As infrastructure and industrial control systems are increasingly being connected to the Internet and other widely accessible networks, their vulnerability to cyber attacks is fast becoming a growing concern and a national priority. Successfully weathering these attacks calls for stringent security measures and, in turn, imposes unique requirements on control algorithms, which must be able to ensure some level of closed-loop stability and performance in the presence of malicious and strategic intrusions, and complement the first line of defense provided by more traditional cyber-security techniques. In order to be implementable on today?s SCADA systems, these algorithms must (1) be able to face a wide variety of attacks, (2) be easy to deploy and require relatively low computational resources and, (3) come with theoretical guarantees of resilience for at least some well-defined classes of attacks.
This CAREER project proposes to explore the design of such secure control algorithms using the tools of Game Theory, more specifically dynamic zero-sum games, stopping games, and team theory. The flexibility afforded by this modeling paradigm makes it possible to capture various characteristics of attacks through the attacker?s and controller?s information and action sets, as well as through the kernel of the game. In addition to readily implementable control strategies, this game theoretic approach also provides fundamental insights into the influence of an attack?s point of entry and stealthiness on its outcomes, and points towards specific resilient architectures for networked control systems. The resulting algorithms will be implemented and validated on three experimental testbeds of increasing complexity and degree of realism. One of these testbed is an actual small scale SCADA-enabled power grid located in Stockholm, Sweden, which the PI will be granted access to via ongoing collaboration with the Royal Institute of Technology (KTH). Tightly integrated with this research plan are education and outreach activities, which will partly leverage the testbed implementations, and are aimed at extending the use of game theoretic tools in the cyber-security community and among engineering students, and demystifying cyber-attacks for the general public, respectively.
Intellectual Merit: The novelty and pertinence of the proposed approach for designing provably secure control systems lies in its focus on the resilience of the control algorithm itself, and its combination of the complementary strengths of dynamic game theory and robust control techniques to achieve this goal. This is in contrast with traditional cyber-security approaches, which are typically concerned with decreasing software and hardware vulnerabilities, and thwarting attacks at their point of entry. In addition, while game theoretic methods have proved successful in the formulation and resolution of security problems in the context of computer and communication networks, the use of these tools for studying and designing secure networked control systems under cyber-attacks is relatively new and unexplored.
Broader Impact: We expect the algorithms and approach resulting from this project to be widely applicable, and to provide additional options for the design of ?defense in depth? strategies for networked control systems. In order to disseminate these results to a broad community of students, researchers, and practitioners, a yearly summer school on ?Game Theory for Decision-Making and Security? will be organized either as a stand-alone event, or as part of UIUC?s Information Trust Institute?s (ITI) offering of dedicated summer workshops. Undergraduates will be recruited through ITI?s Summer Internship Program, and will be involved in the implementation and characterization of the two in-house testbeds. These testbeds will also be used in outreach efforts to the local and global public. Finally, this project will help strengthen the research and educational ties between UIUC and KTH, including student exchange.
