VU SoS Lablet Quarterly Executive Summary - Jan 2021

A. Fundamental Research

The Science of Security for Cyber-Physical Systems (CPS) Lablet focuses on (1) Foundations of CPS Resilience, (2) Analytics for CPS Cybersecurity, (3) Development of a Multi-model Testbed for Simulation–based Evaluation of Resilience, and (4) Mixed Initiative and Collaborative Learning in Adversarial Environments.  

• In foundations of CPS resilience, we study the resilient diffusion problem in a network of robots aiming to perform a task by optimizing a global cost function in a cooperative manner. In distributed diffusion, robots combine the information collected from their local neighbors and incorporate this aggregated information to update their states. If some robots are adversarial, this cooperation can disrupt the convergence of robots to the desired state. We propose a resilient aggregation rule based on the notion of centerpoint, which is a generalization of the median in the higher dimensional Euclidean space. Robots exchange their d-dimensional state vectors with neighbors. We show that if a normal robot implements the centerpoint-based aggregation rule and has n neighbors, of which at most ⌈nd+1⌉−1 are adversarial, then the aggregated state always lies in the convex hull of the states of the normal neighbors of the robot. Consequently, all normal robots implementing the distributed diffusion algorithm converge resiliently to the true target state. We also show that commonly used aggregation rules based on the coordinate-wise median and geometric median are, in fact, not resilient to certain attacks. We numerically evaluate our results on mobile multi-robot networks and demonstrate the cases where diffusion with the weighted average, coordinate-wise median, and geometric median-based aggregation rules fail to converge to the true target state, whereas diffusion with the centerpoint-based rule is resilient in the same scenario. 
• In the area of analytics for CPS security, our work focused on generating visual representations as well as comparative policy analysis using graph theory and network methods for the refence case based on six NIST reports on smart grid cybersecurity. The goal is to create a base network model and use the network to: (1) identify and examine the implications of C-I-A security objectives, as well as the Impact levels and Security Requirements for nodes & logical interfaces, and (2) identify the relevant NIST Cybersecurity Framework functions based on the Impact level. A network model is developed which is itself a data-based model. It serves as a reference model and a "laboratory" for situating, understanding, and pursuing the implementation of CSF directives. We then identify the distribution of CSF impact levels and security objectives (C-I-A) throughout nodes and zones for the reference network view of the NIST 7628 smart grid model, for each of the "actors" in the overall system. 
• In the multi-model testbed effort, we are working on developing a modeling and analysis framework for threats and cybersecurity risks in Industrial Control Systems (ICS). Identification of system vulnerabilities and implementation of appropriate risk mitigation strategies are crucial for ensuring the cybersecurity of Industrial Control Systems (ICS). These system vulnerabilities must be evaluated depending on their exploitability, impact, mitigation status, and target platform and environments. Therefore, in order to assess system vulnerabilities and risk mitigation strategies quantitatively, we are focusing on threat modeling and risk analysis methods for the cybersecurity The first task in this work is designing the required modeling language that will enable modeling of: (a) the physical and network infrastructure of the system, (b) vulnerabilities in system components, (c) component attack trees that describe different ways in which specific component attacks could be carried out, and (d) attack graphs that describe how attacks can propagate across multiple system components. Secondly, we also need to develop a set of analysis tools for interpreting the models and assessing system risk against different attack vectors. We have developed the modeling language for basic architecture modeling as well as vulnerability propagation. 

B. Community Engagement(s)

• Our research was presented in the following conferences: American Control Conference 2020, Robotics: Science and Systems (RSS 2020), Hot Topics in the Science of Security (HotSoS 2020). 
• We presented the results of our research in analytics of CPS security to an industry partner of the MIT Sloan School Cybersecurity CAMS Program.

C. Educational Advances

• At MIT, the new course on Cybersecurity focuses on multidisciplinary approaches to sources, types, and impacts of cyber threats. Attention is given to operations & solutions strategies in technical, economic, political and strategic contexts.