An Introduction of System-Scientific Approaches to Cognitive Security

TL;DR

This paper introduces system-scientific approaches to cognitive security in Human-Cyber-Physical Systems, addressing vulnerabilities of human cognition exploited by attacks and proposing defense strategies for secure integration of AI and humans.

Contribution

It presents a new paradigm of cognitive security, distinguishes it from related concepts, and advocates for system scientific methods to develop quantitative and transferable defense solutions.

Findings

Cognitive security differs from cognitive reliability and involves a unique CIA triad.

Cognitive attacks exploit vulnerabilities in human cognition within HCPSs.

System scientific perspectives enable modular and multi-scale solutions for cognitive security.

Abstract

Human cognitive capacities and the needs of human-centric solutions for "Industry 5.0" make humans an indispensable component in Cyber-Physical Systems (CPSs), referred to as Human-Cyber-Physical Systems (HCPSs), where AI-powered technologies are incorporated to assist and augment humans. The close integration between humans and technologies in Section 1.1 and cognitive attacks in Section 1.2.4 poses emerging security challenges, where attacks can exploit vulnerabilities of human cognitive processes, affect their behaviors, and ultimately damage the HCPS. Defending HCPSs against cognitive attacks requires a new security paradigm, which we refer to as "cognitive security" in Section 1.2.5. The vulnerabilities of human cognitive systems and the associated methods of exploitation distinguish cognitive security from "cognitive reliability" and give rise to a distinctive CIA triad, as shown in Sections 1.2.5.1 and 1.2.5.2, respectively. Section 1.2.5.3 introduces cognitive and technical defense methods that deter the kill chain of cognitive attacks and achieve cognitive security. System scientific perspectives in Section 1.3 offer a promising direction to address the new challenges of cognitive security by developing quantitative, modular, multi-scale, and transferable solutions.