CRISP Type 1/Collaborative Research: Lessons Learned from Decades of Attacks against Critical Interdependent Infrastructures

CRISP 类型 1/协作研究:从数十年针对关键相互依赖基础设施的攻击中汲取的经验教训

基本信息

  • 批准号:
    1925524
  • 负责人:
  • 金额:
    $ 10.98万
  • 依托单位:
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2019
  • 资助国家:
    美国
  • 起止时间:
    2019-01-01 至 2019-12-31
  • 项目状态:
    已结题

项目摘要

Critical interdependent infrastructures such as the power grid, water distribution networks, and transportation networks are large-scale systems that provide the most essential services to modern life. Traditionally, the protection of these infrastructures has focused on preventing failures caused by accidents; however, there is a growing concern about preventing failures initiated by physical as well as cyber attacks. For example, the recent Executive Order 13636 on critical infrastructure cyber-security is a timely reminder on the growing need to improve the security posture and resiliency of our critical infrastructures against attacks, and in particular, a call of action for identifying well-documented and tested security best practices. The goal of this Critical Resilient Interdependent Infrastructure Systems and Processes (CRISP) collaborative research project is to identify the successful practices and lessons learned by countries subject to persistent attacks on their critical infrastructures, and incorporate these lessons into social and technical solutions that the U.S. can use to better understand the nature of the threat, and to motivate better public and private sector postures for the protection of U.S. critical infrastructures from physical as well as cyber-attacks. The research will leverage the experience of five decades of sustained attacks against the critical infrastructures of Colombia and study the government and industry responses and best practices in that country. It will also develop new algorithms and security solutions informed by the data collected on these attacks. These lessons will be translated into a new course focusing on terrorism, critical infrastructures, and cyber-security, with the goal of developing a multidisciplinary Masters on cyberconflict and terrorism targeted to students working in public policy as well as business leaders and stakeholders in our critical infrastructures. The results will be disseminated in academic as well as industrial conferences and in public and private partnerships for the protection of critical infrastructures such as those led by NIST and DHS.Several analytical and theoretical models for interdiction or interdependencies of critical infrastructures remain abstract and speculative not only because there is scarce data on attacks to critical infrastructures, but also because it is easier to consider simple models or assumptions in order to keep the problem analytically or computationally tractable. Evidence and empirical data of how attacks on critical infrastructures are planned and executed are essential for studying their impact on critical infrastructures, and for identifying the technical and social aspects for protecting these systems. Incorporating new adversary models and defense mechanisms based on real attacks and extracting statistics from these datasets into mathematical models of interdiction, or control interdependencies will require new theoretical developments in algorithms and optimization methods. For example the reconfiguration of power systems done by the operators of the power grid in Colombia can be considered as a moving target defense, and incorporating this dynamic aspect into interdiction games requires new formulations that have not been studied before. In addition, interdiction formulations considering interdependent infrastructures such as gas, water, telecommunications, and electricity will require different models of the "initiating events" and different models of the restoration processes. Similarly the inclusion of interdependent infrastructure models for control problems can add some advantages in the synchronization criteria and might improve synchronizability and stability. The mathematical conditions for phase cohesiveness and frequency synchronization when one infrastructure is subject to attacks will be studied in this research. Finally, extracting policy and strategic trends, and factors that have influenced the outcomes observed in datasets will require extensive analysis of a complex socio-technical component where multiple stakeholders (government, asset owners, services industry, and vendors) have different factors influencing their actions and decisions.
关键的相互依存的基础设施,例如电网,水分配网络和运输网络是大规模的系统,可为现代生活提供最重要的服务。传统上,这些基础设施的保护集中在防止事故引起的故障。但是,人们越来越担心防止由身体和网络攻击引发的失败。例如,关于关键基础设施网络安全的最新行政命令13636及时提醒人们,不断增长的需求,以提高我们针对攻击的关键基础设施的安全姿势和弹性,尤其是确定已记录良好和经过测试的安全性最佳实践的行动。 这个关键的弹性相互依存的基础架构系统和流程(CRISP)协作研究项目的目标是确定国家所学到的成功实践和经验教训,导致对其关键基础架构的持续攻击,将这些经验纳入社会和技术解决方案中,并将美国纳入社会和技术解决方案中,以便更好地利用其作为临界事物的临界事务,并及时地了解公共部门的事业,并将其作为私人保护,并为私人提供保护,并将其用于私人保护,并将其纳入私人的保护,并将其纳入私人保护,并将其纳入私人保护,并将其纳入私人保护性,并将其纳入私人保护方面的范围网络攻击。 该研究将利用五十年来对哥伦比亚关键基础设施的持续攻击的经验,并研究该国政府和行业的回应以及最佳实践。它还将开发由这些攻击收集的数据所告知的新算法和安全解决方案。这些课程将转化为一门新课程,重点是恐怖主义,批判基础设施和网络安全,其目的是开发针对公共政策学生以及我们关键基础设施中的商业领导者和利益相关者的网络企业和恐怖主义的多学科大师。 The results will be disseminated in academic as well as industrial conferences and in public and private partnerships for the protection of critical infrastructures such as those led by NIST and DHS.Several analytical and theoretical models for interdiction or interdependencies of critical infrastructures remain abstract and speculative not only because there is scarce data on attacks to critical infrastructures, but also because it is easier to consider simple models or assumptions in order to keep the在分析或计算上可以解决问题。 关于如何计划和执行对关键基础设施攻击的证据和经验数据对于研究其对关键基础设施的影响以及确定保护这些系统的技术和社会方面至关重要。将基于实际攻击的新对手模型和防御机制纳入构成数学模型或控制相互依赖性的数学模型将需要新的理论发展和算法和优化方法中的新理论发展。例如,可以将哥伦比亚电网运营商完成的电力系统重新配置被视为一种移动的目标防御,并将这一动态方面纳入Intriction Games需要以前从未研究过的新配方。此外,考虑相互依存的基础设施,例如气体,水,电信和电力等相互依存的基础设施,将需要不同的“启动事件”模型以及恢复过程的不同模型。同样,将相互依存的基础设施模型纳入控制问题可能会在同步标准中增加一些优势,并可能提高同步性和稳定性。在这项研究中,将研究一个基础设施受到攻击时的相位凝聚力和频率同步的数学条件。最后,提取政策和战略趋势,以及影响数据集中观察到的结果的因素将需要对复杂的社会技术组成部分进行广泛的分析,在这种情况下,多个利益相关者(政府,资产所有者,服务行业和供应商)具有影响其行动和决策的不同因素。

