Visible to the public Policy Analytics for Cybersecurity of Cyber-Physical SystemsConflict Detection Enabled

Project Details

Lead PI

Performance Period

Oct 26, 2021

Institution(s)

MIT

Sponsor(s)

National Security Agency

Ranked 29 out of 118 Group Projects in this group.
8953 related hits.

POLICY ANALYTICS FOR CYBERSECURITY OF CYBER-PHYSICAL SYSTEMS

Cyber-physical systems (CPS) are embedded in an increasingly complex ecosystem of cybersecurity policies, guidelines, and compliance measures designed to support all aspects of operation during all phases of system’s life cycle. By definition, such guidelines and policies are written in linear and sequential text form – word after word – often with different parts presented in different documents. This situation makes it difficult to integrate or understand policy-technology-security interactions. As a result, it also impedes effective risk assessment. Individually or collectively, these features inevitably undermine initiatives for cybersecurity. Missing are fundamental policy analytics to support CPS cybersecurity and facilitate policy implementation. This project is designed to develop a set of text-to-analytics methods and tools, with a “proof of concept” focused on the smart grid of electric power systems.

Link to complete proposal.

Nazli Choucri, Professor of Political Science, Senior Faculty at the Center of International Studies (CIS), and Faculty Affiliate at the Institute for Data, Science, and Society (IDSS). She focuses on the areas of international relations and cyberpolitics, with special attention given to sources of conflict and war, on the one hand, and strategies for security and sustainability, on the other. Professor Choucri directs the research initiatives of CyberPolitics@MIT and the related knowledge networking system CyberIRworld@MIT -- both motivated by the cyber-inclusive view of international relations and the global system developed by the MIT-Harvard Project Explorations in Cyber International Relations (ECIR), for which she served as principal investigator.

Dr. Choucri is a Fellow of the American Association for the Advancement of Science (AAAS). She is the author and/or editor of twelve books, most recently Cyberpolitics in International Relations (2012), and International Relations in the Cyber Age: The Co-Evolution Dilemma, with David. D. Clark (2019). Her international research and advisory activities include two terms as President of the Scientific Advisory Committee of UNESCO's Management of Social Transformation Program - as well as work in Algeria, Canada, Colombia, Egypt, France, Germany, Greece, Honduras, Japan, Kuwait, Mexico, Pakistan, Qatar, Sudan, Switzerland, Syria, Tunisia, Turkey, United Arab Emirates and Yemen.

Dr. Choucri is the architect and Director of the Global System for Sustainable Development (GSSD), an evolving knowledge networking system centered on sustainability problems and solution strategies. She is the founding Editor of the MIT Press Series on Global Environmental Accord. She has served as General Editor of the International Political Science Review, and for two terms, on the Editorial Board of the American Political Science Review. She is on the board of the Boston Global Forum (BGF), and a founding member of the Artificial Intelligence World Society (AIWS).

PROJECT SYNOPSIS

Goals

The overarching purpose of this project is to develop analytical methods to support the national strategy for cybersecurity, as outlined in Presidential Executive Orders and National Defense Authorization Acts. Operationally, our goal is to provide analytics for cybersecurity policies and guidelines designed specifically to (a) overcome the limitations of the conventional text-based form, (b) extract knowledge embedded in policy guidelines, and (c) assist the user community -analysts and operators - in implementation. Strategically, our goal is to construct a platform of new tools for application to policy directives, regulations, and guidelines across diverse domains and issue areas. The platform, and tools, are designed to enable users to explore mission-related system properties, issues, concerns, or contingencies.

Overview

Mounting concerns about the safety and security of critical infrastructure have resulted in an intricate ecosystem of cybersecurity guidelines and policies, as well as directives and compliance measures. By definition, such guidelines and policies are written in linear, sequential text form - word after word, chapter after chapter - often with different segments thereof presented in different documents. This situation makes it difficult to integrate or even to understand the policy-technology-security interactions. In addition, it also impedes effective risk assessment. In short, individually or collectively, these features inevitably undermine cybersecurity initiatives. Missing are fundamental policy analytics to support CPS cybersecurity and reduce barriers to policy implementation.

