SURE Reports on Resiliency Modeling and Simulations Work
SURE Meets at NSA, Reports on Resiliency Modeling and Simulations Work
On November 4, 2016, researchers from the Science of SecUre and REsilient for Cyber-Physical Systems (SURE) project at Vanderbilt University met with members of NSA’s Trusted Research Directorate for an annual review. The SURE project addresses the question of how to design systems that are resilient despite significant decentralization of resources and decision-making. The NSA-funded project is aimed at improving scientific understanding of resiliency in cyber physical systems (CPS).
According to Xenofon Koutsoukos, Professor of Electrical Engineering and Computer Science in the Institute for Software Integrated Systems (ISIS) at Vanderbilt University and the Principle Investigator (PI) for SURE, the main research thrusts are hierarchical coordination and control, the science of decentralized security, reliable and practical reasoning about secure computation and communication in networks, evaluation and testing using models and simulations, and education and outreach. Accomplishments for this year include better tools for addressing CPS resilience and security and decentralized security; resilient dynamic adaptation for recovering from cyber attacks; integrative methods for resilient CPS operations under complex attacks; sequential games; improvements in the SURE testbed and increased scalability.
Demonstrations of SURE’s cloud-based testbed were presented. The first was decentralized security in adversarial settings. Peter Volgyesi presented on “Adversary Models in Designing and Evaluating CPS Security and Resilience.” Using a well-known CPS domain, traffic monitoring and control and existing simulation tools, his research project used machine learning to develop a Stochastic map-level demand model, and was able to detect unexpected patterns using Gaussian multivariate distributions. His work enabled him to study both integrity and distributed denial of service attacks on the transportation infrastructure using the Vanderbilt campus road system as a model.
The second demonstration illustrated the effects of tampering with traffic signal control’s evaluation of vulnerability of transportation networks. The overall utility of the testbed is to provide experimental validation of attack models. Himanshu Neema’s C2WT: “A Model-based and Scalable Integrated Simulation Testbed for Science of Security” described the architecture and use of the Command and Control Wind Tunnel (C2WT), a model based, scalable integrated testbed. Based on C2WT simulation models, configuration files are generated for the different simulation components that configure how the component is connected to the simulation using data flow, timing, and parameters. Federates have a common data model to be able to share data. The data model can be imported from domain specific models and domain specific models can be generated from data models. A library of models has been developed that includes DDoS and integrity attacks, delays, data corruption, and network manipulation.
Additional research projects on resiliency were presented covering both behavioral and technical subjects. Yevgeniy Vorobeychik covered “Resilient Closed Loop Control in Adversarial Settings.” Aron Laszka presented “Detection of Cyber-Attacks Against Traffic Control Integrity.” Bradley Potteiger described “A Hardware in the Loop Testbed for Evaluating and Measuring Security and Resilience in CPS.”
Other participants included Professor Janos Sztipanovits. Government representatives from the Air Force Research Labs also attended, as did representatives from the sponsoring agency, NSA.