CAREER: Game-Theoretic Analysis and Design for Cross-Layer Cyber-Physical System Security and Resilience

职业：跨层网络物理系统安全性和弹性的博弈论分析和设计

• 批准号: 1847056
• 负责人: Quanyan Zhu
• 金额: $ 50万
• 依托单位: New York University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-03-01 至 2025-02-28
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1847056&HistoricalAwards=false
• 关键词: CAREER; Game; Theoretic; Analysis; Design

Cyber-physical systems (CPS) are composed of multi-layer tightly integrated and highly interdependent components. An adversary can exploit the connections between the layers and launch an advanced persistent threat (APT) attack that is accomplished through a set of multi-stage stealthy and continuous hacking processes. Lessons learned from APT attacks have highlighted the fact that the design for perfect security is not always possible or prohibitively expensive, and hence resilience is an equally important mechanism that can complement the imperfect security. The standard analysis tools are insufficient to cope with the complexity of CPS and address the design of security and resilience mechanisms. To this end, the project aims to establish an integrated game-theoretic framework that adopts both reductionist and integrative approaches to engineer high-confidence CPS. The proposed research uses electric power systems and the cloud-enabled autonomous systems as two case studies to illustrate the designs of cyber defense strategies, resilience control mechanisms, and CPS security-aware contracts as the holistic cyber, physical, and human solution to for next-generation high-confidence infrastructure systems. The methodologies developed in the project establish an inter-disciplinary system science to conceptualize and design high-confidence CPS, and expedite the realization of CPS in a wide range of applications including transportation, industrial automation, and the power grid. The project first leverages system engineering principles to create game motifs or gamelets as building blocks and use them to compose a game of games or meta-game to model heterogeneous interactions of system components within the layers, across the layers, and with an adversary. As the perfect security at the cyberspace is not always possible, the project develops a resilient control mechanism to provide an alternative paradigm of protection by maintaining critical functions of the CPS and mitigating the impact of cyber insecurity on the physical layer. At the socio-economic level, the proposed CPS contracts aim to create an incentive-compatible secure provision of CPS services and mitigate security risks by incentivizing proper security management of the service providers and reducing the risks of the users. The research is fully integrated into the educational plan via the incorporation of new courses as well as the training of undergraduate and graduate students via mentoring, participation in test-bed development, special projects, and internships at research labs. The educational tool will foster this integration via new hands-on activities and demonstrations to a broader community. With the aim to increase the participation of high school students, particularly women and minority students in science and engineering, the outreach activities include annual high school student summer camp, girls-in-cybersecurity mentorship program, and the development of educational short films and documentaries.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

信息物理系统（CPS）由多层紧密集成、高度相互依赖的组件组成。攻击者可以利用各层之间的连接，并通过一系列多阶段的隐身和连续黑客过程发起高级持续威胁（APT）攻击。从APT攻击中吸取的教训强调了一个事实，即完美的安全性设计并不总是可能的，或者代价高昂，因此弹性是一种同样重要的机制，可以补充不完美的安全性。标准的分析工具不足以应对CPS的复杂性和解决安全性和弹性机制的设计。为此，该项目旨在建立一个综合博弈论框架，采用还原论和综合方法来设计高置信度的CPS。拟议的研究使用电力系统和支持云的自治系统作为两个案例研究，以说明网络防御策略、弹性控制机制和CPS安全感知合同的设计，作为下一代高可信度基础设施系统的整体网络、物理和人类解决方案。该项目开发的方法建立了一门跨学科的系统科学，以概念化和设计高置信度的CPS，并加快了CPS在交通、工业自动化和电网等广泛应用中的实现。该项目首先利用系统工程原理创建游戏主题或小游戏作为构建块，并使用它们组成游戏的游戏或元游戏，以模拟系统组件在层内、层间以及与对手的异质交互。由于网络空间的完美安全并不总是可能的，该项目开发了一种弹性控制机制，通过维护CPS的关键功能和减轻网络不安全对物理层的影响来提供另一种保护范例。在社会经济层面，拟议的CPS合同旨在通过激励服务提供商进行适当的安全管理和降低用户的风险，为CPS服务提供一个与激励相容的安全提供，并减轻安全风险。该研究通过纳入新课程，以及通过指导、参与试验台开发、特殊项目和研究实验室实习等方式对本科生和研究生进行培训，完全融入教育计划。教育工具将通过新的实践活动和向更广泛的社区演示来促进这种整合。为了提高高中生，特别是女性和少数族裔学生在科学和工程领域的参与度，拓展活动包括年度高中生夏令营、网络安全女孩指导计划、教育短片和纪录片的开发。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Cluster Formation in Multiagent Consensus via Dynamic Resilient Graph Games

通过动态弹性图游戏在多智能体共识中形成集群

• DOI: 10.1109/ccta48906.2021.9659182
• 发表时间: 2021
• 期刊: 2021 IEEE Conference on Control Technology and Applications (CCTA
• 作者: Nugraha, Yurid;Cetinkaya, Ahmet;Hayakawa, Tomohisa;Ishii, Hideaki;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan

Distributed and Resilient Planning-Control for Optimal LEO Satellite Constellation Coverage

分布式和弹性规划控制以实现最佳 LEO 卫星星座覆盖

• DOI: 10.23919/acc53348.2022.9867536
• 发表时间: 2022
• 期刊: 2022 American Control Conference (ACC
• 作者: Zhao, Yuhan;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan

Fundamental Limits of Obfuscation for Linear Gaussian Dynamical Systems: An Information-Theoretic Approach

线性高斯动力系统混淆的基本限制：一种信息论方法

• DOI: 10.23919/acc50511.2021.9483148
• 发表时间: 2021
• 期刊: ACC 2021
• 作者: Fang, Song;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan

Blackwell Online Learning for Markov Decision Processes

马尔可夫决策过程的布莱克威尔在线学习

• DOI: 10.1109/ciss50987.2021.9400319
• 发表时间: 2021
• 期刊: 2021 55th Annual Conference on Information Sciences and Systems (CISS
• 作者: Li, Tao;Peng, Guanze;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan

Optimal Curing Strategy for Competing Epidemics Spreading Over Complex Networks

针对在复杂网络上传播的竞争性流行病的最佳治愈策略

• DOI: 10.1109/tsipn.2021.3075338
• 发表时间: 2021
• 期刊: IEEE Transactions on Signal and Information Processing over Networks
• 影响因子: 3.2
• 作者: Chen, Juntao;Huang, Yunhan;Zhang, Rui;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan