Aidin Ferdowsi
ABSTRACT
Smart cities must integrate a number of interdependent cyber-physical systems that operate in a coordinated manner to improve the well-being of the city's residents. A cyber-physical system (CPS) is a system of computational elements controlling physical entities. Large-scale CPSs are more vulnerable to attacks due to the cyber-physical interdependencies that can lead to cascading failures which can have a significant detrimental effect on a city. In this paper, a novel approach is proposed for analyzing the problem of allocating security resources, such as firewalls and anti-malware, over the various cyber components of an interdependent CPS to protect the system against imminent attacks. The problem is formulated as a Colonel Blotto game in which the attacker seeks to allocate its resources to compromise the CPS, while the defender chooses how to distribute its resources to defend against potential attacks. To evaluate the effects of defense and attack, various CPS factors are considered including human-CPS interactions as well as physical and topological characteristics of a CPS such as flow and capacity of interconnections and minimum path algorithms. Results show that, for the case in which the attacker is not aware of the CPS interdependencies, the defender can have a higher payoff, compared to the case in which the attacker has complete information. The results also show that, in the case of more symmetric nodes, due to interdependencies, the defender achieves its highest payoff at the equilibrium compared to the case with independent, asymmetric nodes.
- R. Baheti and H. Gill. 2011. Cyber-physical systems. The impact of control technology 12 (2011), 161--166.Google Scholar
- E. Borel. 1953. The theory of play and integral equations with skew symmetric kernels. Econometrica: journal of the Econometric Society (Jan 1953), 97--100.Google Scholar
- A. A. Cárdenas, S. Amin, Z. Lin, Y. Huang, C. Huang, and S. Sastry. 2011. Attacks Against Process Control Systems: Risk Assessment, Detection, and Response. In Proceedings of the 6th ACM symposium on information, computer and communications security. New York, NY, USA, 355--366. Google ScholarDigital Library
- H. Fawzi, P. Tabuada, and S. Diggavi. 2014. Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks. IEEE Trans. Automat. Control 59, 6 (June 2014), 1454--1467.Google ScholarCross Ref
- A. Gupta, G. Schwartz, C. Langbort, S. S. Sastry, and T. Başar. 2014. A three- stage Colonel Blotto game with applications to cyberphysical security. In Proc. of American Control Conference (ACC). Portland, OR, USA, 3820--3825.Google Scholar
- J. C. Jensen, D. H. Chang, and E. A. Lee. 2011. A model-based design methodology for cyber-physical systems. In Proc. of International Wireless Communications and Mobile Computing Conference (IWCMC). Istanbul, Turkey, 1666--1671.Google Scholar
- M. Karim and V. Phoha. 2014. Cyber-physical Systems Security. In Applied Cyber-Physical Systems, S. C. Suh, U. J. Tanik, J. N. Carbone, and A. Eroglu (Eds.). Springer New York, New York, NY, USA, 75--83.Google Scholar
- D. Kovenock and B. Roberson. 2015. Generalizations of the General Lotto and Colonel Blotto Games. Economic Science Institute Working Paper 15--07 (April 2015).Google Scholar
- Y. Mo, T. H.-J. Kim, K. Brancik, D. Dickinson, H. Lee, A. Perrig, and B. Sinopoli. 2012. Cyber Physical Security of a Smart Grid Infrastructure. in Proceedings of the IEEE 100, 1 (Jan 2012), 195--209.Google Scholar
- F. Pasqualetti, F. Dorfler, and F. Bullo. 2015. Control-Theoretic Methods for Cyberphysical Security: Geometric Principles for Optimal Cross-Layer Resilient Control Systems. IEEE Control Systems 35, 1 (Feb 2015), 110--127.Google Scholar
- H. Saadat. 1999. Power system analysis. WCB/McGraw-Hill.Google Scholar
- A. Sanjab and W. Saad. 2016. Data injection attacks on smart grids with multiple adversaries: a game-theoretic perspective. IEEE Transactions on Smart Grid 7, 4 (2016), 2038--2049.Google ScholarCross Ref
- G. Schwartz, P. Loiseau, and S. Sastry. 2014. The heterogeneous Colonel Blotto Game. In Proc. of International Conference on Network Games, Control and Optimization. Trento, Italy.Google Scholar
- J. Shi, J. Wan, H. Yan, and H. Suo. 2011. A survey of cyber-physical systems, In Proc. of Conference on Wireless Communications and Signal Processing (WCSP). Proc. IEEE (Nov 2011), 1--6.Google Scholar
- O. Yağan, D. Qian, J. Zhang, and D. Cochran. 2012. Optimal allocation of interconnecting links in cyber-physical systems: Interdependence, cascading failures, and robustness. IEEE Transactions on Parallel and Distributed Systems 23, 9 (Sept 2012), 1708--1720. Google ScholarDigital Library
- M. Zhu and S. Martinez. 2011. Stackelberg-game analysis of correlated attacks in cyber-physical systems. In Proc. of American Control Conference (ACC). San Francisco, California, USA, 4063--4068.Google Scholar
Index Terms
- A colonel blotto game for interdependence-aware cyber-physical systems security in smart cities
Recommendations
Security game for cyber physical systems
CNS '18: Proceedings of the Communications and Networking SymposiumThe extensive use of information and communication technologies (ICT) in cyber physical systems (CPSs) make them vulnerable to cyber-attacks. One class of cyber-attack is advanced persistent threats where highly skilled attackers can steal user ...
Security analysis for cyber-physical systems against stealthy cyber attacks
CERIAS '13: Proceedings of the 14th Annual Information Security SymposiumSecurity of Cyber-Physical Systems (CPS) against cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is difficult to describe them systematically. In this paper, instead of identifying a specific ...
Cyber Security of Cyber Physical Systems: Cyber Threats and Defense of Critical Infrastructures
VLSID '16: Proceedings of the 2016 29th International Conference on VLSI Design and 2016 15th International Conference on Embedded Systems (VLSID)Summary form only. Most critical infrastructures such as the power grid, railway or air traffic control, industrial automation in manufacturing, water/sewage infrastructure, banking system, etc., are cyber physical systems (CPS). Since continued ...
Comments