Research Team Status

Names of researchers and position 
(e.g. Research Scientist, PostDoc, Student (Undergrad/Masters/PhD)

• Dr. Natalie M. Scala, PI
• Dr. Josh Dehlinger, co-PI
• Navya Gautam, Graduate Research Student at Georgia Tech (funded by this project, contractual)
• Noah Hibbler, Undergraduate Research Student at University of Maryland, College Park (unfunded, for course credit)
• Abigail Kassel, Graduate Research Student (unfunded, for course credit)
• Audrey Knight, Undergraduate Research Student (funded by this project)
• Marie Kouassi, Graduate Research Student (funded by this project)
• Shreenidhi Ayinala, Undergraduate Research Student a University of Maryland, College Park (funded by this project, contingent student)
• Alisa Martin, Graduate Research Student (funded by this project)
• Andrew McNeill, Graduate Research Student (funded by this project)
• Chinwendu Uche, Graduate Research Student (funded by this project)
• Silverline Amara Offor, Graduate Research Student (funded by an adjacent project)
• Vince Schiavone, Research Specialist (funded by this project, contingent)
• Skylar Gayhart, Research Specialist (funded by this project, contingent)
• Katherine Tan, Undergraduate Research Student (funded by this project)

• Sadie Barret, Graduate Research Student (funded by Towson University)

   

  Any new collaborations with other universities/researchers?

  No new collaborations were created during this reporting period. 

  However, collaborations with other universities/researchers since the start of this funded project (9/1/23) include:

  PI Scala has a faculty affiliation with the Applied Research Lab for Intelligence and Security (ARLIS) at the University of Maryland, College Park.  That affiliation has introduced this research team to bright and promising research students, including Shreenidhi Ayinala, Navya Gautam, and Noah Hibbler.  Ongoing connections with the University of Maryland’s Advanced Cybersecurity Experience for Students (ACES) and Dr. Michel Cukier have introduced us to other promising students, including Aaryan Patel.  We continue our relationships with ARLIS and ACES to include contingent and course credit students on this project.

  While not directly related to granted activities proposed in the current solicitation, synergistic collaborations with Dr. Thessalia Merivaki (Georgetown University) and the Anne Arundel County Board of Elections continue.  Current work consists of security and trust research in critical infrastructure. Note, no Science of Security funding was/is used for this synergistic collaboration.  

Project Goals

What is the current project goal?

The accepted proposal defined three main goals (cf. Table 1 in Technical Proposal) to achieve throughout the duration of the project, as follows:

• To develop and disseminate a systematic threat and mitigation analysis approach for cyber, physical, and insider risks that addresses the actions of adversaries and trusted insiders and is applicable to national critical infrastructure socio-technical systems and processes.
• To create a framework to model relative likelihood risk assessments, including the actions of adversaries and trusted insiders as contributors to cyber, physical, and insider threat scenarios.

• To develop, model, and analyze policy implications and security mitigations (e.g., adversarial implications, human behavior interdictions) and their ability to reduce cyber, physical, and insider risks to socio-technical critical infrastructure.

  Based on the project timeline given in the accepted proposal, the following tasks/outcomes (cf. Table 2 in Technical Proposal) were defined for the second year of the project (i.e., option year 1), primarily supporting Project Goals 1 and 2, as follows:

• A risk assessment of threat scenarios on the updated attack tree that considers insider / adversarial attack costs and technical difficulties as well as information assurance assessments of the difficulties to discover an attack.
• The identification of risks of most concern within the process across temporal phases.
• The dissemination of the threat and mitigation analyses results.

• An assessment of the systemic threat and mitigation analysis approach's utility for use in national critical infrastructure socio-technical systems and processes, and recommendations for the adoption of the approach at the national level

  Regarding task/outcome 1, our team continued to modify and enhance the AT-AT (Attack Tree Analysis Tool) code to analyze cyber, physical, and insider threat scenarios as defined on the threat tree created during the base year of the project.  Although this tool is demonstrated on elections equipment, the source code may be applied to any critical infrastructure within the United States.  Scenario analyses have been generated following the security assessment approach first proposed by Du and Zhu (2013).  We adapt the scales in this framework to assess cyber, physical, and insider threats via associated attack costs, technical difficulty, and discovery difficulty.  This task is essentially complete, pending any new insights gained throughout the course of the research.

  Regarding task/outcome 2, we utilized the developed tool to generate 70,000+ threat scenarios within the case study critical infrastructure equipment.  Sensitivity analysis is ongoing to ensure that the scenario assessments are robust.  This task is near completion.  A memory issue in the AT-AT tool is preventing the full comparative analysis of all scenarios.  Once that is resolved, an entire relative likelihood threat landscape can be assessed to identify risks of most concern.  To perform the sensitivity analysis, we follow the approach posed in Scala, et al. (2022), which was built from foundational research in Goodwin and Wright (2004).