项目成果

期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Alvaro Cardenas其他文献

Paramilitary Violence in Colombia: A Multilevel Negative Binomial Analysis
哥伦比亚的准军事暴力:多层次负二项式分析
  • DOI:
  • 发表时间:
    2019
  • 期刊:
  • 影响因子:
    1.6
  • 作者:
    J. Holmes;Agustin Palao Mendizabal;David Saucedo De La Fuente;Mercedez Callenes;Alvaro Cardenas
  • 通讯作者:
    Alvaro Cardenas
Crossing thresholds: The use of spatial analysis to identify intensification of the Colombian conflict
跨越阈值:利用空间分析来确定哥伦比亚冲突的加剧
  • DOI:
  • 发表时间:
    2019
  • 期刊:
  • 影响因子:
    0.6
  • 作者:
    Agustin Palao‐Mendizabal;J. Holmes;Mercedez Callenes;Alvaro Cardenas
  • 通讯作者:
    Alvaro Cardenas
A hotspot analysis of critical hydrocarbons infrastructure in Colombia: ELN (Ejército de Liberación Nacional) and FARC (Fuerzas Armadas Revolucionarias de Colombia) attacks on Colombian pipelines
哥伦比亚关键碳氢化合物基础设施热点分析:ELN (Ejército de Liberación Nacional) 和 FARC (Fuerzas Armadas Revolucionarias de Columbia) 对哥伦比亚管道的攻击
  • DOI:
    10.1016/j.apgeog.2020.102376
  • 发表时间:
    2021
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Agustin Palao Mendizabal;J. Holmes;Neil Ortiz;Mercedez Callenes;Alvaro Cardenas
  • 通讯作者:
    Alvaro Cardenas

