Improving CPS Security Through STREAM The Case of the Smart Grid

Cyber-physical systems (CPSs) integrate computation, communication, and physical capabilities to interact with the physical world and humans. In this work, we develop STREAM, a novel STrategic REsource Availability Management system to improve information integrity and availability in an energy constrained CPS environment under the presence of malicious adversaries. The term ‘resource’ here can be any component of a CPS. The main elements of STREAM are (i) difficult but realistic ‘repeated (adversary-defender) game’ settings, and (ii) a set of provably optimal defender strategies plus effective heuristics, against equally potent adversary moves. STREAM is based on the concept of dynamic games in sequential game theory, and is the first system to incorporate the realistic behavioral aspect that in many CPSs, both, the class of adversaries, as well as the class of CPS protectors, could move in a covert and stealthy manner in order to outwit the other in the war on ‘resource control’. In order to demonstrate the effectiveness of STREAM strategies to improve CPS resource availability to the non-adversary, we first conduct a thorough theoretical analysis on the Smart Grid CPS setting, and follow it up with an extensive simulation study on the standard IEEE 14 smart power grid architecture. Our results show that STREAM strategies improve system integrity and availability by approximately 67% when compared to nonstrategic approaches. Keywords— CPS, security, dynamic game, resource management, STREAM

[1]  Naima Kaabouch,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[2]  Yang Liu,et al.  Abnormal traffic-indexed state estimation: A cyber-physical fusion approach for Smart Grid attack detection , 2015, Future Gener. Comput. Syst..

[3]  Wei Yu,et al.  On False Data-Injection Attacks against Power System State Estimation: Modeling and Countermeasures , 2014, IEEE Transactions on Parallel and Distributed Systems.

[4]  Min Zhu,et al.  B4: experience with a globally-deployed software defined wan , 2013, SIGCOMM.

[5]  Lang Tong,et al.  On Topology Attack of a Smart Grid: Undetectable Attacks and Countermeasures , 2013, IEEE Journal on Selected Areas in Communications.

[6]  Rong Zheng,et al.  Bad data injection in smart grid: attack and defense mechanisms , 2013, IEEE Communications Magazine.

[7]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[8]  Yang Xiao,et al.  Cyber Security and Privacy Issues in Smart Grids , 2012, IEEE Communications Surveys & Tutorials.

[9]  Zhu Han,et al.  Manipulating the electricity power market via jamming the price signaling in smart grid , 2011, 2011 IEEE GLOBECOM Workshops (GC Wkshps).

[10]  H. Vincent Poor,et al.  Strategic Protection Against Data Injection Attacks on Power Grids , 2011, IEEE Transactions on Smart Grid.

[11]  L. Tong,et al.  Malicious Data Attacks on Smart Grid State Estimation: Attack Strategies and Countermeasures , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[12]  Tyler Moore,et al.  Would a 'cyber warrior' protect us: exploring trade-offs between attack and defense of information systems , 2010, NSPW '10.

[13]  Jagath Samarabandu,et al.  An Intrusion Detection System for IEC61850 Automated Substations , 2010, IEEE Transactions on Power Delivery.

[14]  James S. Thorp,et al.  Synchronized Phasor Measurement Applications in Power Systems , 2010, IEEE Transactions on Smart Grid.

[15]  Mark D. Hadley,et al.  A Survey of Wireless Communications for the Electric Power System , 2010 .

[16]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[17]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[18]  Tansu Alpcan,et al.  Security Games with Incomplete Information , 2009, 2009 IEEE International Conference on Communications.

[19]  Sarit Kraus,et al.  Deployed ARMOR protection: the application of a game theoretic model for security at the Los Angeles International Airport , 2008, AAMAS.

[20]  Radha Poovendran,et al.  Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[21]  G. Mailath,et al.  Repeated Games and Reputations: Long-Run Relationships , 2006 .

[22]  Samuel N. Hamilton,et al.  Challenges in Applying Game Theory to the Domain of Information Warfare , 2001 .

[23]  Robert G. Gallager,et al.  Discrete Stochastic Processes , 1995 .