On defense strategies for system of systems using aggregated correlations
Abstract
We consider a System of Systems (SoS) wherein each system Si, i = 1; 2; ... ;N, is composed of discrete cyber and physical components which can be attacked and reinforced. We characterize the disruptions using aggregate failure correlation functions given by the conditional failure probability of SoS given the failure of an individual system. We formulate the problem of ensuring the survival of SoS as a game between an attacker and a provider, each with a utility function composed of asurvival probability term and a cost term, both expressed in terms of the number of components attacked and reinforced. The survival probabilities of systems satisfy simple productform, firstorder differential conditions, which simplify the Nash Equilibrium (NE) conditions. We derive the sensitivity functions that highlight the dependence of SoS survival probability at NE on cost terms, correlation functions, and individual system survival probabilities.We apply these results to a simplified model of distributed cloud computing infrastructure.
 Authors:
 ORNL
 Hang Seng Management College, Hon Kong
 University of Stavanger, Norway
 Texas A&M University, Kingsville, TX, USA
 University at Buffalo (SUNY)
 Publication Date:
 Research Org.:
 Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
 Sponsoring Org.:
 USDOE Office of Science (SC), Advanced Scientific Computing Research (ASCR) (SC21); USDOE National Nuclear Security Administration (NNSA)
 OSTI Identifier:
 1399527
 DOE Contract Number:
 AC0500OR22725
 Resource Type:
 Conference
 Resource Relation:
 Conference: 11th Annual IEEE International Systems Conference (SYSCON2017)  Montreal, , Canada  4/24/2017 4:00:00 AM4/27/2017 4:00:00 AM
 Country of Publication:
 United States
 Language:
 English
Citation Formats
Rao, Nageswara S., Imam, Neena, Ma, Chris Y. T., Hausken, Kjell, He, Fei, and Zhuang, Jun. On defense strategies for system of systems using aggregated correlations. United States: N. p., 2017.
Web. doi:10.1109/SYSCON.2017.7934817.
Rao, Nageswara S., Imam, Neena, Ma, Chris Y. T., Hausken, Kjell, He, Fei, & Zhuang, Jun. On defense strategies for system of systems using aggregated correlations. United States. doi:10.1109/SYSCON.2017.7934817.
Rao, Nageswara S., Imam, Neena, Ma, Chris Y. T., Hausken, Kjell, He, Fei, and Zhuang, Jun. Sat .
"On defense strategies for system of systems using aggregated correlations". United States.
doi:10.1109/SYSCON.2017.7934817. https://www.osti.gov/servlets/purl/1399527.
@article{osti_1399527,
title = {On defense strategies for system of systems using aggregated correlations},
author = {Rao, Nageswara S. and Imam, Neena and Ma, Chris Y. T. and Hausken, Kjell and He, Fei and Zhuang, Jun},
abstractNote = {We consider a System of Systems (SoS) wherein each system Si, i = 1; 2; ... ;N, is composed of discrete cyber and physical components which can be attacked and reinforced. We characterize the disruptions using aggregate failure correlation functions given by the conditional failure probability of SoS given the failure of an individual system. We formulate the problem of ensuring the survival of SoS as a game between an attacker and a provider, each with a utility function composed of asurvival probability term and a cost term, both expressed in terms of the number of components attacked and reinforced. The survival probabilities of systems satisfy simple productform, firstorder differential conditions, which simplify the Nash Equilibrium (NE) conditions. We derive the sensitivity functions that highlight the dependence of SoS survival probability at NE on cost terms, correlation functions, and individual system survival probabilities.We apply these results to a simplified model of distributed cloud computing infrastructure.},
doi = {10.1109/SYSCON.2017.7934817},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Sat Apr 01 00:00:00 EDT 2017},
month = {Sat Apr 01 00:00:00 EDT 2017}
}

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multinetwork integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose missioncritical control systems to cyber threats. This document provides guidance and direction for developing ‘defenseindepth’ strategies for organizations that use control system networks while maintaining a multitier information architecturemore »

Defense strategies for infrastructures with multiple systems of components
In several critical infrastructures correlations between the constituent systems represent certain vulnerabilities: disruptions to one may propagate to others and possibly to the entire infrastructure. The correlations between the systems are characterized in two ways in this paper: (i) the aggregate failure correlation function specifies the conditional failure probability of the infrastructure given the failure of an individual system, and (ii) the pairwise correlation function between two systems specifies the failure probability of one system given the failure of the other. The survival probabilities of individual systems satisfy firstorder differential conditions that generalize the contest success functions and statistical independencemore » 
Defense strategies for asymmetric networked systems under composite utilities
We consider an infrastructure of networked systems with discrete components that can be reinforced at certain costs to guard against attacks. The communications network plays a critical, asymmetric role of providing the vital connectivity between the systems. We characterize the correlations within this infrastructure at two levels using (a) aggregate failure correlation function that specifies the infrastructure failure probability giventhe failure of an individual system or network, and (b) first order differential conditions on system survival probabilities that characterize componentlevel correlations. We formulate an infrastructure survival game between an attacker and a provider, who attacks and reinforces individual components, respectively.more » 
Computerization of energy systems using modern systems techniquesperspectives, prospects and strategies for economic development: Part I
The survival and progress of modern civilization is dependent upon the phenomenon of energy. The cost of procurement of energy is increasing rapidly as is the cost of the associated technology to produce it. The developed nations have begun a process of redeveloping to meet the new challenge as a result of the change in the international energy scenario. Their redevelopment is guided by making more sophisticated use of energy and material resources and eventual reduction of the per capita energy requirements with potentially improved social and environmental conditions. While the industrialized or redeveloping countries are changing their trajectory, themore »