CAREER: A dynamic game theoretic approach to cyber-security of controlled systems

职业：受控系统网络安全的动态博弈论方法

• 批准号: 1151076
• 负责人: Cedric Langbort
• 金额: $ 40万
• 依托单位: University of Illinois at Urbana-Champaign
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2012
• 资助国家: 美国
• 起止时间: 2012-02-15 至 2018-01-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1151076&HistoricalAwards=false
• 关键词: CAREER; dynamic; game; theoretic; approach

As infrastructure and industrial control systems are increasingly being connected to the Internet and other widely accessible networks, their vulnerability to cyber attacks is fast becoming a growing concern and a national priority. Successfully weathering these attacks calls for stringent security measures and, in turn, imposes unique requirements on control algorithms, which must be able to ensure some level of closed-loop stability and performance in the presence of malicious and strategic intrusions, and complement the first line of defense provided by more traditional cyber-security techniques. In order to be implementable on today?sSCADA systems, these algorithms must (1) be able to face a wide variety of attacks, (2) be easy to deploy and require relatively low computational resources and, (3) come with theoretical guarantees of resilience for at least some well-defined classes of attacks.This CAREER project proposes to explore the design of such secure control algorithms using the tools of Game Theory, more specifically dynamic zero-sum games, stopping games, and team theory. The flexibility afforded by this modeling paradigm makes it possible to capture various characteristics of attacks through the attacker?s and controller?s information and action sets, as well as through the kernel of the game. In addition to readily implementable control strategies, this game theoretic approach also provides fundamental insights into the influence of an attack?s point of entry and stealthiness on its outcomes, and points towards specific resilient architectures for networked control systems. The resulting algorithms will be implemented and validated on three experimental testbeds of increasing complexity and degree of realism. One of these testbed is an actual small scale SCADA-enabled power grid located in Stockholm, Sweden, which the PI will be granted access to via ongoing collaboration with the Royal Institute of Technology (KTH). Tightly integrated with this research plan are education and outreach activities, which will partly leverage the testbed implementations, and are aimed at extending the use of game theoretic tools in the cyber-security community and among engineering students, and demystifying cyber-attacks for the general public, respectively.Intellectual Merit: The novelty and pertinence of the proposed approach for designing provably secure control systems lies in its focus on the resilience of the control algorithm itself, and its combination of the complementary strengths of dynamic game theory and robust control techniques to achieve this goal. This is in contrast with traditional cyber-security approaches, which are typically concerned with decreasing software and hardware vulnerabilities, and thwarting attacks at their point of entry. In addition, while game theoretic methods have proved successful in the formulation and resolution of security problems in the context of computer and communication networks, the use of these tools for studying and designing secure networked control systems under cyber-attacks is relatively new and unexplored.Broader Impact: We expect the algorithms and approach resulting from this project to be widely applicable, and to provide additional options for the design of ?defense in depth? strategies for networked control systems. In order to disseminate these results to a broad community of students, researchers, and practitioners, a yearly summer school on ?Game Theory for Decision-Making and Security? will be organized either as a stand-alone event, or as part of UIUC?s Information Trust Institute?s (ITI) offering of dedicated summer workshops. Undergraduates will be recruited through ITI?s Summer Internship Program, and will be involved in the implementation and characterization of the two in-house testbeds. These testbeds will also be used in outreach efforts to the local and global public. Finally, this project will help strengthen the research and educational ties between UIUC and KTH, including student exchange.

随着基础设施和工业控制系统越来越多地连接到互联网和其他可广泛访问的网络，它们对网络攻击的脆弱性正迅速成为人们日益关注的问题和国家优先事项。成功抵御这些攻击需要严格的安全措施，反过来，对控制算法提出了独特的要求，控制算法必须能够在恶意和战略入侵的情况下确保一定程度的闭环稳定性和性能，并补充传统网络安全技术提供的第一道防线。才能在今天实施？在sSCADA系统中，这些算法必须(1)能够面对各种各样的攻击，(2)易于部署并且需要相对较低的计算资源，(3)至少对一些定义良好的攻击类别具有弹性的理论保证。这个CAREER项目提出使用博弈论的工具来探索这种安全控制算法的设计，更具体地说，是动态零和博弈、停止博弈和团队理论。这种建模范例所提供的灵活性使得通过攻击者捕获攻击的各种特征成为可能。S和控制器？S信息和动作集，以及通过游戏的内核。除了易于实现的控制策略外，这种博弈论方法还提供了对攻击影响的基本见解。S的入口点和其结果的隐身性，并指向网络控制系统的特定弹性架构。所得到的算法将在三个日益复杂和现实程度增加的实验测试台上实现和验证。其中一个测试平台是位于瑞典斯德哥尔摩的一个实际的小型scada电网，PI将通过与皇家理工学院（KTH）的持续合作获得访问权限。与该研究计划紧密结合的是教育和推广活动，这些活动将部分利用测试平台的实现，旨在扩展博弈论工具在网络安全社区和工程学生中的使用，并分别为公众揭开网络攻击的神秘面纱。智力优势：所提出的设计可证明安全控制系统的方法的新颖性和针对性在于它关注控制算法本身的弹性，并结合动态博弈论和鲁棒控制技术的互补优势来实现这一目标。这与传统的网络安全方法形成了对比，传统的网络安全方法通常关注的是减少软件和硬件的漏洞，并在入侵点阻止攻击。此外，虽然博弈论方法在计算机和通信网络背景下的安全问题的制定和解决方面已被证明是成功的，但使用这些工具来研究和设计网络攻击下的安全网络控制系统是相对较新的和未开发的。更广泛的影响：我们期望这个项目产生的算法和方法广泛适用，并为设计提供额外的选择？纵深防御？网络控制系统策略。为了将这些研究成果传播给广大的学生、研究人员和从业人员，每年在？决策与安全的博弈理论？是作为一个独立的活动，还是作为UIUC的一部分？信息信任研究所？提供专门的夏季工作坊。通过ITI招收本科生，并将参与两个内部测试平台的实施和表征。这些试验台还将用于向当地和全球公众宣传的工作。最后，该项目将有助于加强UIUC和KTH之间的研究和教育联系，包括学生交换。