Securing system-of-systems through a game theory approach

Enabling System-of-Systems (SoS) security is an important activity when engineering SoS solutions like autonomous vehicles, provided that they are also highly safety-critical. An early analysis of such solutions caters for proper security architecture decisions, preventing potential high impact attacks and ensuring people's safety. However, SoS characteristics such as emergent behavior, makes security decision-making at the architectural level a challenging task. To tackle this challenge, it is essential to first address known vulnerabilities related to each CS, that an adversary may exploit to realize his attacks within the unknown SoS environment. In this paper we investigate how to use Game Theory (GT) approaches to guide the architect in choosing an appropriate security solution. We formulate a game with three players and their corresponding strategies and payoffs. The proposal is illustrated on an autonomous quarry example showing its usefulness in supporting a security architect to choose the the most suitable security strategy.

[1]  Milind Tambe,et al.  From physical security to cybersecurity , 2015, J. Cybersecur..

[2]  Thilo Gross,et al.  Adaptive coevolutionary networks: a review , 2007, Journal of The Royal Society Interface.

[3]  Muhammad Ali Babar,et al.  Modeling, analyzing and predicting security cascading attacks in smart buildings systems-of-systems , 2020, J. Syst. Softw..

[4]  Shaolei Ren,et al.  Game Theory for Cyber Security and Privacy , 2017, ACM Comput. Surv..

[5]  P. Maillé,et al.  Of Threats and Costs: A Game-Theoretic Approach to Security Risk Management , 2011 .

[6]  Levente Buttyán,et al.  A Survey of Interdependent Information Security Games , 2014, ACM Comput. Surv..

[7]  K. Saruladha,et al.  Comparative study of game theoretic approaches to mitigate network layer attacks in VANETs , 2018, ICT Express.

[8]  Sushanta Karmakar,et al.  A game theory based multi layered intrusion detection framework for VANET , 2018, Future Gener. Comput. Syst..

[9]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[10]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[11]  Muhammad Ali Babar,et al.  Model Driven Software Security Architecture of Systems-of-Systems , 2016, 2016 23rd Asia-Pacific Software Engineering Conference (APSEC).

[12]  Michael Wooldridge,et al.  Does Game Theory Work? , 2012, IEEE Intelligent Systems.

[13]  Jamal El Hachem,et al.  Investigating Attack Propagation in a SoS via a Service Decomposition , 2019, 2019 IEEE World Congress on Services (SERVICES).

[14]  Prithviraj Dasgupta,et al.  A Survey of Game Theoretic Approaches for Adversarial Machine Learning in Cybersecurity Tasks , 2019, AI Mag..