CPS: Medium: Cyber Attack-Defense Modeling, Risk and Contingency Analysis for the Power Grid using Game Theory
Lead PI:
Manimaran Govindarasu
Abstract
Modern electric power grid is a complex, interconnected cyber physical system (CPS) that forms the lifeline of our society. Reliable, secure, and efficient operation of the grid are of paramount importance to national security and economic well-being. Recent trends in security indicate the increasing threat of cyber-based attacks, both in numbers and sophistication, on energy and other critical infrastructure systems of our nation and the world in general. To address this growing threat, there is a compelling research need to develop a holistic cyber security framework that encompasses attack deterrence, attack prevention, attack detection, attack mitigation and resilience, and attack attribution and forensics. Risk assessment is one of the fundamental building blocks that cut across attack prevention, mitigation, and resilience. The existing tools for risk assessment and mitigation are mostly qualitative and often subjective, and hence they are grossly inadequate to capture the dynamic and uncertain nature of the adversaries and the complex cyber-physical couplings that exist in the grid. This project will develop a scientific methodology, algorithms, and tools for cyber risk assessment, attack-defense modeling, and cyber contingency analysis by leveraging game theoretic tools and solution strategies. The developed security algorithms and tools will be evaluated in a realistic CPS security testbed environment at Iowa State University and the results will be broadly shared with research community and also with industry for potential adoption. The innovative applications of game theoretic formulations and tools will help to develop secure and resilient algorithms that will prevent and mitigate attacks and will make the future grid resilient to both faults and cyber-attacks. The research also will have broader impacts in improving the security and resiliency of other CPS-based critical infrastructure systems, such as oil and natural gas networks and transportation networks. Through the associated educational and outreach activities, via graduate courses, undergraduate capstone projects, and K-12 outreach program, the project will contribute to a highly skilled workforce in this area of national need. The project will help diversity in cybersecurity workforce by engaging women and underrepresented minorities in research and educational activities. In addition, the project will significantly contribute to imparting hands-on cybersecurity training to industry professionals using the testbed platform. Both educational and training modules will be made available to a broader academic and industry communities. The overarching vision of this project is to transform the fault-resilient grid of today into an attack-resilient grid of the future. Towards achieving this vision, the goal of the project is to develop and evaluate algorithms and tools that will significantly advance the state-of-the-art cyber risk assessment, attack-defense modeling, and cyber contingency analysis. This goal will be accomplished by undertaking the following research tasks: (1) Develop fundamental game-theoretic formulations (single stage, multi-stage, Bayesian) for attack-defense modeling for the power grid using behavioral and learning models; (2) Develop a quantitative cyber risk assessment and mitigation methodology that capture all three components of risk -- namely, threats, vulnerabilities, and consequences -- using pragmatic game-theoretic formulations, and optimize the security investments to defend the grid against high-risk attacks; (3) Develop scalable techniques and tools for real-time operational planning using game-theoretic formulations to account for multiple contingencies arising due to coordinated cyber-attacks, and integrate them into a dynamic contingency analysis methodology as part of the Energy Management System (EMS); (4) Evaluate the effectiveness and scalability of the developed solutions and tools on Iowa State CPS security testbed environment using realistic attack-defense scenarios leveraging well documented power and cyber system topologies and synthetic attack traces and also leveraging Iowa State industry partnerships in Electric Power Research Center (EPRC) and Power System Research Center (PSERC).
Performance Period: 09/15/2017 - 08/31/2020
Institution: Iowa State University
Sponsor: National Science Foundation
Award Number: 1739969