Multi-model Testbed for the Simulation-based Evaluation of Resilience (July '21)
PI(s), Co-PI(s), Researchers:
- Peter Volgyesi (PI)
- Himanshu Neema (Co-PI)
HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released in November 2012.
- Security Metrics Driven Evaluation, Design, Development, and Deployment
- Resilient Architectures
The goal of the Multi-model Testbed is to provide a collaborative design tool for evaluating various cyber-attack / defense strategies and their effects on the physical infrastructure. The web-based, cloud-hosted environment integrates state-of-the-art simulation engines for the different CPS domains and presents interesting research challenges as ready-to-use scenarios. Input data, model parameters, and simulation results are archived, versioned with a strong emphasis on repeatability and provenance.
PUBLICATIONS
[1] Himanshu Neema, Leqiang Wang, Xenofon Koutsoukos, CheeYee Tang, and Keith Stouffer. 2021. Model-Based Risk Analysis Approach for Network Vulnerability and Security of the Critical Railway Infrastructure. Accepted for publication in the 16th International Conference on Critical Information Infrastructures Security (CRITIS' 2021). Sep. 27-29, 2021, Lausanne, Switzerland.
[2] Himanshu Neema, Leqiang Wang, Xenofon Koutsoukos, CheeYee Tang, and Keith Stouffer. 2021. WiP: A Model-Based Risk Analysis Approach for Network Vulnerability of Railway Infrastructure. Presented the work-in-progress paper in the 8th Symposium on Hot Topics in the Science of Security (HotSoS '21). Association for Computing Machinery, Nashville, TN, USA. (presentation)
KEY HIGHLIGHTS
Threat Modeling and Risk Analysis in Industrial Control Systems
In this effort, we are working on developing a modeling and analysis framework for threats and cybersecurity risks in Industrial Control Systems (ICS). Identification of system vulnerabilities and implementation of appropriate risk mitigation strategies are crucial for ensuring the cybersecurity of Industrial Control Systems (ICS). These system vulnerabilities must be evaluated depending on their exploitability, impact, mitigation status, and target platform and environments. Therefore, in order to assess system vulnerabilities and risk mitigation strategies quantitatively, we are focusing on threat modeling and risk analysis methods for the cybersecurity of Railway Transportation Systems (RTS), which are real-world ICS and have become increasing vulnerable to cyber-attacks due to growing reliance on networked physical and computation components.
The framework developed is called the Risk Analysis Framework (RAF). It has seven major components. The first component is modeling environment for system architecture where the ICS can be modeled with complete component hierarchy and the communication network topology. The second component allows for modeling cyber vulnerabilities, specifying attack ports and risk mitigation actions, and risk flows across components through attack ports. It also enables creating a library of cyber exploits and mitigations. The third component provides for validation of all models. The fourth component is for vulnerability assessment that propagates the risk with the system through network connections and hierarchy composition and generates the component attack trees and system attack graphs. It also rank orders the system vulnerabilities in order decreasing order of their impact on the overall system's cyber risk. The fifth component is for generation of code and artifacts from the risk assessments. The sixth component is a major tool for risk management planning which allows for cyber gaming various available risk mitigation actions against potential cyber exploits. The seventh component is for visualization of results and for analysis. We already visualize component attack trees and system attack trees. The work on visualization of risk management analysis is ongoing.
We made significant progress in this effort and also presented our work earlier at the HotSoS'21 symposium. Subsequently, we extended the framework to incorporate cyber-gaming of exploits versus mitigations to plan for worst-case attacks as well as developed methods to deal with dynamic network connections where the vulnerabilities and their propagation via changing network connectivity continually changes. We have published this work in the 16th International Conference on Critical Information Infrastructures Security (CRITIS' 2021) and it has been accepted for publication.
