A game theoretic approach for responding to cyber-attacks on nuclear power plants

Yunfei Zhao, Linan Huang, Carol Smidts, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

As digital systems are being more widely employed in nuclear power plants, the potential for serious consequences caused by cyber-attacks on the plants has drawn increasing attention to cyber-security issues in the nuclear industry. Current practices focus on strategies for preventing cyber-attacks, while little research has been done on how to respond to cyber-attacks when they are detected. In this paper, we propose a game theoretic approach for responding to cyber-attacks on nuclear power plants. The interaction between the defender and the attacker is modeled as a two-player, nonzero-sum, stochastic game, which generalizes both Markov decision processes (MDP) and repeated games. We propose an approach for identifying system states and state transitions, and apply probabilistic risk assessment to obtain credible transition probabilities between system states under the action pair of defender and attacker. The Nash Equilibrium of the game provides the valid prediction of both players' actions because no single player can benefit from unilaterally deviating from the equilibrium policy if the other player adheres to his/hers, hence it provides the best response of the defender to cyber-attacks. Dynamic programming represents the long-term cumulative utility in a recursive form and we form an equivalent nonlinear program to derive the equilibrium. As a case study, the proposed approach is applied to a simplified benchmark digital feedwater control system. The modeling of the system is presented, and discussions on both the equilibrium policy and state values obtained are provided.

Original languageEnglish (US)
Title of host publication11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019
PublisherAmerican Nuclear Society
Pages399-410
Number of pages12
ISBN (Electronic)9780894487835
StatePublished - Jan 1 2019
Event11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019 - Orlando, United States
Duration: Feb 9 2019Feb 14 2019

Publication series

Name11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019

Conference

Conference11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019
CountryUnited States
CityOrlando
Period2/9/192/14/19

Fingerprint

Nuclear power plants
Nuclear industry
Dynamic programming
Risk assessment
Control systems

Keywords

  • Cyber-security
  • Decision-making
  • Game theory
  • Nuclear power plants
  • Probabilistic risk assessment

ASJC Scopus subject areas

  • Nuclear Energy and Engineering
  • Energy Engineering and Power Technology
  • Human-Computer Interaction
  • Control and Systems Engineering

Cite this

Zhao, Y., Huang, L., Smidts, C., & Zhu, Q. (2019). A game theoretic approach for responding to cyber-attacks on nuclear power plants. In 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019 (pp. 399-410). (11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019). American Nuclear Society.

A game theoretic approach for responding to cyber-attacks on nuclear power plants. / Zhao, Yunfei; Huang, Linan; Smidts, Carol; Zhu, Quanyan.

11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019. American Nuclear Society, 2019. p. 399-410 (11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Zhao, Y, Huang, L, Smidts, C & Zhu, Q 2019, A game theoretic approach for responding to cyber-attacks on nuclear power plants. in 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019. 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019, American Nuclear Society, pp. 399-410, 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019, Orlando, United States, 2/9/19.
Zhao Y, Huang L, Smidts C, Zhu Q. A game theoretic approach for responding to cyber-attacks on nuclear power plants. In 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019. American Nuclear Society. 2019. p. 399-410. (11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019).
Zhao, Yunfei ; Huang, Linan ; Smidts, Carol ; Zhu, Quanyan. / A game theoretic approach for responding to cyber-attacks on nuclear power plants. 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019. American Nuclear Society, 2019. pp. 399-410 (11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019).
@inproceedings{30693ce6519d4ca091c1c49010260eb1,
title = "A game theoretic approach for responding to cyber-attacks on nuclear power plants",
abstract = "As digital systems are being more widely employed in nuclear power plants, the potential for serious consequences caused by cyber-attacks on the plants has drawn increasing attention to cyber-security issues in the nuclear industry. Current practices focus on strategies for preventing cyber-attacks, while little research has been done on how to respond to cyber-attacks when they are detected. In this paper, we propose a game theoretic approach for responding to cyber-attacks on nuclear power plants. The interaction between the defender and the attacker is modeled as a two-player, nonzero-sum, stochastic game, which generalizes both Markov decision processes (MDP) and repeated games. We propose an approach for identifying system states and state transitions, and apply probabilistic risk assessment to obtain credible transition probabilities between system states under the action pair of defender and attacker. The Nash Equilibrium of the game provides the valid prediction of both players' actions because no single player can benefit from unilaterally deviating from the equilibrium policy if the other player adheres to his/hers, hence it provides the best response of the defender to cyber-attacks. Dynamic programming represents the long-term cumulative utility in a recursive form and we form an equivalent nonlinear program to derive the equilibrium. As a case study, the proposed approach is applied to a simplified benchmark digital feedwater control system. The modeling of the system is presented, and discussions on both the equilibrium policy and state values obtained are provided.",
keywords = "Cyber-security, Decision-making, Game theory, Nuclear power plants, Probabilistic risk assessment",
author = "Yunfei Zhao and Linan Huang and Carol Smidts and Quanyan Zhu",
year = "2019",
month = "1",
day = "1",
language = "English (US)",
series = "11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019",
publisher = "American Nuclear Society",
pages = "399--410",
booktitle = "11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019",
address = "United States",

