A. Fundamental Research
High level report of result or partial result that helped move security science forward-- In most cases it should point to a "hard problem". These are the most important research accomplishments of the Lablet in the previous quarter.

A Monitoring Fusion and Response Framework to Provide Cyber Resiliency

There were two main directions we pursued this quarter. First, we investigated whether adaptive sampling could be used to collect higher-quality training data which could be used to build more accurate metamodels for sensitivity analysis and uncertainty quantification. Our adaptive sampling approach was not successful: the metamodels trained using the data collected by the adaptive sampling method were less accurate than the metamodels trained on non-adaptive sampling methods. We may return to adaptive sampling in the future, but we decided to shift our focus to a new direction. The second approach we tried was to determine if the metamodeling approach generalized. As of our last report we had only tried it on two models. We found six more models to use as test cases. We have found that our metamodeling approach works well on these six additional models and thus seems to generalize well. We intend to submit our findings to a conference next quarter.

Uncertainty in Security Analysis

We found a method for extracting symmetry in uncertain graphs. This method relies on graph automorphism and can account for different types of graph function (reachability, connected component, spanning arborescence, etc.) and choices of vertices (if applicable). This method is used to improve the scalability of solving the maximum weight minimization problem.

We study efficient Monte Carlo method for estimating the reliability distribution of Beta uncertain graphs [6]. This problem is simplified to estimating the biasedness distribution of a collection of [infinite number of] coins. Two central research questions are: (a) how to allocative N tosses between n coins to maximize the information learned and (b) what is the optimal choice for n, given N. These two have some deep connection with the “adaptive hypothesis testing” and the “multi-armed bandits” problems. A special type of bandit problem called “pure exploitation” [7] provides a solution to the first problem.

An Automated Synthesis Framework for Network Security and Resilience

In the current quarter, our project progress is centered on addressing SoS lablet hard problems primarily in resilient architecture. Key highlights are listed as follows.

• We published one paper in ACM TOMACS with one more paper accepted to IEEE PowerTech in the current quarter. We also submitted one more paper to IEEE TSG and one research poster to ACM SIGSIM-PADS.
   
• One Ph.D. student received the IIT College of Computing Excellence in Dissertation Award. The team also delivered a talk at the NSA research seminar in March 2021.
   
• We continue to study the interdependence between the power system and the communication network with the goal of improving resilience in critical energy infrastructures, which addresses the resilient architecture hard problem. In the current quarter, we formulate the restoration process as a routing problem and develop a simulation-based method to quantitatively evaluate the restoration process with public reference models of large-scale power systems. The experimental results show that our method improves the total restored energy up to 57.6% and reduces the recovery time up to 63% by considering the power-communication interdependency. We have submitted a manuscript describing this work to IEEE Transactions on Smart Grid.
   

• We continue to develop a simulation-based platform for cyber-physical system resilience and security evaluation, which addresses the resilient architecture and scalability hard problem. In the current quarter, to overcome the statistical error in virtual time advancement within the platform due to I/O activities, we propose a compensation mechanism to the existing virtual time system and modify the Linux kernel to precisely control time advancement not only during execution burst by also during I/O. The preliminary experimental results show that our proposed approach significantly reduces the error of I/O time measurement from 77.6% to 4.4%. A work-in-progress research poster has been recently submitted to ACM SIGSIM-PADS.
• We develop a general and interpretable framework for analyzing PMU data in real-time, which addresses the resilient architecture and security-metrics-driven evaluation hard problems. The proposed framework enables grid operators to understand changes to the current state and to identify anomalies in the PMU measurement data. We first learn an effective dynamical model to describe the current behavior of the system by applying statistical learning tools on the streaming PMU data. Next, we use the probabilistic predictions of our learned model to principally define an efficient anomaly detection tool. Finally, our framework produces real-time classification of the detected anomalies into common occurrence classes. We demonstrate the efficacy of our proposed framework through numerical experiments on real PMU data collected from a transmission operator. A work describing the framework has been accepted by 2021 IEEE PowerTech.