  Regarding task/outcome 3, we continue to disseminate this research and its corresponding results.  Recent publications and media engagements related to this work are outlined in the Publications and Presentations section below.

  Regarding task/outcome 4, we began a validation process for our framework.  Our case study is precinct count optical scanning (PCOS) voting machines, an example of critical infrastructure equipment in the United States.  Our first validation step is to test the framework on related voting equipment, ballot marking devices (BMD).  Once we establish a use case validation, we will then extend this work to generalize for other forms of U.S. critical infrastructure.  This task/outcome is scheduled for option years 1 and 2, and work is just now beginning on validation and policy recommendations.

  The culmination of these four detailed tasks/outcomes leads towards achieving the overarching project goals. 
   

• How does the current goal factor into the long-term goal of the project?

  The long-term goal/vision of the project, as detailed in the accepted proposal, is to “model the relative risks of adversaries and trusted insiders exploiting threat scenarios in developed attack trees, using critical infrastructure precinct count optical scanner (PCOS), in-person voting machines as a case study”. Project goal 1 analyzes the existing, 2009 Elections Assistance Commission’s threat tree for the PCOS voting system, the critical national infrastructure system selected as a case study for this project, and develops a comprehensive, updated threat tree (and other security analysis artifacts) reflecting new threats and the adaptive adversaries to be able to develop threat scenarios and mitigation strategies, project goals 2 and 3. 

Accomplishments

• Address whether project milestones were met. If milestones were not met, explain why, and what are the next steps.

  The project tasks/outcomes 1-4, as described in the prior sections, remain the targeted milestones for project years 2 and 3, as defined in the accepted proposal. Each of these tasks/outcomes are ongoing and proceeding according to the timeline given in the accepted proposal. 

  The next steps are to (1) resolve the memory issue in AT-AT to complete task/outcome 2, (3) continue to draft manuscripts for external publication submission, in support of task/outcome 3, (4) prepare a poster for HotSoS, in support of task/outcome 3, and (4) perform a test of scenario generation on BMD devices as a first validation step of this framework.
   

• What is the contribution to foundational cybersecurity research? Was there something discovered or confirmed?

  This project is entering its second year and first option year.  Once the AT-AT is finalized, we will make our first full contribution to foundational cybersecurity research.  As we move through the research, updated threat threes provide a contribution to critical infrastructure security research.  The security assessment method used (i.e., incorporating a holistic, cyber, physical, and insider threat analysis and threat/mitigation cost assessment) will serve as a contribution to how critical infrastructure socio-technical systems could be assessed in the context of system security/integrity.

  When the AT-AT is completed, this tool contribution will be publicly available through the SoS VO. 
   

• Impact of research
  • Internal to the university (coursework/curriculum)

The following impacts of research are internal to Towson University made during this reporting period. 

PI Scala continues as a Towson University Cyber Fellow within the Center for Interdisciplinary & Innovative Cybersecurity. This support allows the project team to sustain a permanent student and faculty research lab space within the Center, which includes significant computing equipment for the student research team and state of the art video conferencing equipment to collaborate with the students at UMS and GT as well as external synergistic collaborators in Anne Arundel County and at Georgetown.

Secondly, although not directly related (and not funded) to activities proposed in the accepted proposal, this project has synergistically allowed the PIs to support the Professional Studies MS program at Towson University in its development of a focus track in Election Security and Democracy.  This program of study includes the study of risk assessments, which, generally speaking for all critical infrastructure, are a core outcome of this research contract.  No funding from Science of Security was/is used to support the Professional Studies MS program.

Finally, this project has impacted over 15 Towson University undergraduate and graduate students involved in this project pursuing degrees in Computer Science, Supply Chain Management, Business Administration, Accounting, etc. who, if not for involvement in this project, would not otherwise have gained experience in authentic cybersecurity assessment research or, more specifically, critical infrastructure research. 

• External to the university (transition to industry/government (local/federal); patents, start-ups, software, etc.)

  As this project is just completed its first year, there have not been any research impacts external to the university to currently report. 

• Any acknowledgements, awards, or references in media?

  PI Scala appeared on WMAR, the ABC affiliate in Baltimore, Maryland on November 5, 2024 to discuss the security of the General Election that was held that day.  Based on the ESE lab’s research on risk assessments in critical infrastructure with a case study on elections equipment, PI Scala had the data to assure the American public of no cause for concern related to election integrity.

Publications and presentations

• Add publication reference in the publications section below. An authors copy or final should be added in the report file(s) section. This is for NSA's review only.
• Optionally, upload technical presentation slides that may go into greater detail. For NSA's review only.

Synergistic publications/presentations not directly related (or funded by) to the accepted project proposal during the current reporting quarter:

Enhancing Election Integrity Through Data-driven Poll Worker Training: SIAM News, October 2024

Nguyen, H., Gautam, N., Ayinala, S., Scala, N. M., Dehlinger, J.