CPS: Medium: Cyber Attack-Defense Modeling, Risk and Contingency Analysis for the Power Grid using Game Theory

CPS：中：利用博弈论对电网进行网络攻防建模、风险和应急分析

• 批准号: 1739969
• 负责人: Manimaran Govindarasu
• 金额: $ 77.73万
• 依托单位: Iowa State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-09-15 至 2022-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1739969&HistoricalAwards=false
• 关键词: CPS; Medium; Cyber; Attack; Defense

Modern electric power grid is a complex, interconnected cyber physical system (CPS) that forms the lifeline of our society. Reliable, secure, and efficient operation of the grid are of paramount importance to national security and economic well-being. Recent trends in security indicate the increasing threat of cyber-based attacks, both in numbers and sophistication, on energy and other critical infrastructure systems of our nation and the world in general. To address this growing threat, there is a compelling research need to develop a holistic cyber security framework that encompasses attack deterrence, attack prevention, attack detection, attack mitigation and resilience, and attack attribution and forensics. Risk assessment is one of the fundamental building blocks that cut across attack prevention, mitigation, and resilience. The existing tools for risk assessment and mitigation are mostly qualitative and often subjective, and hence they are grossly inadequate to capture the dynamic and uncertain nature of the adversaries and the complex cyber-physical couplings that exist in the grid. This project will develop a scientific methodology, algorithms, and tools for cyber risk assessment, attack-defense modeling, and cyber contingency analysis by leveraging game theoretic tools and solution strategies. The developed security algorithms and tools will be evaluated in a realistic CPS security testbed environment at Iowa State University and the results will be broadly shared with research community and also with industry for potential adoption. The innovative applications of game theoretic formulations and tools will help to develop secure and resilient algorithms that will prevent and mitigate attacks and will make the future grid resilient to both faults and cyber-attacks. The research also will have broader impacts in improving the security and resiliency of other CPS-based critical infrastructure systems, such as oil and natural gas networks and transportation networks. Through the associated educational and outreach activities, via graduate courses, undergraduate capstone projects, and K-12 outreach program, the project will contribute to a highly skilled workforce in this area of national need. The project will help diversity in cybersecurity workforce by engaging women and underrepresented minorities in research and educational activities. In addition, the project will significantly contribute to imparting hands-on cybersecurity training to industry professionals using the testbed platform. Both educational and training modules will be made available to a broader academic and industry communities.The overarching vision of this project is to transform the fault-resilient grid of today into an attack-resilient grid of the future. Towards achieving this vision, the goal of the project is to develop and evaluate algorithms and tools that will significantly advance the state-of-the-art cyber risk assessment, attack-defense modeling, and cyber contingency analysis. This goal will be accomplished by undertaking the following research tasks: (1) Develop fundamental game-theoretic formulations (single stage, multi-stage, Bayesian) for attack-defense modeling for the power grid using behavioral and learning models; (2) Develop a quantitative cyber risk assessment and mitigation methodology that capture all three components of risk -- namely, threats, vulnerabilities, and consequences -- using pragmatic game-theoretic formulations, and optimize the security investments to defend the grid against high-risk attacks; (3) Develop scalable techniques and tools for real-time operational planning using game-theoretic formulations to account for multiple contingencies arising due to coordinated cyber-attacks, and integrate them into a dynamic contingency analysis methodology as part of the Energy Management System (EMS); (4) Evaluate the effectiveness and scalability of the developed solutions and tools on Iowa State CPS security testbed environment using realistic attack-defense scenarios leveraging well documented power and cyber system topologies and synthetic attack traces and also leveraging Iowa State industry partnerships in Electric Power Research Center (EPRC) and Power System Research Center (PSERC).

现代电网是一个复杂的、互联的网络物理系统（CPS），构成了我们社会的生命线。电网的可靠、安全和高效运行对国家安全和经济福祉至关重要。最近的安全趋势表明，对我国和整个世界的能源和其他关键基础设施系统的网络攻击在数量和复杂性方面的威胁日益增加。为了应对这一日益增长的威胁，迫切需要开发一个全面的网络安全框架，包括攻击威慑，攻击预防，攻击检测，攻击缓解和恢复能力，以及攻击归因和取证。风险评估是贯穿攻击预防、缓解和恢复能力的基本构建块之一。现有的风险评估和缓解工具大多是定性的，而且往往是主观的，因此它们严重不足以捕捉对手的动态和不确定性以及网格中存在的复杂的网络物理耦合。该项目将通过利用博弈论工具和解决方案策略，为网络风险评估、攻防建模和网络应急分析开发科学的方法论、算法和工具。开发的安全算法和工具将在爱荷华州州立大学的一个现实的CPS安全测试平台环境中进行评估，结果将与研究界和工业界广泛分享，以供潜在的采用。博弈论公式和工具的创新应用将有助于开发安全和弹性的算法，以防止和减轻攻击，并使未来的电网对故障和网络攻击具有弹性。该研究还将对提高其他基于CPS的关键基础设施系统的安全性和弹性产生更广泛的影响，例如石油和天然气网络以及运输网络。通过相关的教育和推广活动，通过研究生课程，本科顶点项目和K-12推广计划，该项目将有助于在国家需要的这一领域的高技能劳动力。该项目将通过让女性和代表性不足的少数族裔参与研究和教育活动，帮助网络安全劳动力的多样性。此外，该项目将大大有助于向使用测试平台的行业专业人员提供实际网络安全培训。教育和培训模块将向更广泛的学术和行业社区提供。该项目的总体愿景是将当今的故障恢复网格转变为未来的攻击恢复网格。为了实现这一愿景，该项目的目标是开发和评估算法和工具，这些算法和工具将显著推进最先进的网络风险评估、攻防建模和网络应急分析。这一目标将通过以下研究任务来实现：（1）发展基本的博弈理论公式（单阶段、多阶段、贝叶斯），用于使用行为和学习模型对电网进行攻击-防御建模;（2）制定量化的网络风险评估和缓解方法，以捕捉风险的所有三个组成部分，即威胁，漏洞，和后果-使用务实的博弈论公式，并优化安全投资，以保护电网免受高风险的攻击;（3）开发可扩展的技术和工具，用于使用博弈理论公式进行实时作战规划，以应对由于协调的网络攻击而产生的多种突发事件，并将其纳入动态应急分析方法，作为能源管理系统（EMS）的一部分;（4）使用真实的攻击，在爱荷华州CPS安全测试平台环境上评估所开发的解决方案和工具的有效性和可扩展性-防御方案利用了有据可查的电力和网络系统拓扑结构以及合成攻击痕迹，还利用了爱荷华州电力研究中心（EPRC）和电力系统研究中心（PSRC）的行业合作伙伴关系。

项目成果

A Novel Methodology for Cybersecurity Investment Optimization in Smart Grids using Attack-Defense Trees and Game Theory

使用攻击防御树和博弈论优化智能电网网络安全投资的新方法

• 发表时间: 2022
• 期刊: IEEE Innovative Smart Grid Technologies (ISGT
• 作者: Hyder, Burhan;Govindarasu, Manimaran
• 通讯作者: Govindarasu, Manimaran

Security Resource Investment Optimization for Critical Infrastructure Systems: A Game-Theoretic Approach

关键基础设施系统的安全资源投资优化：博弈论方法

• DOI: 10.23919/acc53348.2022.9867416
• 发表时间: 2022
• 期刊: American Control Conference (ACC
• 作者: Clanin, Joe;Bhattacharya, Sourabh
• 通讯作者: Bhattacharya, Sourabh

An Efficient Computational Strategy for Cyber-Physical Contingency Analysis in Smart Grids

智能电网中网络物理应急分析的高效计算策略

• DOI: 10.1109/pesgm46819.2021.9637857
• 发表时间: 2021
• 期刊: IEEE PES General Meeting
• 作者: Emadi, Hamid;Clanin, Joe;Hyder, Burhan;Khanna, Kush;Govindarasu, Manimaran;Bhattacharya, Sourabh
• 通讯作者: Bhattacharya, Sourabh

CySec Game: A Framework and Tool for Cyber Risk Assessment and Security Investment Optimization in Critical Infrastructures

CySec Game：关键基础设施网络风险评估和安全投资优化的框架和工具

• DOI: 10.1109/rws55399.2022.9984040
• 发表时间: 2022
• 期刊: Resilience Week Symposium (RWS
• 作者: Hyder, Burhan;Majerus, Harrison;Sellars, Hayden;Greazel, Jonathan;Strobel, Joseph;Battani, Nicholas;Peng, Stefan;Govindarasu, Manimaran
• 通讯作者: Govindarasu, Manimaran

On the Characterization of Saddle Point Equilibrium for Security Games with Additive Utility

具有可加性效用的安全博弈鞍点均衡表征

• DOI: 10.1007/978-3-030-64793-3_19
• 发表时间: 2020
• 期刊: GameSec Conference
• 作者: Emadi, Hamid;Bhattacharya, Sourabh
• 通讯作者: Bhattacharya, Sourabh