skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: On defense strategies for system of systems using aggregated correlations

Abstract

We consider a System of Systems (SoS) wherein each system Si, i = 1; 2; ... ;N, is composed of discrete cyber and physical components which can be attacked and reinforced. We characterize the disruptions using aggregate failure correlation functions given by the conditional failure probability of SoS given the failure of an individual system. We formulate the problem of ensuring the survival of SoS as a game between an attacker and a provider, each with a utility function composed of asurvival probability term and a cost term, both expressed in terms of the number of components attacked and reinforced. The survival probabilities of systems satisfy simple product-form, first-order differential conditions, which simplify the Nash Equilibrium (NE) conditions. We derive the sensitivity functions that highlight the dependence of SoS survival probability at NE on cost terms, correlation functions, and individual system survival probabilities.We apply these results to a simplified model of distributed cloud computing infrastructure.

Authors:
ORCiD logo [1]; ORCiD logo [1];  [2];  [3];  [4];  [5]
  1. ORNL
  2. Hang Seng Management College, Hon Kong
  3. University of Stavanger, Norway
  4. Texas A&M University, Kingsville, TX, USA
  5. University at Buffalo (SUNY)
Publication Date:
Research Org.:
Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Sponsoring Org.:
USDOE Office of Science (SC), Advanced Scientific Computing Research (ASCR) (SC-21); USDOE National Nuclear Security Administration (NNSA)
OSTI Identifier:
1399527
DOE Contract Number:
AC05-00OR22725
Resource Type:
Conference
Resource Relation:
Conference: 11th Annual IEEE International Systems Conference (SYSCON2017) - Montreal, , Canada - 4/24/2017 4:00:00 AM-4/27/2017 4:00:00 AM
Country of Publication:
United States
Language:
English

Citation Formats

Rao, Nageswara S., Imam, Neena, Ma, Chris Y. T., Hausken, Kjell, He, Fei, and Zhuang, Jun. On defense strategies for system of systems using aggregated correlations. United States: N. p., 2017. Web. doi:10.1109/SYSCON.2017.7934817.
Rao, Nageswara S., Imam, Neena, Ma, Chris Y. T., Hausken, Kjell, He, Fei, & Zhuang, Jun. On defense strategies for system of systems using aggregated correlations. United States. doi:10.1109/SYSCON.2017.7934817.
Rao, Nageswara S., Imam, Neena, Ma, Chris Y. T., Hausken, Kjell, He, Fei, and Zhuang, Jun. Sat . "On defense strategies for system of systems using aggregated correlations". United States. doi:10.1109/SYSCON.2017.7934817. https://www.osti.gov/servlets/purl/1399527.
@article{osti_1399527,
title = {On defense strategies for system of systems using aggregated correlations},
author = {Rao, Nageswara S. and Imam, Neena and Ma, Chris Y. T. and Hausken, Kjell and He, Fei and Zhuang, Jun},
abstractNote = {We consider a System of Systems (SoS) wherein each system Si, i = 1; 2; ... ;N, is composed of discrete cyber and physical components which can be attacked and reinforced. We characterize the disruptions using aggregate failure correlation functions given by the conditional failure probability of SoS given the failure of an individual system. We formulate the problem of ensuring the survival of SoS as a game between an attacker and a provider, each with a utility function composed of asurvival probability term and a cost term, both expressed in terms of the number of components attacked and reinforced. The survival probabilities of systems satisfy simple product-form, first-order differential conditions, which simplify the Nash Equilibrium (NE) conditions. We derive the sensitivity functions that highlight the dependence of SoS survival probability at NE on cost terms, correlation functions, and individual system survival probabilities.We apply these results to a simplified model of distributed cloud computing infrastructure.},
doi = {10.1109/SYSCON.2017.7934817},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Sat Apr 01 00:00:00 EDT 2017},
month = {Sat Apr 01 00:00:00 EDT 2017}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:
  • Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecturemore » that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.« less
  • In several critical infrastructures correlations between the constituent systems represent certain vulnerabilities: disruptions to one may propagate to others and possibly to the entire infrastructure. The correlations between the systems are characterized in two ways in this paper: (i) the aggregate failure correlation function specifies the conditional failure probability of the infrastructure given the failure of an individual system, and (ii) the pairwise correlation function between two systems specifies the failure probability of one system given the failure of the other. The survival probabilities of individual systems satisfy firstorder differential conditions that generalize the contest success functions and statistical independencemore » conditions. We formulate a problem of ensuring the resilience of an infrastructure as a game between the provider and attacker; their utility functions are sums of infrastructure survival probability terms and cost terms, both expressed in terms of the numbers of system components attacked and reinforced. We derive Nash Equilibrium conditions and sensitivity functions that highlight the dependence of infrastructure resilience on the cost terms, correlation functions, and individual system survival probabilities. We apply these results to models of distributed cloud computing and energy grid infrastructures.« less
  • We consider an infrastructure of networked systems with discrete components that can be reinforced at certain costs to guard against attacks. The communications network plays a critical, asymmetric role of providing the vital connectivity between the systems. We characterize the correlations within this infrastructure at two levels using (a) aggregate failure correlation function that specifies the infrastructure failure probability giventhe failure of an individual system or network, and (b) first order differential conditions on system survival probabilities that characterize component-level correlations. We formulate an infrastructure survival game between an attacker and a provider, who attacks and reinforces individual components, respectively.more » They use the composite utility functions composed of a survival probability term and a cost term, and the previously studiedsum-form and product-form utility functions are their special cases. At Nash Equilibrium, we derive expressions for individual system survival probabilities and the expected total number of operational components. We apply and discuss these estimates for a simplified model of distributed cloud computing infrastructure« less
  • The survival and progress of modern civilization is dependent upon the phenomenon of energy. The cost of procurement of energy is increasing rapidly as is the cost of the associated technology to produce it. The developed nations have begun a process of redeveloping to meet the new challenge as a result of the change in the international energy scenario. Their redevelopment is guided by making more sophisticated use of energy and material resources and eventual reduction of the per capita energy requirements with potentially improved social and environmental conditions. While the industrialized or redeveloping countries are changing their trajectory, themore » developing nations must look to new models to guide their own economic development. Instead of expanding existing energy networks in response to increasing energy requirements, as has been done traditionally in the West, the developing nations should take advantage of existing modern systems modelling techniques with the objective of adapting them to their individual needs and objectives. Such an approach has the potential of lowering the cost of energy, contributing to new systems planning and design techniques in the applied research effort at the global level and improving the performance and reliability of energy systems.« less