}

TY - GEN

T1 - A game theoretic approach for responding to cyber-attacks on nuclear power plants

AU - Zhao, Yunfei

AU - Huang, Linan

AU - Smidts, Carol

AU - Zhu, Quanyan

PY - 2019/1/1

Y1 - 2019/1/1

N2 - As digital systems are being more widely employed in nuclear power plants, the potential for serious consequences caused by cyber-attacks on the plants has drawn increasing attention to cyber-security issues in the nuclear industry. Current practices focus on strategies for preventing cyber-attacks, while little research has been done on how to respond to cyber-attacks when they are detected. In this paper, we propose a game theoretic approach for responding to cyber-attacks on nuclear power plants. The interaction between the defender and the attacker is modeled as a two-player, nonzero-sum, stochastic game, which generalizes both Markov decision processes (MDP) and repeated games. We propose an approach for identifying system states and state transitions, and apply probabilistic risk assessment to obtain credible transition probabilities between system states under the action pair of defender and attacker. The Nash Equilibrium of the game provides the valid prediction of both players' actions because no single player can benefit from unilaterally deviating from the equilibrium policy if the other player adheres to his/hers, hence it provides the best response of the defender to cyber-attacks. Dynamic programming represents the long-term cumulative utility in a recursive form and we form an equivalent nonlinear program to derive the equilibrium. As a case study, the proposed approach is applied to a simplified benchmark digital feedwater control system. The modeling of the system is presented, and discussions on both the equilibrium policy and state values obtained are provided.

AB - As digital systems are being more widely employed in nuclear power plants, the potential for serious consequences caused by cyber-attacks on the plants has drawn increasing attention to cyber-security issues in the nuclear industry. Current practices focus on strategies for preventing cyber-attacks, while little research has been done on how to respond to cyber-attacks when they are detected. In this paper, we propose a game theoretic approach for responding to cyber-attacks on nuclear power plants. The interaction between the defender and the attacker is modeled as a two-player, nonzero-sum, stochastic game, which generalizes both Markov decision processes (MDP) and repeated games. We propose an approach for identifying system states and state transitions, and apply probabilistic risk assessment to obtain credible transition probabilities between system states under the action pair of defender and attacker. The Nash Equilibrium of the game provides the valid prediction of both players' actions because no single player can benefit from unilaterally deviating from the equilibrium policy if the other player adheres to his/hers, hence it provides the best response of the defender to cyber-attacks. Dynamic programming represents the long-term cumulative utility in a recursive form and we form an equivalent nonlinear program to derive the equilibrium. As a case study, the proposed approach is applied to a simplified benchmark digital feedwater control system. The modeling of the system is presented, and discussions on both the equilibrium policy and state values obtained are provided.

KW - Cyber-security

KW - Decision-making

KW - Game theory

KW - Nuclear power plants

KW - Probabilistic risk assessment

UR - http://www.scopus.com/inward/record.url?scp=85071013752&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85071013752&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:85071013752

T3 - 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019

SP - 399

EP - 410

BT - 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019

PB - American Nuclear Society

ER -