CAREER: Game-Theoretic Analysis and Design for Cross-Layer Cyber-Physical System Security and Resilience

职业：跨层网络物理系统安全性和弹性的博弈论分析和设计

• 批准号: 1847056
• 负责人: Quanyan Zhu
• 金额: $ 50万
• 依托单位: New York University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-03-01 至 2025-02-28
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1847056&HistoricalAwards=false
• 关键词: CAREER; Game; Theoretic; Analysis; Design

Cyber-physical systems (CPS) are composed of multi-layer tightly integrated and highly interdependent components. An adversary can exploit the connections between the layers and launch an advanced persistent threat (APT) attack that is accomplished through a set of multi-stage stealthy and continuous hacking processes. Lessons learned from APT attacks have highlighted the fact that the design for perfect security is not always possible or prohibitively expensive, and hence resilience is an equally important mechanism that can complement the imperfect security. The standard analysis tools are insufficient to cope with the complexity of CPS and address the design of security and resilience mechanisms. To this end, the project aims to establish an integrated game-theoretic framework that adopts both reductionist and integrative approaches to engineer high-confidence CPS. The proposed research uses electric power systems and the cloud-enabled autonomous systems as two case studies to illustrate the designs of cyber defense strategies, resilience control mechanisms, and CPS security-aware contracts as the holistic cyber, physical, and human solution to for next-generation high-confidence infrastructure systems. The methodologies developed in the project establish an inter-disciplinary system science to conceptualize and design high-confidence CPS, and expedite the realization of CPS in a wide range of applications including transportation, industrial automation, and the power grid. The project first leverages system engineering principles to create game motifs or gamelets as building blocks and use them to compose a game of games or meta-game to model heterogeneous interactions of system components within the layers, across the layers, and with an adversary. As the perfect security at the cyberspace is not always possible, the project develops a resilient control mechanism to provide an alternative paradigm of protection by maintaining critical functions of the CPS and mitigating the impact of cyber insecurity on the physical layer. At the socio-economic level, the proposed CPS contracts aim to create an incentive-compatible secure provision of CPS services and mitigate security risks by incentivizing proper security management of the service providers and reducing the risks of the users. The research is fully integrated into the educational plan via the incorporation of new courses as well as the training of undergraduate and graduate students via mentoring, participation in test-bed development, special projects, and internships at research labs. The educational tool will foster this integration via new hands-on activities and demonstrations to a broader community. With the aim to increase the participation of high school students, particularly women and minority students in science and engineering, the outreach activities include annual high school student summer camp, girls-in-cybersecurity mentorship program, and the development of educational short films and documentaries.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

信息物理系统（CPS）由多层紧密集成且高度相互依赖的组件组成。攻击者可以利用各层之间的连接并发起高级持续威胁 (APT) 攻击，该攻击是通过一组多阶段隐秘且持续的黑客过程来完成的。 从 APT 攻击中汲取的经验教训强调了这样一个事实：完美的安全性设计并不总是可行或昂贵得令人望而却步，因此弹性是一个同样重要的机制，可以补充不完美的安全性。标准分析工具不足以应对CPS的复杂性并解决安全和弹性机制的设计。 为此，该项目旨在建立一个综合博弈论框架，采用还原论和综合方法来设计高置信度的 CPS。拟议的研究使用电力系统和云支持的自治系统作为两个案例研究，以说明网络防御策略、弹性控制机制和 CPS 安全意识合约的设计，作为未来的整体网络、物理和人类解决方案。 -生成高可信度基础设施系统。该项目开发的方法建立了跨学科的系统科学来概念化和设计高可信度的CPS，并加速CPS在交通、工业自动化和电网等广泛应用中的实现。该项目首先利用系统工程原理来创建游戏主题或小游戏作为构建块，并使用它们来组成游戏的游戏或元游戏，以对系统组件在层内、跨层以及与对手的异构交互进行建模。由于网络空间的完美安全并不总是可能的，因此该项目开发了一种弹性控制机制，通过维护 CPS 的关键功能并减轻网络不安全对物理层的影响来提供替代的保护范式。在社会经济层面，拟议的 CPS 合约旨在创建与激励兼容的 CPS 服务安全提供，并通过激励服务提供商的适当安全管理和降低用户的风险来降低安全风险。通过纳入新课程以及通过指导、参与试验台开发、特殊项目和研究实验室实习对本科生和研究生进行培训，该研究已完全融入教育计划。该教育工具将通过新的实践活动和向更广泛的社区进行演示来促进这种整合。为了增加高中生，特别是女性和少数族裔学生对科学和工程的参与，外展活动包括年度高中生夏令营、网络安全女孩辅导计划以及制作教育短片和纪录片该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Self-Triggered Markov Decision Processes

自触发马尔可夫决策过程

• DOI: 10.1109/cdc45484.2021.9682918
• 发表时间: 2021-02-17
• 期刊: 2021 60th IEEE Conference on Decision and Control (CDC)
• 作者: Yunhan Huang;Quanyan Zhu
• 通讯作者: Quanyan Zhu

Rolling Horizon Games for Cluster Formation of Resilient Multiagent Systems

用于弹性多代理系统集群形成的滚动地平线游戏

• DOI: 10.1109/cdc45484.2021.9683409
• 发表时间: 2021-12
• 期刊: 2021 60th IEEE Conference on Decision and Control (CDC
• 作者: Nugraha, Yurid;Cetinkaya, Ahmet;Hayakawa, Tomohisa;Ishii, Hideaki;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan

The Inverse Problem of Linear-Quadratic Differential Games: When is a Control Strategies Profile Nash?

线性二次微分博弈的反问题：控制策略何时符合纳什？

• DOI: 10.1109/allerton49937.2022.9929408
• 发表时间: 2022-07-12
• 期刊: 2022 58th Annual Allerton Conference on Communication, Control, and Computing (Allerton)
• 作者: Yunhan Huang;Zhang Tao;Quanyan Zhu
• 通讯作者: Quanyan Zhu

Duplicity Games for Deception Design With an Application to Insider Threat Mitigation

欺骗设计的口是心非博弈及其在内部威胁缓解中的应用

• DOI: 10.1109/tifs.2021.3118886
• 发表时间: 2021-01
• 期刊: IEEE Transactions on Information Forensics and Security
• 影响因子: 6.8
• 作者: Huang, Linan;Zhu, Quanyan
• 通讯作者: Zhu, Quanyan

Distributed Stabilization of Two Interdependent Markov Jump Linear Systems With Partial Information

具有部分信息的两个相互依赖的马尔可夫跳跃线性系统的分布式镇定

• DOI: 10.1109/lcsys.2020.3004649
• 发表时间: 2020-03-13
• 期刊: IEEE Control Systems Letters
• 影响因子: 3
• 作者: Guanze Peng;Juntao Chen;Quanyan Zhu
• 通讯作者: Quanyan Zhu