This project is designed to develop text-to-analytics methods and tools, with a "proof of concept" focused on the smart grid of electric power systems. The challenge is to develop a structured system model from text-based policy guidelines and directives in order to (i) identify major policy-defined system-wide parameters, (ii) situate vulnerabilities and impacts, (iii) map security requirements to security objectives, and (iv) advance research on the responses of multiple system features to diverse policy controls - all of which are necessary to strengthen the fundamentals of cybersecurity for cyber-physical systems.

Our "raw" data base consists of major reports prepared by the National Institute for Standards and Technology (NIST). Clearly, considerable efforts are always being made to "mine" NIST materials; however, few initiatives explore the potential value-added of drawing on multi-methods for knowledge extraction and/or of developing analytical tools to support user understanding of policy directives, analysis, and eventually to enable action. While our approach appreciates and is informed by such efforts, it transcends them by developing a platform for multi-method cybersecurity policy analytics - based entirely on the contents of policy documents. The case application, as "proof of concept," focuses on cybersecurity of the smart grid for electric power systems.

Impact on Hard Problem

Our major contribution to the specific hard problem we examine the value of "text-as-data" in a complex cyber-physical system where threats to operations serve as driving motivations for policy responses. The research outputs of this core project include, but are not limited to: (a) methods to examine the implications of cybersecurity directives and guidelines directly applicable to the system in question; (b) information about relative vulnerability pathways throughout the whole or parts of the system-network, as delineated by the guidelines documents; (c) insights from contingency investigations, that is, "what...if..."; (d) design framework for information management within the organization; and (e) ways to facilitate information flows bearing on decision-making for cybersecurity.

Accomplishments

Thus far, we have aligned the project vision and mission to the National Cybersecurity Policy and identified the overall policy-relevant ecosystem. By focusing on national cybersecurity policies for securing the nation's critical infrastructure, we identified the core policy documents regarding smart grid CPS for the overall research design. We have extracted data from these documents and created a metric-based Dependency Structure Matrix (DSM) of the "as-is" smart grid NIST reference model. We also completed the design and operational strategy for our data extraction and linkage method. This involves developing the method for moving from "policy-as-text" to "text-as-data" in the process of constructing the Platform for Policy Analytics with application to CPS cybersecurity. More specifically, we created a metric-based system-representation of policy documents and guidelines, and then captured the value-added in metric form. This enabled us to pre-test the operational framework for the next step.

We developed rules and methods for extracting data from key documents and constructed the necessary issue and policy specific linked database. Once completed, this step allowed us to create (i) the initial exploratory tools for analysis of system information, and (ii) a core DSM of the CPS based on the identification of first-level information dependencies. The dependency matrix must then be (a) examined closely and validated and (b) further transformed as needed into clusters and partitions of structure and process, in order to (c) explore system properties that reveal interconnections and "hidden features." It is also the basis upon which added policy imperatives - also in text form - are incorporated, at a later stage in expanded DSM forms.

Throughout this process, we have also addressed critical research steps, including (i) highlighting potential correctives; (ii) replicating the core structured DSM model; (iii) extensions of the core DSM; (iv) general applications for a new method; (v) validation of initial structure model; and (vi) approaches to automation of the human research steps.

Websites:

cyberpolitics.mit.edu (under development) focuses on the research work conducted under this research grant and its extensions based on discussion with NSA leadership and of relevance to the US National Security & Cybersecurity.

cyberIRworld.mit.edu (operational) a dynamic, interactive ontology-based knowledge system focused on the evolving, diverse & complex interconnections of cyberspace & international relations.

ecir.mit.edu (operational) that provides the information on the foundations of the project that were completed under a separate DoD support via Minerva Project (2009-2014).

Outreach: Presentations & Meetings

Education

Cybersecurity (MIT Course Number: 17.447/17.448):

Focuses on the complexity of cybersecurity in a changing world. Examines national and international aspects of overall cyber ecology. Explores sources and consequences of cyber threats and different types of damage. Considers impacts for and of various aspects of cybersecurity in diverse geostrategic, political, business and economic contexts. Addresses national and international policy responses as well as formal and informal strategies and mechanisms for responding to cyber insecurity and enhancing conditions of cybersecurity. Students taking graduate version expected to pursue subject in greater depth throughh reading and individual research.

