An official website of the United States government
We model a vehicle equipped with an autonomous cyber-defense system in addition to its inherent physical resilience features. When attacked, this ensemble of cyber-physical features (i.e., “bonware”) strives to resist and recover from the performance degradation caused by the malware's attack. We model the underlying differential equations governing such attacks for piecewise linear characterizations of malware and bonware, develop a discrete time stochastic model, and show that averages of instantiations of the stochastic model approximate solutions to the continuous differential equation. We develop a theory and methodology for approximating the parameters associated with these equations.
more »
« less
This content will become publicly available on January 31, 2026
Quantitative Measurement of Cyber Resilience: Modeling and Experimentation
Cyber resilience is the ability of a system to resist and recover from a cyber attack, thereby restoring the system’s functionality. Effective design and development of a cyber resilient system requires experimental methods and tools for quantitative measuring of cyber resilience. This article describes an experimental method and test bed for obtaining resilience-relevant data as a system (in our case—a truck) traverses its route, in repeatable, systematic experiments. We model a truck equipped with an autonomous cyber-defense system and which also includes inherent physical resilience features. When attacked by malware, this ensemble of cyber-physical features (i.e., “bonware”) strives to resist and recover from the performance degradation caused by the malware’s attack. We propose parsimonious mathematical models to aid in quantifying systems’ resilience to cyber attacks. Using the models, we identify quantitative characteristics obtainable from experimental data and show that these characteristics can serve as useful quantitative measures of cyber resilience.
more »
« less
- Award ID(s):
- 2051186
- PAR ID:
- 10595940
- Publisher / Repository:
- Association for Computing Machinery
- Date Published:
- Journal Name:
- ACM Transactions on Cyber-Physical Systems
- Volume:
- 9
- Issue:
- 1
- ISSN:
- 2378-962X
- Page Range / eLocation ID:
- 1 to 25
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
This work introduces a novel physics-informed neural network (PINN)-based framework for modeling and optimizing false data injection (FDI) attacks on electric vehicle charging station (EVCS) networks, with a focus on centralized charging management system (CMS). By embedding the governing physical laws as constraints within the neural network’s loss function, the proposed framework enables scalable, real-time analysis of cyber-physical vulnerabilities. The PINN models EVCS dynamics under both normal and adversarial conditions while optimizing stealthy attack vectors that exploit voltage and current regulation. Evaluations on the IEEE 33-bus system demonstrate the framework’s capability to uncover critical vulnerabilities. These findings underscore the urgent need for enhanced resilience strategies in EVCS networks to mitigate emerging cyber threats targeting the power grid. Furthermore, the framework lays the groundwork for exploring a broader range of cyber-physical attack scenarios on EVCS networks, offering potential insights into their impact on power grid operations. It provides a flexible platform for studying the interplay between physical constraints and adversarial manipulations, enhancing our understanding of EVCS vulnerabilities. This approach opens avenues for future research into robust mitigation strategies and resilient design principles tailored to the evolving cybersecurity challenges in smart grid systems.more » « less
-
Owing1 to an immense growth of internet-connected and learning-enabled cyber-physical systems (CPSs) [1], several new types of attack vectors have emerged. Analyzing security and resilience of these complex CPSs is difficult as it requires evaluating many subsystems and factors in an integrated manner. Integrated simulation of physical systems and communication network can provide an underlying framework for creating a reusable and configurable testbed for such analyses. Using a model-based integration approach and the IEEE High-Level Architecture (HLA) [2] based distributed simulation software; we have created a testbed for integrated evaluation of large-scale CPS systems. Our tested supports web-based collaborative metamodeling and modeling of CPS system and experiments and a cloud computing environment for executing integrated networked co-simulations. A modular and extensible cyber-attack library enables validating the CPS under a variety of configurable cyber-attacks, such as DDoS and integrity attacks. Hardware-in-the-loop simulation is also supported along with several hardware attacks. Further, a scenario modeling language allows modeling of alternative paths (Courses of Actions) that enables validating CPS under different what-if scenarios as well as conducting cyber-gaming experiments. These capabilities make our testbed well suited for analyzing security and resilience of CPS. In addition, the web-based modeling and cloud-hosted execution infrastructure enables one to exercise the entire testbed using simply a web-browser, with integrated live experimental results display.more » « less
-
While many research efforts on Cyber-Physical System (CPS) security are devoted to attack detection, how to respond to the detected attacks receives little attention. Attack response is essential since serious consequences can be caused if CPS continues to act on the compromised data by the attacks. In this work, we aim at the response to sensor attacks and adapt machine learning techniques to recover CPSs from such attacks. There are, however, several major challenges. i) Cumulative error. Recovery needs to estimate the current state of a physical system (e.g., the speed of a vehicle) in order to know if the system has been driven to a certain state. However, the estimation error accumulates over time in presence of compromised sensors. ii) Timely response. A fast response is needed since slow recovery not only comes with large estimation errors but also may be too late to avoid irreparable consequences. To address these challenges, we propose a novel learning-based solution, named sequence-predictive recovery (or SeqRec). To reduce the estimation error, SeqRec designs the first sequence-to-sequence (Seq2Seq) model to uncover the temporal and spatial dependencies among sensors and control demands, and then uses the model to estimate system states using the trustworthy data logged in history. To achieve an adequate and fast recovery, SeqRec designs the second Seq2Seq model that considers both the current time step using the remaining intact sensors and the future time steps based on a given target state, and embeds the model into a novel recovery control algorithm to drive a physical system back to that state. Experimental results demonstrate that SeqRec can effectively and efficiently recover CPSs from sensor attacks.more » « less
-
We propose a novel framework for modeling attack scenarios in cyber-physical control systems: we represent a cyber-physical system as a constrained switching system, where a single model embeds the dynamics of the physical process, the attack patterns, and the attack detection schemes. We show that this is compatible with established results in hybrid automata, namely, constrained switching systems. The proposed attack modeling approach admits a large class of non-deterministic attack policies and permits the characterization of system safety as an asymptotic property. By calculating the maximal safe set, the resulting new impact metrics intuitively quantify the degradation of safety and the impact of cyber attacks on the safety properties of the system under attack. We showcase our results via an illustrative example.more » « less