Resilient Control of Cyber-Physical Systems with Distributed Learning

• We have developed and implemented a nearly sample-optimal algorithm for statistical model checking of markov decision processes. This advances the state of the art in achieving resiliency (hard problem)  as optimal data usage for verification makes the algorithms effective for offline analysis of autonomous system design as well as on board monitoring.
• We have developed a collection of benchmarks for comparing our approach with existing model checking tools such as Prism, Storm, and Plasma Lab that are also used for security and resiliency analysis of autonomous and cyber-physical systems.

B. Community Engagement(s)
Research interaction in the community including workshops, seminars, competitions, etc.

• Matthew Caesar co-founded and serves on the organizing committee of theNetworkingChannel, an online channel to discuss topics related to computer networking, systems, and security.
• Yanfeng Qu and Kevin Jin gave an NSA seminar talk “Cyber-Resilience Enhancement of PMU Networks Using Software-Defined Networking” in March 2021.
• Matthew Caesar was selected to serve as the General Chair for ACM SIGCOMM 2021. He will also serve on the program committee.
• Matthew Caesar created and operates a new Slack workspace for the SIGCOMM community. The platform serves as a mechanism for participants to discuss security and networking topics with other participants. The platform has a channel to discuss a variety of topics, and includes a channel to discuss topics related to the science of security. The platform now has over 1,400 members.
• Kevin Jin was selected to serve on the program committee for ACM SIGSIM-PADS 2021
• Matthew Caesar was selected to serve on the program committee for ACM CCS 2021, a top conference in computer security.
• Matthew Caesar was selected to serve on the program committee for ACM NSDI 2021, a top conference in computer systems.
• Sayan Mitra gave a new lecture on “Towards verified robot code” at Semiautonomous Systems Seminar, UC Berkeley, February 12th, 2021.
• Sanjay Shakkotai was a speaker and co-organizer of the Edison Lecture 2021 titled Failing Well: Big Engineering Failures that Led to Big Successes, February 2021. The Edison Lecture is a presentation to engage more than 1000 middle and high school students across Central Texas on STEM topics.

Publications

Christopher Hannon, Deepjyoti Deka, Dong Jin, Marc Vuffray, and Andrey Y. Lokhov. "Real-time Anomaly Detection and Classification inStreaming PMU Data." 2021 IEEE PowerTech, Accepted
 

Xin Liu, Bo Zhang, Bo Chen, Alex Aved, and Dong Jin. "Distribution Grid Restoration withPower-Communication Interdependency." IEEE Transactions on Smart Grid, Submitted
 

[Research Poster] Gong Chen and Dong Jin. "Integrating I/O Time to Virtual Time System for High Fidelity Container-based Network Emulation." ACM SIGSIM-PADS 2021, Submitted
 

Dong Jin, Yanfeng Qu, Xin Liu, Christopher Hannon, Jiaqi Yan, Alex Aved, and Philip Morrone. “Dynamic Data-Driven Approach for Cyber Resilient and Secure Critical Energy Systems.” Handbook on Dynamic Data Driven Application Systems (DDDAS) (Vol. II), Book Chapter, Review with Minor Changes

Verifying Cyber-Physical Systems: A Path to Safe Autonomy, Sayan Mitra, Published by MIT Press, February 16, 2021.

Verification and Parameter Synthesis for Stochastic Systems using  Optimistic Optimization, Negin Musavi, Dawei Sun, Sayan Mitra, Sanjay Shakkottai, and Geir Dullerud, submitted for review, September 2020.

Policy Optimization for Markovian Jump Linear Quadratic Control: Gradient-Based Methods and Global Convergence and Parameter Synthesis for Stochastic Systems using  Optimistic Optimization, Joao Jansch-Porto, Bin Hu, and Geir Dullerud, submitted for review, January 2021.

Linear Bandit Algorithms with Sublinear Time Complexity, Shuo Yang, Tongzheng Ren, Sanjay Shakkottai, Eric Price, Inderjit Dhillon and Sujay Sanghavi, submitted for review, February 2021.

Hoang Hai Nguyen, David M. Nicol, “Estimating Loss Due to Cyber-attack in the Presence of Uncertainty”, 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2020)

C. Educational Advances
Impact to courses or curriculum at your school or elsewhere that indicates an increased training or rigor in security research.

None to report this quarter.