CRISP Type 1/Collaborative Research: Lessons Learned from Decades of Attacks against Critical Interdependent Infrastructures

CRISP 类型 1/协作研究：从数十年针对关键相互依赖基础设施的攻击中汲取的经验教训

• 批准号: 1925524
• 负责人: Alvaro Cardenas
• 金额: $ 10.98万
• 依托单位: University of California-Santa Cruz
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-01-01 至 2019-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1925524&HistoricalAwards=false
• 关键词: CRISP; Type; Collaborative; Research; Lessons

Critical interdependent infrastructures such as the power grid, water distribution networks, and transportation networks are large-scale systems that provide the most essential services to modern life. Traditionally, the protection of these infrastructures has focused on preventing failures caused by accidents; however, there is a growing concern about preventing failures initiated by physical as well as cyber attacks. For example, the recent Executive Order 13636 on critical infrastructure cyber-security is a timely reminder on the growing need to improve the security posture and resiliency of our critical infrastructures against attacks, and in particular, a call of action for identifying well-documented and tested security best practices. The goal of this Critical Resilient Interdependent Infrastructure Systems and Processes (CRISP) collaborative research project is to identify the successful practices and lessons learned by countries subject to persistent attacks on their critical infrastructures, and incorporate these lessons into social and technical solutions that the U.S. can use to better understand the nature of the threat, and to motivate better public and private sector postures for the protection of U.S. critical infrastructures from physical as well as cyber-attacks. The research will leverage the experience of five decades of sustained attacks against the critical infrastructures of Colombia and study the government and industry responses and best practices in that country. It will also develop new algorithms and security solutions informed by the data collected on these attacks. These lessons will be translated into a new course focusing on terrorism, critical infrastructures, and cyber-security, with the goal of developing a multidisciplinary Masters on cyberconflict and terrorism targeted to students working in public policy as well as business leaders and stakeholders in our critical infrastructures. The results will be disseminated in academic as well as industrial conferences and in public and private partnerships for the protection of critical infrastructures such as those led by NIST and DHS.Several analytical and theoretical models for interdiction or interdependencies of critical infrastructures remain abstract and speculative not only because there is scarce data on attacks to critical infrastructures, but also because it is easier to consider simple models or assumptions in order to keep the problem analytically or computationally tractable. Evidence and empirical data of how attacks on critical infrastructures are planned and executed are essential for studying their impact on critical infrastructures, and for identifying the technical and social aspects for protecting these systems. Incorporating new adversary models and defense mechanisms based on real attacks and extracting statistics from these datasets into mathematical models of interdiction, or control interdependencies will require new theoretical developments in algorithms and optimization methods. For example the reconfiguration of power systems done by the operators of the power grid in Colombia can be considered as a moving target defense, and incorporating this dynamic aspect into interdiction games requires new formulations that have not been studied before. In addition, interdiction formulations considering interdependent infrastructures such as gas, water, telecommunications, and electricity will require different models of the "initiating events" and different models of the restoration processes. Similarly the inclusion of interdependent infrastructure models for control problems can add some advantages in the synchronization criteria and might improve synchronizability and stability. The mathematical conditions for phase cohesiveness and frequency synchronization when one infrastructure is subject to attacks will be studied in this research. Finally, extracting policy and strategic trends, and factors that have influenced the outcomes observed in datasets will require extensive analysis of a complex socio-technical component where multiple stakeholders (government, asset owners, services industry, and vendors) have different factors influencing their actions and decisions.

关键的相互依赖的基础设施，如电网，供水网络和运输网络是为现代生活提供最基本服务的大型系统。传统上，对这些基础设施的保护侧重于防止事故造成的故障;然而，人们越来越关注防止物理和网络攻击引发的故障。例如，最近关于关键基础设施网络安全的第13636号行政命令及时提醒人们，越来越需要改善我们关键基础设施的安全态势和抵御攻击的能力，特别是呼吁采取行动，确定记录良好和经过测试的安全最佳做法。 CRISP（Critical Resilient Interdependent Infrastructure Systems and Processes）合作研究项目的目标是确定关键基础设施遭受持续攻击的国家的成功做法和经验教训，并将这些经验教训纳入美国可以用来更好地了解威胁性质的社会和技术解决方案。并激励公共和私营部门采取更好的姿态，保护美国关键基础设施免受物理和网络攻击。 该研究将利用哥伦比亚关键基础设施遭受持续攻击50年的经验，并研究该国政府和行业的应对措施和最佳做法。它还将开发新的算法和安全解决方案，这些算法和安全解决方案将通过收集这些攻击的数据来提供信息。这些经验教训将被转化为一个新的课程，重点是恐怖主义，关键基础设施和网络安全，目标是针对公共政策工作的学生以及商业领袖和利益相关者在我们的关键基础设施发展网络冲突和恐怖主义的多学科硕士学位。研究结果将在学术和工业会议以及公共和私人伙伴关系中传播，以保护关键基础设施，如NIST和DHS领导的伙伴关系。关键基础设施的阻断或相互依赖性的几个分析和理论模型仍然是抽象和推测的，这不仅是因为缺乏关于攻击关键基础设施的数据，而且还因为更容易考虑简单的模型或假设以便保持问题在分析上或计算上易于处理。 关于如何计划和执行对关键基础设施的攻击的证据和经验数据，对于研究这些攻击对关键基础设施的影响以及确定保护这些系统的技术和社会方面至关重要。基于真实的攻击建立新的对手模型和防御机制，并从这些数据集中提取统计数据，将其转化为阻断或控制相互依赖的数学模型，这将需要在算法和优化方法方面进行新的理论发展。例如，在哥伦比亚的电网运营商所做的电力系统的重新配置可以被认为是一个移动目标防御，并将这种动态方面到阻断游戏需要新的配方，以前没有研究过。此外，考虑到天然气、水、电信和电力等相互依赖的基础设施，阻断方案将需要不同的“启动事件”模型和不同的恢复过程模型。类似地，包含用于控制问题的相互依赖的基础设施模型可以在同步标准中增加一些优点，并且可能提高同步性和稳定性。本研究将研究当一个基础设施受到攻击时，相位相干性和频率同步的数学条件。最后，提取政策和战略趋势，以及影响数据集中观察到的结果的因素，将需要对复杂的社会技术组成部分进行广泛的分析，其中多个利益相关者（政府，资产所有者，服务业和供应商）有不同的因素影响他们的行动和决策。