CAREER: Game-Theoretic Analysis and Design for Cross-Layer Cyber-Physical System Security and Resilience

职业：跨层网络物理系统安全性和弹性的博弈论分析和设计

• 批准号: 1847056
• 负责人: Quanyan Zhu
• 金额: $ 50万
• 依托单位: New York University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-03-01 至 2025-02-28
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1847056&HistoricalAwards=false
• 关键词: CAREER; Game; Theoretic; Analysis; Design

Cyber-physical systems (CPS) are composed of multi-layer tightly integrated and highly interdependent components. An adversary can exploit the connections between the layers and launch an advanced persistent threat (APT) attack that is accomplished through a set of multi-stage stealthy and continuous hacking processes. Lessons learned from APT attacks have highlighted the fact that the design for perfect security is not always possible or prohibitively expensive, and hence resilience is an equally important mechanism that can complement the imperfect security. The standard analysis tools are insufficient to cope with the complexity of CPS and address the design of security and resilience mechanisms. To this end, the project aims to establish an integrated game-theoretic framework that adopts both reductionist and integrative approaches to engineer high-confidence CPS. The proposed research uses electric power systems and the cloud-enabled autonomous systems as two case studies to illustrate the designs of cyber defense strategies, resilience control mechanisms, and CPS security-aware contracts as the holistic cyber, physical, and human solution to for next-generation high-confidence infrastructure systems. The methodologies developed in the project establish an inter-disciplinary system science to conceptualize and design high-confidence CPS, and expedite the realization of CPS in a wide range of applications including transportation, industrial automation, and the power grid. The project first leverages system engineering principles to create game motifs or gamelets as building blocks and use them to compose a game of games or meta-game to model heterogeneous interactions of system components within the layers, across the layers, and with an adversary. As the perfect security at the cyberspace is not always possible, the project develops a resilient control mechanism to provide an alternative paradigm of protection by maintaining critical functions of the CPS and mitigating the impact of cyber insecurity on the physical layer. At the socio-economic level, the proposed CPS contracts aim to create an incentive-compatible secure provision of CPS services and mitigate security risks by incentivizing proper security management of the service providers and reducing the risks of the users. The research is fully integrated into the educational plan via the incorporation of new courses as well as the training of undergraduate and graduate students via mentoring, participation in test-bed development, special projects, and internships at research labs. The educational tool will foster this integration via new hands-on activities and demonstrations to a broader community. With the aim to increase the participation of high school students, particularly women and minority students in science and engineering, the outreach activities include annual high school student summer camp, girls-in-cybersecurity mentorship program, and the development of educational short films and documentaries.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

网络物理系统（CPS）由多层紧密整合和高度相互依赖的组成组成。对手可以利用层之间的连接并启动高级持久威胁（APT）攻击，该攻击是通过一组多阶段的隐身和连续的黑客入侵过程来完成的。 从APT攻击中学到的经验教训强调了一个事实，即实现完美安全的设计并非总是可能或昂贵的，因此弹性是一种同样重要的机制，可以补充不完美的安全性。标准分析工具不足以应对CP的复杂性并解决安全性和弹性机制的设计。 为此，该项目旨在建立一个综合的游戏理论框架，该框架同时采用还原主义和综合方法来工程师高信任CPS。拟议的研究使用电力系统和支持云的自主系统作为两个案例研究，以说明网络防御策略，弹性控制机制和CPS安全感知的合同的设计，作为整体网络，物理和人类的解决方案，用于下一代高构造基础设施系统。该项目中开发的方法建立了跨学科的系统科学，以概念化和设计高信心CP，并加快在包括运输，工业自动化和电网在内的广泛应用中实现CPS的实现。该项目首先利用系统工程原理来创建游戏图案或配子物作为构建块，并使用它们创建游戏或元游戏游戏，以建模层，跨层和对手的系统组件的异质交互。由于并非总是可能在网络空间的完美安全性，因此该项目通过维护CP的关键功能并减轻网络不安全感对物理层的影响来开发出弹性的控制机制，以提供替代的保护范围。在社会经济层面上，提议的CPS合同旨在通过激励服务提供商的适当安全管理并降低用户的风险来创建兼容激励兼容的安全性提供CPS服务的安全性。这项研究通过合并新课程以及通过指导，参与测试床开发，特殊项目和研究实验室实习的培训，将研究完全融入了教育计划中。教育工具将通过新的动手活动和示范向更广泛的社区促进这种整合。为了增加高中生，尤其是妇女和少数群体在科学和工程学中的参与，外展活动包括年度高中学生夏令营，中间的女子安全指导计划以及教育短片和纪录片的发展。该奖项反映了NSF的法定任务，并通过评估智力效果和广泛的范围来进行评估，并被认为是值得的。

项目成果

A Dynamic Game Approach to Designing Secure Interdependent IoT-Enabled Infrastructure Network

• DOI: 10.1109/tnse.2021.3100801
• 发表时间: 2021-07-01
• 期刊: IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING
• 影响因子: 6.6
• 作者: Chen, Juntao;Touati, Corinne;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan

Coalitional Stochastic Differential Games for Networks

网络联合随机微分博弈

• DOI: 10.1109/lcsys.2022.3175333
• 发表时间: 2022
• 期刊: IEEE Control Systems Letters
• 影响因子: 3
• 作者: Barreiro-Gomez, Julian;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan

The Confluence of Networks, Games, and Learning a Game-Theoretic Framework for Multiagent Decision Making Over Networks

• DOI: 10.1109/mcs.2022.3171478
• 发表时间: 2021-05
• 期刊: IEEE Control Systems
• 作者: Tao Li;Guanze Peng;Quanyan Zhu;T. Başar

Effective Utilization of Licensed and Unlicensed Spectrum in Large Scale Ad Hoc Networks

• DOI: 10.1109/tccn.2019.2950249
• 发表时间: 2020-06
• 期刊: IEEE Transactions on Cognitive Communications and Networking
• 影响因子: 8.6
• 作者: M. Hanawal;Y. Hayel;Quanyan Zhu

EPROACH: A Population Vaccination Game for Strategic Information Design to Enable Responsible COVID Reopening

EPROACH：用于战略信息设计的人口疫苗接种游戏，以实现负责任的新冠疫情重新开放

• DOI: 10.23919/acc53348.2022.9867229
• 发表时间: 2022
• 期刊: 2022 American Control Conference (ACC
• 作者: Liu, Shutian;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan