Multi-model Testbed for the Simulation-based Evaluation of Resilience

PI(s), Co-PI(s), Researchers:

• Peter Volgyesi (PI)
• Himanshu Neema (Co-PI)

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

• Security Metrics Driven Evaluation, Design, Development, and Deployment
• Resilient Architectures

The goal of the Multi-model Testbed is to provide a collaborative design tool for evaluating various cyber attack/defense strategies and their effects on the physical infrastructure. The web-based, cloud-hosted environment integrates state-of-the-art simulation engines for the different CPS domains and presents interesting research challenges as ready to use scenarios. Input data, model parameters, and simulation results are archived, versioned with a strong emphasis on repeatability and provenance. 

PUBLICATIONS

Akos Ledeczi, Miklos Maroti, Peter Volgyesi, Brian Broll, Hamid Zare, Bernard Yett, Timothy Darrah, Mary Metelko, Nicole Hutchins, Michael Smith, Gautam Biswas and Xenofon Koutsoukos. "Teaching Cybersecurity with Networked Robots". Special Interest Group on Computer Science Education (SIGCSE) Technical Symposium 2019, February 27th - March 2nd, Minneapolis, Minnesota, USA (accepted)

KEY HIGHLIGHTS

During the reporting period, we continued the development of two CPS domains for science of security experiments. In the future, these experiments will be refined and integrated in the web-based collaborative design environment and will be provided as security research scenarios.

Transportation domain

In the transportation CPS domain, we have been working on queue estimation methods, potential attacks and mitigation techniques to investigate the vulnerabilities of smart intersections, where traffic lights are (partially) controlled by self-reports of connected vehicles near the intersection. The problem is challenging because we cannot realistically assume 100% penetration rate (all vehicles with V2I communication capabilities). Thus, these estimation algorithms should work with sporadic reports and have to make trade-offs in resiliency and/or over and underestimation of the queue lengths, We are using SUMO/Veins to investigate various attack strategies and potential detections and countermeasures in this scenario. Early results are shown in the next figure.

Using the same SUMO/Veins-based testbed infrastructure and machine-learning approaches we are also developing traffic flow and volume estimation methods in a realistic metropolitan street network. The long-term goal with these efforts to investigate the vulnerabilities and effective remedies of these estimation methods - especially, if these are used in decision making and/or real-time control. The current workflow uses SUMO/Veins in batch mode and Keras/Tensorflow directly, but we are planning to use a web-based frontend and DeepForge to make the models, results more accessible and to enable interactive experimentation. The current efforts concentrate on effective feature representation, network models and regularization/generalization issues. We plan to submit a paper on this work in the Spring of 2019. Some early results are shownin the following figure.

The SUMO/Veins-based testbed is also being used to develop railway scenarios with V2X technologies. Since these simulation tools are originally developed for highway transportation we are investigating the most effective approach(es) to emulate such infrastructure elements which are specific to railway networks (e.g. switches). 

Powergrid domainThe Powergrid CPS domain is based on the GridLAB-D simulator for generating realistic power consumption profiles. Based on these (pre)generated datasets we are developing machine learning-based methods for predicting future power demand in the network to investigate adversarial machine learning techniques in this domain. For developing the prediction models, attack strategies and potential detection and mitigation algorithms we are using DeepForge, our web-based development environment for deep learning. We plan to present our early results at the HotSoS 2019 Symposium. The current attack and defense models are shown in the next figure.

Testbed Infrastructure 

We continued our work on the WebGME-based  web-based front-end and Jupyter notebooks-based analysis environment. The current infrastructure of the testbed is available at http://lablet.isis.vanderbilt.edu. Note, that the current version does not provide developed scenario models. We also plan to integrate the testbed environment with our other WebGME-based design studio for deep neural networks (DeepForge) 

COMMUNITY ENGAGEMENTS

None, during this reporting period.

EDUCATIONAL ADVANCES:

None, during this reporting period.