Hypergames and Cyber-Physical Security for Control Systems

TL;DR

This paper applies hypergame theory to model and analyze cyber-physical attacks on control systems, revealing that deception and constraint manipulation can be effective attack strategies without altering the underlying system.

Contribution

It extends hypergame analysis to large, continuous-variable control systems, demonstrating new attack strategies and scalability considerations.

Findings

Manipulating constraints can be more effective than changing system parameters.

Deception of the defender can suffice for successful attacks.

Hypergame analysis can be scaled to larger systems with certain characteristics.

Abstract

The identification of the Stuxnet worm in 2010 provided a highly publicized example of a cyber attack used to damage an industrial control system physically. This raised public awareness about the possibility of similar attacks against other industrial targets -- including critical infrastructure. In this paper, we use hypergames to analyze how adversarial perturbations, like those used by Stuxnet, can be used to manipulate a system that employs optimal control. Hypergames form an extension of game theory that enables us to model strategic interactions where the players may have significantly different perceptions of the game(s) they are playing. Past work with hypergames has been limited to relatively simple interactions consisting of a small set of discrete choices for each player, but here, we apply hypergames to larger systems with continuous variables. We find that manipulating constraints can be a more effective attacker strategy than directly manipulating objective function parameters. Moreover, the attacker need not change the underlying system to carry out a successful attack -- it may be sufficient to deceive the defender controlling the system. It is possible to scale our approach up to even larger systems, but the ability to do so will depend on the characteristics of the system in question, and we identify several characteristics that will make those systems amenable to hypergame analysis.