Through an exhaustive examination of existing literature, we discern and categorize prominent research orientations with focuses on, namely resource depletion, security vulnerabilities, and system availability concerns. We also analyze constructive countermeasures tailored to address identified failure scenarios and their prevention. Furthermore, the survey emphasizes the imperative for standardization in addressing failures related to Artificial Intelligence (AI) within the ambit of the sixth-generation (6G) networks, accounting for the forward-looking perspective for the envisioned intelligence of 6G network architecture. By identifying new challenges and delineating future research directions, this survey can help guide stakeholders toward unexplored territories, fostering innovation and resilience in critical communication infrastructure development and failure prevention

Game Theory Meets Network Security: A Tutorial at ACM CCS

The increasingly pervasive connectivity of today's information systems brings up new challenges to security. Traditional security has accomplished a long way toward protecting well-defined goals such as confidentiality, integrity, availability, and authenticity. However, with the growing sophistication of the attacks and the complexity of the system, the protection using traditional methods could be cost-prohibitive. A new perspective and a new theoretical foundation are needed to understand security from a strategic and decision-making perspective. Game theory provides a natural framework to capture the adversarial and defensive interactions between an attacker and a defender. It provides a quantitative assessment of security, prediction of security outcomes, and a mechanism design tool that can enable security-by-design and reverse the attacker's advantage. This tutorial provides an overview of diverse methodologies from game theory that includes games of incomplete information, dynamic games, mechanism design theory to offer a modern theoretic underpinning of a science of cybersecurity. The tutorial will also discuss open problems and research challenges that the CCS community can address and contribute with an objective to build a multidisciplinary bridge between cybersecurity, economics, game and decision theory

Optimizing Interconnectivity among Networks under Attacks

Networks may need to be interconnected for various reasons such as inter-organizational communication, redundant connectivity, increasing data-rate and minimizing delay or packet-loss, etc. However, the trustworthiness of an added interconnection link cannot be taken for granted due to the presence of attackers who may compromise the security of an interconnected network by intercepting the interconnections. Namely, an intercepted interconnection link may not be secured due to the data manipulations by attackers. In the first part of this dissertation, the number of interconnections between the two networks is optimized for maximizing the data-rate and minimizing the packet-loss under the threat of security attacks. The optimization of the interconnectivity considering the security attack is formulated using a rate-distortion optimization setting, as originally introduced by Claude E. Shannon in the information theory. In particular, each intercepted interconnection is modeled as a noisy communication channel where the attackers may manipulate the data by flipping and erasing of data bits, and then the total capacity for any given number of interconnections is calculated. By exploiting such formulation, the optimal number of interconnections between two networks is found under network administrators data-rate and packet-loss requirement, and most importantly, without compromising the data security. It is concluded analytically and verified by simulations under certain conditions, increasing interconnections beyond an optimal number would not be beneficial concerning the data-rates and packet-loss. In the second part of this dissertation, the vulnerability of the interconnected network is analyzed by a probabilistic model that maps the intensity of physical attacks to network component failure distributions. Also, assuming the network is susceptible to the attack propagation, the resiliency of the network is modeled by the influence model and epidemic model. Finally, a stochastic model is proposed to track the node failure dynamics in a network considering dependency with power failures. Besides, the cascading failure in the power grid is analyzed with a data-driven model that reproduces the evolution of power-transmission line failure in power grids. To summarize, the optimal interconnectivity among networks is analyzed under security attacks, and the dynamic interactions in an interconnected network are investigated under various physical and logical attacks. The proper application of this work would add the minimum number of inter-network connections between two networks without compromising the data security. The optimal number interconnections would meet network administrator’s requirement and minimize cost (both security and monetary) associated with unnecessary connections. This work can also be used to estimate the reliability of a communication network under different types of physical attacks independently and also by incorporating the dynamics of power failures

Increasing resilience to cascading events: The M.OR.D.OR. scenario

The growing complexity of global interconnected risk suggests that a shift has occurred in the way emergency planners need to improve preparedness and response to cascading events. With reference to the literature from the physical, social and political sciences, this paper analyses extreme space weather events and cyberattacks. The goal of this work is to produce a replicable scenario-building process, based on cross-disciplinary understanding of vulnerability, that could be complementary to probabilistic hazard assessment. Our hypothesis is that the technological and human component of critical infrastructure could be the primary vector for the escalation of secondary emergencies. While not themselves having direct implications in terms of loss of life, elements that are common to different risks could provide particular challenges for disaster management. Our findings identify some vulnerable nodes, such as Global Navigation Satellite System technology and remote-control systems, that could act as paths for the escalations of events. We suggest that these paths may be common to various known and unknown threats. We propose two scenarios of Massive, OveRwhelming Disruption of OpeRations (M.OR.D.OR.) that could be used for testing emergency preparedness strategies, and increasing the response to highly complex, unknown events. The conclusions highlight the open challenges of seeking to increase societal resilience. The limitations of this work are described, as are the possible challenges for future research

Cyber-Physical Power System (CPPS): A Review on Modelling, Simulation, and Analysis with Cyber Security Applications

Cyber-Physical System (CPS) is a new kind of digital technology that increases its attention across academia, government, and industry sectors and covers a wide range of applications like agriculture, energy, medical, transportation, etc. The traditional power systems with physical equipment as a core element are more integrated with information and communication technology, which evolves into the Cyber-Physical Power System (CPPS). The CPPS consists of a physical system tightly integrated with cyber systems (control, computing, and communication functions) and allows the two-way flows of electricity and information for enabling smart grid technologies. Even though the digital technologies monitoring and controlling the electric power grid more efficiently and reliably, the power grid is vulnerable to cybersecurity risk and involves the complex interdependency between cyber and physical systems. Analyzing and resolving the problems in CPPS needs the modelling methods and systematic investigation of a complex interaction between cyber and physical systems. The conventional way of modelling, simulation, and analysis involves the separation of physical domain and cyber domain, which is not suitable for the modern CPPS. Therefore, an integrated framework needed to analyze the practical scenario of the unification of physical and cyber systems. A comprehensive review of different modelling, simulation, and analysis methods and different types of cyber-attacks, cybersecurity measures for modern CPPS is explored in this paper. A review of different types of cyber-attack detection and mitigation control schemes for the practical power system is presented in this paper. The status of the research in CPPS around the world and a new path for recommendations and research directions for the researchers working in the CPPS are finally presented.publishedVersio

A simulation framework for automotive cybersecurity risk assessment

Human-initiated disruptions such as cyberattacks on connected vehicles have the potential to cause cascading failures in transport systems, leading to systemic risks. ‘ISO/SAE 21434:2021 Road vehicles - Cybersecurity engineering’ is the current standard for risk management of road vehicles. However, the threat analysis and risk assessment framework given in the standard focuses on asset-level analysis and assessment. Hence, this study develops a novel simulation-based framework to perform threat analysis and risk assessment on connected vehicles from a transport network perspective. The proposed framework is developed based on the ISO/SAE 21434 threat analysis and risk assessment methodology. We demonstrate the applicability and usefulness of the framework through a remote attack via the cellular network on the in-vehicle communication bus system of a connected vehicle to show the potential impacts on the transport network. Based on the findings of our case studies, we exemplify how cyberattacks on individual system components of a connected vehicle have the potential to cause systemic failures