Finite-horizon semi-Markov game for time-sensitive attack response and probabilistic risk assessment in nuclear power plants

Abstract Cybersecurity has drawn increasing attention in the nuclear industry. To improve the cyber-security posture, it is important to develop effective methods for cyber-attack response and cyber-security risk assessment. In this research, we develop a finite-horizon semi-Markov general-sum game between the defender (i.e., plant operator) and the attacker to obtain the time-sensitive attack response strategy and the real-time risk assessment in nuclear power plants. We propose methods for identifying system states of concern to reduce the state space and for determining state transition probabilities by integrating Probabilistic Risk Assessment techniques. After a proper discretization of the developed continuous-time model, we use dynamic programming to derive the time-varying and state-dependent strategy of the defender based on the solution concept of the mixed-strategy Nash equilibrium. For risk assessment, three risk metrics are considered, and an exact analytical algorithm and a Monte Carlo simulation-based algorithm for obtaining the metrics are developed. Both players’ strategies and the risk metrics are illustrated using a digital feedwater control system used in pressurized water reactors. The results show that the proposed method can support plant operators in timely cyber-attack response and effective risk assessment, reduce the risk, and improve the resilience of nuclear power plants to malicious cyber-attacks.

[1]  Jr. Louis Anthony Cox,et al.  Game Theory and Risk Analysis , 2009 .

[2]  Martin L. Puterman,et al.  Markov Decision Processes: Discrete Stochastic Dynamic Programming , 1994 .

[3]  Russell Bent,et al.  Cyber-Physical Security: A Game Theory Model of Humans Interacting Over Control Systems , 2013, IEEE Transactions on Smart Grid.

[4]  Fred Cohen,et al.  Simulating cyber attacks, defences, and consequences , 1999, Comput. Secur..

[5]  K. Hausken Probabilistic Risk Analysis and Game Theory , 2002, Risk analysis : an official publication of the Society for Risk Analysis.

[6]  Karen A. Scarfone,et al.  Computer Security Incident Handling Guide , 2004 .

[7]  G. Anandalingam,et al.  Cost-benefit considerations in regulatory analysis , 1995 .

[8]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[9]  Quanyan Zhu,et al.  Analysis and Computation of Adaptive Defense Strategies Against Advanced Persistent Threats for Cyber-Physical Systems , 2018, GameSec.

[10]  Stephanie Forrest,et al.  Strategic aspects of cyberattack, attribution, and blame , 2017, Proceedings of the National Academy of Sciences.

[11]  Kishor S. Trivedi,et al.  Optimization for condition-based maintenance with semi-Markov decision process , 2005, Reliab. Eng. Syst. Saf..

[12]  Indrajit Ray,et al.  Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.

[13]  Mohammad Modarres,et al.  A historical overview of probabilistic risk assessment development and its use in the nuclear power industry: a tribute to the late Professor Norman Carl Rasmussen , 2005, Reliab. Eng. Syst. Saf..

[14]  Chunjie Zhou,et al.  A Game-Theoretic Approach to Cross-Layer Security Decision-Making in Industrial Cyber-Physical Systems , 2020, IEEE Transactions on Industrial Electronics.

[15]  Chunjie Zhou,et al.  A Dynamic Decision-Making Approach for Intrusion Response in Industrial Control Systems , 2019, IEEE Transactions on Industrial Informatics.

[16]  Jeannette M. Wing,et al.  Game strategies in network security , 2005, International Journal of Information Security.

[17]  Quanyan Zhu,et al.  A game theoretic approach for responding to cyber-attacks on nuclear power plants , 2019 .

[18]  Marshall A. Kuypers,et al.  Cyber Risk Management for Critical Infrastructure: A Risk Analysis Model and Three Case Studies , 2018, Risk analysis : an official publication of the Society for Risk Analysis.

[19]  Karen Scarfone,et al.  Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.

[20]  William H. Sanders,et al.  A Game-Theoretic Approach to Respond to Attacker Lateral Movement , 2016, GameSec.

[21]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[22]  Mohammad Abdollahi Azgomi,et al.  A game-theoretic approach to model and quantify the security of cyber-physical systems , 2017, Comput. Ind..

[23]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[24]  T. Başar,et al.  Dynamic Noncooperative Game Theory , 1982 .

[25]  Nikolaos Limnios,et al.  Discrete-Time Semi-Markov Model for Reliability and Survival Analysis , 2004 .

[26]  Vandana Gupta,et al.  Modeling cyber-physical attacks based on stochastic game and Markov processes , 2019, Reliab. Eng. Syst. Saf..

[27]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[28]  Jing Zhang,et al.  Modeling a multi-target attacker-defender game with multiple attack types , 2019, Reliab. Eng. Syst. Saf..

[29]  Louis Anthony Tony Cox,et al.  Some Limitations of “Risk = Threat × Vulnerability × Consequence” for Risk Analysis of Terrorist Attacks , 2008 .

[30]  Quanyan Zhu,et al.  A Large-Scale Markov Game Approach to Dynamic Protection of Interdependent Infrastructure Networks , 2017, GameSec.

[31]  George Loukas,et al.  Cyber-Physical Attacks: A Growing Invisible Threat , 2015 .

[32]  Vinod Mubayi,et al.  Insights into the Societal Risk of Nuclear Power Plant Accidents. , 2017, Risk analysis : an official publication of the Society for Risk Analysis.

[33]  John W. Mamer Successive Approximations for Finite Horizon, Semi-Markov Decision Processes with Application to Asset Liquidation , 1986, Oper. Res..

[34]  Chunjie Zhou,et al.  Assessing the Physical Impact of Cyberattacks on Industrial Cyber-Physical Systems , 2018, IEEE Transactions on Industrial Electronics.

[35]  Hervé Debar,et al.  A Survey on Game-Theoretic Approaches for Intrusion Detection and Response Optimization , 2018, ACM Comput. Surv..

[36]  Quanyan Zhu,et al.  A Dynamic Games Approach to Proactive Defense Strategies against Advanced Persistent Threats in Cyber-Physical Systems , 2019, Comput. Secur..

[37]  William H. Sanders,et al.  RRE: A Game-Theoretic Intrusion Response and Recovery Engine , 2014, IEEE Trans. Parallel Distributed Syst..