International Relations Theory in the Cyber Age (MIT Course Number: 17.445/17.446):

Cyberpolitics in International Relations focuses on cyberspace and its implications for private, public, sub-national, national, and international actors and entities. It focuses on legacies of the 20th-century creation of cyberspace, changes to the international system structure, and new modes of conflict and cooperation. This course examines ways in which international relations theory may accommodate cyberspace as a new venue of politics and how cyberpolitics alters traditional modes and venues for international relations.

Publications

  1. N. Choucri, Lauren Fairman, and Gaurav Agarwal, "CyberIRworld: Knowledge for Science Policy, Practice," in manuscript form.
  2. N. Choucri and Gaurav Agarwal, "Complexity of International Law for Cyber Operations," under review.
  3. Thomas Klemas, Sean Atkins, Nazli Choucri, and Rebecca Lively. 2020. "Accelerating Cyber Acquisitions: Introducing a Time-Driven Approach to Manage Risk with Less Delay." Research Paper No. 2020-7. Massachusetts Institute of Technology. Political Science Department. http://dx.doi.org/10.2139/ssrn.3703183.
  4. Keman Huang, Stuart Madnick and Nazli Choucri. 2020. "Building Global Digital Supply Chain Hub by Cybersecurity Commitment: Singapore's Strategic Role in the Digital Age." Global Policy. https://www.globalpolicyjournal.com/blog/19/10/2020/building-global-digital-supply-chain-hub-cybersecurity-commitment-singapores.
  5. N. Choucri and Gaurav Agarwal. (2019) "Securing the Long-Chain of Cyber-Physical Global Communications Infrastructure," 2019 IEEE International Symposium on Technologies for Homeland Security (HST), Woburn, MA, USA, 2019, pp. 1-7. doi: 10.1109/HST47167.2019.9032933. https://ieeexplore.ieee.org/document/9032933/.
  6. Klemas, T., Lively, R. & Choucri, N. (2018). Cyber Acquisitions: Policy Changes to Drive Innovation in Response to Accelerating Threats in Cyberspace. CyCon U.S. 2018 Conference Papers. Army Cyber Institute, West Point. https://cyberdefensereview.army.mil/CDR-Content/Articles/Article-View/Article/2035034/cyber-acquisition-policy-changes-to-drive-innovation-in-response-to-acceleratin/
  7. N. Choucri and Gaurav Agarwal, "Analytics for Smart Grid Cybersecurity," 2017 IEEE International Symposium on Technologies for Homeland Security (HST), Waltham, MA, 2017, pp. 1-3, doi: 10.1109/THS.2017.7943512. https://ieeepxlore.ieee.org/document/7943512.
  8. Mathieu Dahan, Saurabh Amin, and Patrick Jaillet, "Probability Distributions on Partially Ordered Sets and Network Security Games," https://arvix.org/abs/1811.08516.

Books (completed during Project period to date)

A foundational analysis of the co-evolution of the internet and international relations, examining resultant challenges for individuals, organizations, firms, and states.

In our increasingly digital world, data flows define the international landscape as much as the flow of materials and people. How is cyberspace shaping international relations, and how are international relations shaping cyberspace? In this book, Nazli Choucri and David D. Clark offer a foundational analysis of the co-evolution of cyberspace (with the Internet at its core) and international relations, examining resultant challenges for individuals, organizations, and states.

The authors examine the pervasiveness of power and politics in the digital realm, finding that the Internet is evolving much faster than the tools for regulating it. This creates a "co-evolution dilemma" -- a new reality in which digital interactions have enabled weaker actors to influence or threaten stronger actors, including the traditional state powers. Choucri and Clark develop a new method for addressing control in the Internet age, "control point analysis," and apply it to a variety of situations, including major actors in the international and digital realms: the United States, China, and Google. In doing so, they lay the groundwork for a new international relations theory that reflects the reality in which we live--one in which the international and digital realms are inextricably linked and evolving together.