SaTC: CORE: Small: Data-driven Attack and Defense Modeling for Cyber-physical Systems

SaTC：核心：小型：网络物理系统的数据驱动攻击和防御建模

基本信息

批准号：
2134076
负责人：
Shaunak Bopardikar
金额：
$ 20万
依托单位：
Michigan State University
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2022
资助国家：
美国
起止时间：
2022-03-01 至 2025-02-28
项目状态：
未结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=2134076&HistoricalAwards=false
关键词：
SaTC CORE Small Data driven

项目摘要

Modern cyber-physical systems (CPS) such as smart buildings or vaccine storage systems involve several connected devices (phones, sensors, and controllers) that perform multiple objectives including temperature or humidity control. However, attacks such as Stuxnet, or the recent Colonial pipeline attack on industrial CPS have exposed major vulnerabilities, demonstrating the inadequacy of current security techniques to guarantee proper functioning of a CPS. An effective response against smart attackers by pro-actively modeling and responding to attacks on a complex CPS at an ongoing basis, especially with limited data on vulnerabilities in the CPS will be developed in this project.Using the concept of hybrid attack graphs to capture discrete and domain-specific (physical) dynamics, a data-driven game-theoretic methodology for securing the cyber and physical components of a CPS is the focus of this project. Three closely integrated research thrusts will span the extent of this project: (1) automated strategies to characterize attacker intent using reinforcement learning (RL); (2) an integrated defense approach to guide the security strategies of the CPS using a novel combination of game theory, RL and Bayesian optimization; and (3) evaluation and validation via realistic simulations with emulated data from sensors and actuators of intelligent buildings.Multiple applications including securing critical infrastructure and supply chains with significant societal impact on public safety will benefit from the project outcomes. Training opportunities for one PhD student and multiple undergraduate students participating in summer research programs, especially from underrepresented groups will be created. Several K-12 outreach and teacher training activities, including hands-on, interactive games and contests between a defender and attacker will be designed to motivate K-12 students to pursue science and engineering. The curriculum of the new graduate course on non-cooperative game theory at MSU will be enriched with new data-driven methods for solving games. A project website has been created (https://github.com/sandeepbanik/Data-Driven-Resilient-Systems) to provide access to all data from this project. Each publication, thesis, or report will have associated with it a set of web pages for the data plots and tables contained therein. In turn, each of these pages will point to files containing the data itself, the metadata and, as relevant, all information needed to regenerate the data. This site will remain active for at least 3 years beyond the end of the award, or the last public release of data associated with the award, whichever is later.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

现代的网络物理系统（CPS），例如智能建筑物或疫苗存储系统，涉及多个连接的设备（电话，传感器和控制器），这些设备执行了多个目标，包括温度或湿度控制。但是，诸如Stuxnet或最近对工业CP的殖民管道攻击之类的攻击暴露了主要漏洞，证明了当前安全技术不足以保证CP的正确运行。 An effective response against smart attackers by pro-actively modeling and responding to attacks on a complex CPS at an ongoing basis, especially with limited data on vulnerabilities in the CPS will be developed in this project.Using the concept of hybrid attack graphs to capture discrete and domain-specific (physical) dynamics, a data-driven game-theoretic methodology for securing the cyber and physical components of a CPS is the focus of this project.三个紧密整合的研究推力将涵盖该项目的范围：（1）使用加强学习（RL）表征攻击者意图的自动化策略；（2）一种使用游戏理论，RL和贝叶斯优化的新型组合来指导CPS的安全策略的综合防御方法；（3）通过使用智能建筑物的传感器和执行器的模拟数据进行逼真的模拟进行评估和验证。包括确保关键基础设施和供应链对公共安全产生重大影响的多个应用程序将从项目成果中受益。将创建一名博士生和多名本科生参加夏季研究计划的培训机会，尤其是来自代表性不足的小组的培训机会。几项K-12外展和教师培训活动，包括动手，互动游戏以及防守者和攻击者之间的比赛，旨在激励K-12学生追求科学和工程学。 MSU非合作游戏理论的新研究生课程的课程将富含用于求解游戏的新数据驱动方法。已经创建了一个项目网站（https://github.com/sandeepbanik/data-driven-resilient-systems），以提供对该项目的所有数据的访问。每个出版物，论文或报告都将与其中包含的数据图和表中的一组网页相关联。反过来，这些页面中的每一个都将指向包含数据本身，元数据以及相关的文件的文件，以重新生成数据所需的所有信息。该网站将在奖励结束后至少保持活跃，或者在奖励较晚的最后发布数据之后至少3年，以较晚者为准。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的知识分子和更广泛影响的评估审查标准来通过评估来获得支持的。