Physics-guided Learning and Surrogate Modeling - Resilient CPS Applications
We continued our experimentation work for structural design and health monitoring for CPS applications. In the past, we developed analytical solutions (based on the Under Pressure from DeepSea) for analyzing stress loading of pressure vessels. Due to computational bottlenecks and to change the analysis questions to design questions (i.e. instead of asking if a given design can withstand the required conditions, asking for the minimum safe design parameters) we trained several surrogate models on a large (260k) dataset. The following options were investigated:
- black-box (naïve neural-network model)
- physics-guided models
- augmented physics-guided models
The last option is due to our latest results with purely physics-guided neural network models - where intermediate/hidden activations are completely "guided" by internal physical properties (hoop stress/axial stress) from the simulation. The results clearly showed that this approach "chokes" the learning process. In the augmented option we allow a part of the neural network to learn (in an unguided fashion) some features directly from the input geometry and requirements, while some hidden activations are constrained to the physics-based properties.
In the current reporting period, we continued this effort by integrating a more detailed finite element-based analysis tool (ANSYS FEM). While, the computational requirements are more intense with this approach - thus, the surrogate modeling approach is even more justified - FEM-based analysis provides more accurate results and - most importantly - more insight into physics-based properties and behavior for training the surrogates. Combined with the analytical-based solutions we can use multiple fidelity levels in the training process, where a large set of "cheap" but coarse results provide the bulk of the training set, with a much smaller number of more accurate samples may "tune" the model in the next phase. We have been developing a batch-based tool for generating and analyzing a large set of physical structures (see figure below) for training.
5G Network Modeling and Simulation
For running experiments of 5G Core Network infrastructure - focusing on the Radio Access Network (RAN) parts, the G-SA UE and gNodeB, we started integration of the UERANSIM open-source simulator tool (https://github.com/aligungr/UERANSIM). The WebGME-based interface streamlines the configuration process of wireless cellular networks and will allow for executing simulation jobs, capturing event traces.
While currently there are no ongoing efforts (in our Lablet) in investigating the security aspects of the 5G networks, this domain may enable new - and CPS relevant - experiments in the future, where cellular communication is either the target of the investigation or can play an important role of the infrastructure (similar to OMNeT++ and Veins for connected vehicle studies on the past)
TECHNOLOGY TRANSFER and BROADER IMPACT
While the physics-guided learning approach has a broad use-case in CPS (e.g. buildings, transportation infrastructure) we successfully applied the results in the design process of unmanned underwater vehicles (UUV) as part of the DARPA Symbiotic program.
EDUCATIONAL ADVANCES and OUTREACH
Collaboration with Cybersecurity Research Group at Fujitsu System Integration Laboratories Ltd
Discussion topics:
Threat Intelligence - Sharing Policy Enforcement (SPE)
WebGME-based modeling tool development for SPE
Integration with the MITRE ATT@CK framework
EDUCATIONAL ADVANCES and OUTREACH
Collaboration with NIST on threat modeling and risk analysis in ICS
Discussion topics:
Threat modeling in Railway ICS
Risk Analysis
Quantitative Risk Evaluation
Integration with Simulation-Based Evaluation
VU/ISIS Summer Internship Seminar Series
As part of our summer internship program, we were presenting our ongoing research projects for undergraduate students. Peter Volgyesi (PI) gave a presentation and lead a discussion on AI-driven communication infrastructure CPS topics on May 26, 2021. The material covered important parts of the testbed (WebGME/DeepForge) with the goal of enticing prospective graduate students for the Lablet project.
Further, Dr. Himanshu Neema is currently advising an undergraduate student for his internship at our institute. Please note that these students are working with our technologies, but the internships are not funded by this project. The project of this internship is "Evaluation of Vector Control and Social Policies on Pathogen Spread within Communities." This project aims to utilize agent-based simulations for modeling arthropod behavior and human activities as well as social policies for vector control and for changing human behavior in order to evaluate how these affect the spread of pathogens in humans through mosquito bites. We plan to use integrated simulations for these evaluations. We have developed RESTful APIs for the creation, configuration, parameterization, execution, and control of the disease simulations. Currently, we are working on creating a model based experimentation environment using these REST APIs. The current work also involves developing a reinforcement learning algorithm for learning effective vector control policies within the constraints of the local county health department. Additionally, this work is being converted into a web-acessible design studio for other researchers to experment with the platform.