A Colonel Blotto Game for Interdependence-Aware Cyber-Physical Systems Security in Smart Cities

Abstract

Smart cities must integrate a number of interdependent cyber-physical systems that operate in a coordinated manner to improve the well-being of the city's residents. A cyber-physical system (CPS) is a system of computational elements controlling physical entities. Large-scale CPSs are more vulnerable to attacks due to the cyber-physical interdependencies that can lead to cascading failures which can have a significant detrimental effect on a city. In this paper, a novel approach is proposed for analyzing the problem of allocating security resources, such as firewalls and anti-malware, over the various cyber components of an interdependent CPS to protect the system against imminent attacks. The problem is formulated as a Colonel Blotto game in which the attacker seeks to allocate its resources to compromise the CPS, while the defender chooses how to distribute its resources to defend against potential attacks. To evaluate the effects of defense and attack, various CPS factors are considered including human-CPS interactions as well as physical and topological characteristics of a CPS such as flow and capacity of interconnections and minimum path algorithms. Results show that, for the case in which the attacker is not aware of the CPS interdependencies, the defender can have a higher payoff, compared to the case in which the attacker has complete information. The results also show that, in the case of more symmetric nodes, due to interdependencies, the defender achieves its highest payoff at the equilibrium compared to the case with independent, asymmetric nodes