Security Games for Cyber-Physical Systems

  • Roberto Vigo
  • Alessandro Bruni
  • Ender Yüksel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8208)

Abstract

The development of quantitative security analyses that consider both active attackers and reactive defenders is a main challenge in the design of trustworthy Cyber-Physical Systems. We propose a game-theoretic approach where it is natural to model attacker’s and defender’s actions explicitly, associating costs to attacks and countermeasures. Cost considerations enable to contrast different strategies on the basis of their effectiveness and efficiency, paving the way to a multi-objective notion of optimality. Moreover, the framework allows expressing the probabilistic nature of the environment and of the attack detection process. Finally, a solver is presented to compute strategies and their costs, resorting to a recent combination of strategy iteration with linear programming.

Keywords

Cyber-Physical Systems security verification stochastic games strategy iteration 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Blanchet, B.: Automatic verification of correspondences for security protocols. Journal of Computer Security 17(4), 363–434 (2009)Google Scholar
  2. 2.
    Cremers, C.J.F.: The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 414–418. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  3. 3.
    Mödersheim, S., Viganò, L.: The Open-Source Fixed-Point Model Checker for Symbolic Analysis of Security Protocols. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007/2008/2009. LNCS, vol. 5705, pp. 166–194. Springer, Heidelberg (2009)Google Scholar
  4. 4.
    Buchholtz, M., Nielson, H.R., Nielson, F.: A Calculus for Control Flow Analysis of Security Protocols. International Journal of Information Security 2(3-4), 145–167 (2004)CrossRefGoogle Scholar
  5. 5.
    Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: Cryptographic Protocol Analysis Modulo Equational Properties. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007/2008/2009. LNCS, vol. 5705, pp. 1–50. Springer, Heidelberg (2009)Google Scholar
  6. 6.
    Shi, J., Wan, J., Yan, H., Suo, H.: A Survey of Cyber Physical Systems. In: Wireless Communications and Signal Processing (WSCP 2011), pp. 1–6. IEEE (2011)Google Scholar
  7. 7.
    Vigo, R.: The Cyber-Physical Attacker. In: Ortmeier, F., Daniel, P. (eds.) SAFECOMP 2012 Workshops. LNCS, vol. 7613, pp. 347–356. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Gawlitza, T., Seidl, H.: Solving systems of rational equations through strategy iteration. ACM Transactions on Programming Languages and Systems (TOPLAS) 33(3), 11 (2011)CrossRefGoogle Scholar
  9. 9.
    Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A Survey of Game Theory as Applied to Network Security. In: 43rd Hawaii Int. Conf. on System Sciences (HICSS 2010), pp. 1–10. IEEE (2010)Google Scholar
  10. 10.
    Lye, K.W., Wing, J.M.: Game strategies in network security. International Journal of Information Security 4(1-2), 71–86 (2005)CrossRefGoogle Scholar
  11. 11.
    Ma, C.Y.T., Rao, N.S.V., Yau, D.K.Y.: A game theoretic study of attack and defense in cyber-physical systems. In: 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 708–713. IEEE (2011)Google Scholar
  12. 12.
    Rao, N., Poole, S., He, F., Zhuang, J., Ma, C.T., Yau, D.: Cloud computing infrastructure robustness: A game theory approach. In: 2012 International Conference on Computing, Networking and Communications (ICNC), pp. 34–38 (2012)Google Scholar
  13. 13.
    Chen, T., Forejt, V., Kwiatkowska, M., Parker, D., Simaitis, A.: PRISM-games: A model checker for stochastic multi-player games. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013 (ETAPS 2013). LNCS, vol. 7795, pp. 185–191. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  14. 14.
    Brown, M., An, B., Kiekintveld, C., Ordóñez, F., Tambe, M.: Multi-Objective Optimization for Security Games. In: 11th International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2012), pp. 863–870 (2012)Google Scholar
  15. 15.
    Bistarelli, S., Dall’Aglio, M., Peretti, P.: Strategic games on defense trees. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 1–15. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Kremer, S., Raskin, J.F.: A game-based verification of non-repudiation and fair exchange protocols. Journal of Computer Security 11(3), 551–565 (2003)Google Scholar
  17. 17.
    Saleh, M., Debbabi, M.: A game-theoretic framework for specification and verification of cryptographic protocols. Formal Aspects of Computing 22(5), 585–609 (2010)CrossRefMATHGoogle Scholar
  18. 18.
    Condon, A.: The Complexity of Stochastic Games. Information and Computation 96, 203–224 (1992)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Chatterjee, K., Jurdziński, M., Henzinger, T.A.: Simple Stochastic Parity Games. In: Baaz, M., Makowsky, J.A. (eds.) CSL 2003. LNCS, vol. 2803, pp. 100–113. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Andersson, D., Miltersen, P.B.: The Complexity of Solving Stochastic Games on Graphs. In: Dong, Y., Du, D.-Z., Ibarra, O. (eds.) ISAAC 2009. LNCS, vol. 5878, pp. 112–121. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. 21.
    Collinson, R.: Introduction to Avionics Systems, 3rd edn. Springer (2011)Google Scholar
  22. 22.
    Vigo, R., Yüksel, E.: Dewi Puspa Kencana Ramli, C.: Smart Grid Security A Smart Meter-Centric Perspective. In: 20th Telecommunications Forum (TELFOR 2012), pp. 127–130 (2012)Google Scholar
  23. 23.
    Baier, C., Katoen, J.P.: Principles of Model Checking. The MIT Press (2008)Google Scholar
  24. 24.
    Etessami, K., Yannakakis, M.: Recursive Markov Decision Processes and Recursive Stochastic Games. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 891–903. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. 25.
    AA.VV.: COIN-OR linear program solver, http://www.coin-or.org/Clp/

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Roberto Vigo
    • 1
  • Alessandro Bruni
    • 1
  • Ender Yüksel
    • 1
  1. 1.Department of Applied Mathematics and Computer ScienceTechnical University of DenmarkDenmark

Personalised recommendations