CRISP Type 1/Collaborative Research: Lessons Learned from Decades of Attacks against Critical Interdependent Infrastructures

CRISP 类型 1/协作研究：从数十年针对关键相互依赖基础设施的攻击中汲取的经验教训

• 批准号: 1925524
• 负责人: Alvaro Cardenas
• 金额: $ 10.98万
• 依托单位: University of California-Santa Cruz
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-01-01 至 2019-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1925524&HistoricalAwards=false
• 关键词: CRISP; Type; Collaborative; Research; Lessons

Critical interdependent infrastructures such as the power grid, water distribution networks, and transportation networks are large-scale systems that provide the most essential services to modern life. Traditionally, the protection of these infrastructures has focused on preventing failures caused by accidents; however, there is a growing concern about preventing failures initiated by physical as well as cyber attacks. For example, the recent Executive Order 13636 on critical infrastructure cyber-security is a timely reminder on the growing need to improve the security posture and resiliency of our critical infrastructures against attacks, and in particular, a call of action for identifying well-documented and tested security best practices. The goal of this Critical Resilient Interdependent Infrastructure Systems and Processes (CRISP) collaborative research project is to identify the successful practices and lessons learned by countries subject to persistent attacks on their critical infrastructures, and incorporate these lessons into social and technical solutions that the U.S. can use to better understand the nature of the threat, and to motivate better public and private sector postures for the protection of U.S. critical infrastructures from physical as well as cyber-attacks. The research will leverage the experience of five decades of sustained attacks against the critical infrastructures of Colombia and study the government and industry responses and best practices in that country. It will also develop new algorithms and security solutions informed by the data collected on these attacks. These lessons will be translated into a new course focusing on terrorism, critical infrastructures, and cyber-security, with the goal of developing a multidisciplinary Masters on cyberconflict and terrorism targeted to students working in public policy as well as business leaders and stakeholders in our critical infrastructures. The results will be disseminated in academic as well as industrial conferences and in public and private partnerships for the protection of critical infrastructures such as those led by NIST and DHS.Several analytical and theoretical models for interdiction or interdependencies of critical infrastructures remain abstract and speculative not only because there is scarce data on attacks to critical infrastructures, but also because it is easier to consider simple models or assumptions in order to keep the problem analytically or computationally tractable. Evidence and empirical data of how attacks on critical infrastructures are planned and executed are essential for studying their impact on critical infrastructures, and for identifying the technical and social aspects for protecting these systems. Incorporating new adversary models and defense mechanisms based on real attacks and extracting statistics from these datasets into mathematical models of interdiction, or control interdependencies will require new theoretical developments in algorithms and optimization methods. For example the reconfiguration of power systems done by the operators of the power grid in Colombia can be considered as a moving target defense, and incorporating this dynamic aspect into interdiction games requires new formulations that have not been studied before. In addition, interdiction formulations considering interdependent infrastructures such as gas, water, telecommunications, and electricity will require different models of the "initiating events" and different models of the restoration processes. Similarly the inclusion of interdependent infrastructure models for control problems can add some advantages in the synchronization criteria and might improve synchronizability and stability. The mathematical conditions for phase cohesiveness and frequency synchronization when one infrastructure is subject to attacks will be studied in this research. Finally, extracting policy and strategic trends, and factors that have influenced the outcomes observed in datasets will require extensive analysis of a complex socio-technical component where multiple stakeholders (government, asset owners, services industry, and vendors) have different factors influencing their actions and decisions.

关键的相互依存的基础设施，例如电网，水分配网络和运输网络是大规模的系统，可为现代生活提供最重要的服务。传统上，这些基础设施的保护集中在防止事故引起的故障。但是，人们越来越担心防止由身体和网络攻击引发的失败。例如，关于关键基础设施网络安全的最新行政命令13636及时提醒人们，不断增长的需求，以提高我们针对攻击的关键基础设施的安全姿势和弹性，尤其是确定已记录良好和经过测试的安全性最佳实践的行动。 这个关键的弹性相互依存的基础架构系统和流程（CRISP）协作研究项目的目标是确定国家所学到的成功实践和经验教训，导致对其关键基础架构的持续攻击，将这些经验纳入社会和技术解决方案中，并将美国纳入社会和技术解决方案中，以便更好地利用其作为临界事物的临界事务，并及时地了解公共部门的事业，并将其作为私人保护，并为私人提供保护，并将其用于私人保护，并将其纳入私人的保护，并将其纳入私人保护，并将其纳入私人保护，并将其纳入私人保护性，并将其纳入私人保护方面的范围网络攻击。 该研究将利用五十年来对哥伦比亚关键基础设施的持续攻击的经验，并研究该国政府和行业的回应以及最佳实践。它还将开发由这些攻击收集的数据所告知的新算法和安全解决方案。这些课程将转化为一门新课程，重点是恐怖主义，批判基础设施和网络安全，其目的是开发针对公共政策学生以及我们关键基础设施中的商业领导者和利益相关者的网络企业和恐怖主义的多学科大师。 The results will be disseminated in academic as well as industrial conferences and in public and private partnerships for the protection of critical infrastructures such as those led by NIST and DHS.Several analytical and theoretical models for interdiction or interdependencies of critical infrastructures remain abstract and speculative not only because there is scarce data on attacks to critical infrastructures, but also because it is easier to consider simple models or assumptions in order to keep the在分析或计算上可以解决问题。 关于如何计划和执行对关键基础设施攻击的证据和经验数据对于研究其对关键基础设施的影响以及确定保护这些系统的技术和社会方面至关重要。将基于实际攻击的新对手模型和防御机制纳入构成数学模型或控制相互依赖性的数学模型将需要新的理论发展和算法和优化方法中的新理论发展。例如，可以将哥伦比亚电网运营商完成的电力系统重新配置被视为一种移动的目标防御，并将这一动态方面纳入Intriction Games需要以前从未研究过的新配方。此外，考虑相互依存的基础设施，例如气体，水，电信和电力等相互依存的基础设施，将需要不同的“启动事件”模型以及恢复过程的不同模型。同样，将相互依存的基础设施模型纳入控制问题可能会在同步标准中增加一些优势，并可能提高同步性和稳定性。在这项研究中，将研究一个基础设施受到攻击时的相位凝聚力和频率同步的数学条件。最后，提取政策和战略趋势，以及影响数据集中观察到的结果的因素将需要对复杂的社会技术组成部分进行广泛的分析，在这种情况下，多个利益相关者（政府，资产所有者，服务行业和供应商）具有影响其行动和决策的不同因素。