Alvaro Cardenas的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

{{ truncateString('Alvaro Cardenas', 18)}}的其他基金

Conference: Post-Alert: Data Attribution and Attack-Response
会议:警报后:数据归因和攻击响应
  • 批准号:
    2321134
  • 财政年份:
    2023
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
NSF Student Travel Grant for 2020 IEEE Symposium and Workshops on Security and Privacy
NSF 学生为 2020 年 IEEE 安全与隐私研讨会和研讨会提供旅费补助
  • 批准号:
    2000427
  • 财政年份:
    2020
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
CPS: Medium: Collaborative Research: Security vs. Privacy in Cyber-Physical Systems
CPS:媒介:协作研究:网络物理系统中的安全与隐私
  • 批准号:
    1929410
  • 财政年份:
    2019
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
CAREER: Practical Control Engineering Principles to Improve the Security and Privacy of Cyber-Physical Systems
职业:提高网络物理系统安全性和隐私性的实用控制工程原理
  • 批准号:
    1931573
  • 财政年份:
    2019
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Continuing Grant
NeTS: Small: Collaborative Research: Measurement and Modeling of Industrial Control Networks
NeTS:小型:协作研究:工业控制网络的测量和建模
  • 批准号:
    1929406
  • 财政年份:
    2019
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
CPS: Medium: Collaborative Research: Security vs. Privacy in Cyber-Physical Systems
CPS:媒介:协作研究:网络物理系统中的安全与隐私
  • 批准号:
    1837627
  • 财政年份:
    2018
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
NeTS: Small: Collaborative Research: Measurement and Modeling of Industrial Control Networks
NeTS:小型:协作研究:工业控制网络的测量和建模
  • 批准号:
    1718848
  • 财政年份:
    2017
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
CAREER: Practical Control Engineering Principles to Improve the Security and Privacy of Cyber-Physical Systems
职业:提高网络物理系统安全性和隐私性的实用控制工程原理
  • 批准号:
    1553683
  • 财政年份:
    2016
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Continuing Grant
CRISP Type 1/Collaborative Research: Lessons Learned from Decades of Attacks against Critical Interdependent Infrastructures
CRISP 类型 1/协作研究:从数十年针对关键相互依赖基础设施的攻击中汲取的经验教训
  • 批准号:
    1541199
  • 财政年份:
    2016
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
Student Travel Support for IEEE Symposium on Security and Privacy
IEEE 安全和隐私研讨会的学生旅行支持
  • 批准号:
    1701615
  • 财政年份:
    2016
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant

相似国自然基金

数智背景下的团队人力资本层级结构类型、团队协作过程与团队效能结果之间关系的研究
  • 批准号:
    72372084
  • 批准年份:
    2023
  • 资助金额:
    40 万元
  • 项目类别:
    面上项目
基于脑启发的多种类型神经可塑性协同学习机制研究
  • 批准号:
    62306114
  • 批准年份:
    2023
  • 资助金额:
    30 万元
  • 项目类别:
    青年科学基金项目
不同类型社会网络关系对员工工作意义感和创造力的影响研究
  • 批准号:
    72302112
  • 批准年份:
    2023
  • 资助金额:
    30 万元
  • 项目类别:
    青年科学基金项目
束长蝽科二个同域分布物种的种内多类型线粒体基因重排类型、地理格局及其演化方式研究
  • 批准号:
    32300369
  • 批准年份:
    2023
  • 资助金额:
    30 万元
  • 项目类别:
    青年科学基金项目
受激拉曼散射成像方法用于细胞类型特异的肿瘤代谢研究
  • 批准号:
    22377016
  • 批准年份:
    2023
  • 资助金额:
    50 万元
  • 项目类别:
    面上项目

相似海外基金

CRISP 2.0 Type 2: Collaborative Research: Water and Health Infrastructure Resilience and Learning (WHIRL)
CRISP 2.0 类型 2:合作研究:水和卫生基础设施复原力和学习 (WHIRL)
  • 批准号:
    2246584
  • 财政年份:
    2022
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
CRISP 2.0 Type 2: Collaborative Research: Integrated Socio-Technical Modeling Framework to Evaluate and Enhance Resiliency in Islanded Communities (ERIC)
CRISP 2.0 类型 2:协作研究:评估和增强岛屿社区复原力的综合社会技术建模框架 (ERIC)
  • 批准号:
    2317990
  • 财政年份:
    2022
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
CRISP 2.0 Type 2: Collaborative Research: Organizing Decentralized Resilience in Critical Interdependent-infrastructure Systems and Processes (ORDER-CRISP)
CRISP 2.0 类型 2:协作研究:在关键的相互依赖的基础设施系统和流程中组织去中心化的弹性 (ORDER-CRISP)
  • 批准号:
    1832578
  • 财政年份:
    2019
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
CRISP 2.0 Type 2: Collaborative Research: Organizing Decentralized Resilience in Critical Interdependent-infrastructure Systems and Processes (ORDER-CRISP)
CRISP 2.0 类型 2:协作研究:在关键的相互依赖的基础设施系统和流程中组织去中心化的弹性 (ORDER-CRISP)
  • 批准号:
    1832635
  • 财政年份:
    2019
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
CRISP 2.0 Type 1: Collaborative Research: Distributed Edge Computing to Improve Resilience of Interdependent Systems
CRISP 2.0 类型 1:协作研究:分布式边缘计算以提高相互依赖系统的弹性
  • 批准号:
    1832711
  • 财政年份:
    2019
  • 资助金额:
    $ 10.98万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了