A game-theoretic approach to defending nuclear systems from stuxnet-type attacks

Lee T. Maccarone, Daniel G. Cole, Nageswara S.V. Rao, Alexander M. Melin, Sacit M. Cetiner

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Cyber-physical systems consist of interconnected physical processes and computational resources. Because the cyber and physical worlds are integrated, vulnerabilities in both the cyber and physical domains can result in damage to the physical system. As cyber-physical systems, nuclear power plants must be secure in both domains in order to maintain operational safety. Nuclear power plants may be targeted by a variety of threat actors such as state actors, hack-tivists, and disgruntled employees-each with a unique motivation and set of resources. This work predicts the outcome of a cyber-physical attack on a nuclear power plant by examining the interaction between a threat actor and a plant defender. A game-theoretic approach is presented to analyze attacks on cyber-physical systems. The cyber-physical attack is analyzed as a two-player strategic-form game. The two players are an attacker and a defender: the defender attempts to maintain plant operation while the attacker attempts to disrupt it. The attacker's strategy set consists of a cyber attack, physical attack, cyber-physical attack, and abstaining from an attack. The defender's strategy set consists of a cyber reinforcement, physical reinforcement, cyber-physical reinforcement, and abstaining from reinforcement. Each player incurs a cost from either attacking or defending. If an attack is successful, the attacker incurs a gain and the defender incurs a loss. A mixed strategy Nash equilibrium is identified. Under the mixed Nash equilibrium conditions, the expected utility of the attacker is zero, and the expected utility of the defender is the cost of cyber-physical reinforcement.

Original languageEnglish
Title of host publication11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019
PublisherAmerican Nuclear Society
Pages411-421
Number of pages11
ISBN (Electronic)9780894487835
StatePublished - 2019
Event11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019 - Orlando, United States
Duration: Feb 9 2019Feb 14 2019

Publication series

Name11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019

Conference

Conference11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019
Country/TerritoryUnited States
CityOrlando
Period02/9/1902/14/19

Keywords

  • Cyber-physical systems
  • Game theory
  • Nash equilibrium
  • Security
  • Stuxnet

Fingerprint

Dive into the research topics of 'A game-theoretic approach to defending nuclear systems from stuxnet-type attacks'. Together they form a unique fingerprint.

Cite this