Skip to main content
SpringerLink
Log in
Book cover

International Conference on Decision and Game Theory for Security

GameSec 2010: Decision and Game Theory for Security pp 107–122Cite as

Security Interdependencies for Networked Control Systems with Identical Agents

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6442))

Abstract

This paper studies the security choices of identical plant- controller systems, when their security is interdependent due the exposure to network induced risks. Each plant is modeled by a discrete-time stochastic linear system, which is sensed and controlled over a communication network. We model security decisions of the individual systems (also called players) as a game. We consider a two-stage game, in which first, the players choose whether to invest in security or not; and thereafter, choose control inputs to minimize the average operational costs. We fully characterize equilibria of the game, which give us the individually optimal security choices. We also find the socially optimal choices. The presence of security interdependence creates a negative externality, and results in a gap between the individual and the socially optimal security choices for a wide range of security costs. Due to the negative externality, the individual players tend to under invest in security.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alpcan, T., Başar, T.: Network Security: A Decision and Game Theoretic Approach. Cambridge University Press, Philadelphia (2011)

    MATH  Google Scholar 

  2. Amin, S., Cárdenas, A.A., Sastry, S.: Safe and secure networked control systems under denial-of-service attacks. In: Majumdar, R., Tabuada, P. (eds.) HSCC 2009. LNCS, vol. 5469, pp. 31–45. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. Anderson, R., Böhme, R., Clayton, R., Moore, T.: Security economics and European policy. In: Proceedings of the Workshop on the Economics of Information Security WEIS, Hanover, USA (June 2008)

    Google Scholar 

  4. Anderson, R., Fuloria, S.: Security economics and critical national infrastructure. In: The Eighth Workshop on the Economics of Information Security (2009)

    Google Scholar 

  5. Anderson, R., Fuloria, S.: On the security economics of electricity metering. In: The Ninth Workshop on the Economics of Information Security (2010)

    Google Scholar 

  6. Başar, T., Olsder, G.J.: Dynamic Noncooperative Game Theory, 2nd edn., Philadelphia. SIAM Series in Classics in Applied Mathematics (1999)

    Google Scholar 

  7. Bier, V., Oliveros, S., Samuelson, L.: Choosing what to protect: Strategic defensive allocation against an unknown attacker. Journal of Public Economic Theory 9(4), 563–587 (2007)

    Article  Google Scholar 

  8. Böhme, R., Schwartz, G.A.: Modeling cyber-insurance: Towards a unifying framework. In: Proceedings of the Workshop on the Economics of Information Security WEIS, Harvard University, Cambridge (June 2010)

    Google Scholar 

  9. Cárdenas, A.A., Amin, S., Sastry, S.S.: Research challenges for the security of control systems. In: Provos, N. (ed.) HotSec. USENIX Association (2008)

    Google Scholar 

  10. Carin, L., Cybenko, G., Hughes, J.: Cybersecurity strategies: The QuERIES methodology. Computer 41

    Google Scholar 

  11. Cavusoglu, H., Mishra, B., Raghunathan, S.: The value of intrusion detection systems in information technology security architecture. Info. Sys. Research 16(1), 28–46 (2005)

    Article  Google Scholar 

  12. Garone, E., Sinopoli, B., Casavola, A.: LQG control over lossy TCP-like networks with probabilistic packet acknowledgements. International Journal of Systems, Control and Communications 2(1/2/3), 55–81 (2010)

    Article  Google Scholar 

  13. Grossklags, J., Christin, N., Chuang, J. (eds.): Secure or Insure? A Game-Theoretic Analysis of Information Security Games. In: Proceedings of the 17th International World Wide Web Conference (April 2008)

    Google Scholar 

  14. Heal, G., Kunreuther, H.: Interdependent security. Journal of Risk and Uncertainty 26(2-3), 231–249 (2003)

    MATH  Google Scholar 

  15. Heal, G., Kunreuther, H.: Interdependent security: A general model. NBER Working Papers 10706, National Bureau of Economic Research, Inc. (August 2004)

    Google Scholar 

  16. Hespanha, J.P., Naghshtabrizi, P., Xu, Y.: A survey of recent results in networked control systems. Proceedings of the IEEE 95(1), 138–162 (2007)

    Article  Google Scholar 

  17. Hofmann, A.: Internalizing externalities of loss prevention through insurance monopoly: an analysis of interdependent risks. The GENEVA Risk and Insurance Review 32(1), 91–111 (2007)

    Article  Google Scholar 

  18. Imer, O.C., Yüksel, S., Başar, T.: Optimal control of LTI systems over unreliable communication links. Automatica 42(9), 1429–1439 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  19. Kunreuther, H., Heal, G.: Interdependent security: The case of identical agents. Working Paper 8871, National Bureau of Economic Research (April 2002)

    Google Scholar 

  20. Lelarge, M.: Economics of malware: epidemic risks model, network externalities and incentives. In: Allerton 2009: Proceedings of the 47th Annual Allerton Conference on Communication, Control, and Computing, Piscataway, NJ, USA, pp. 1353–1360. IEEE Press, Los Alamitos (2009)

    Chapter  Google Scholar 

  21. Lelarge, M., Bolot, J.: Network externalities and the deployment of security features and protocols in the internet. SIGMETRICS Perform. Eval. Rev. 36(1), 37–48 (2008)

    Article  Google Scholar 

  22. Mounzer, J., Alpcan, T., Bambos, N.: Dynamic control and mitigation of interdependent IT security risks. In: Proceedings of the IEEE Conference on Communication (ICC), IEEE Communications Society (May 2010)

    Google Scholar 

  23. Schenato, L., Sinopoli, B., Franceschetti, M., Poolla, K., Sastry, S.S.: Foundations of control and estimation over lossy networks. Proceedings of the IEEE 95, 163–187 (2007)

    Article  Google Scholar 

  24. Tabors, R.D., Parker, G., Caramanis, M.C.: Development of the smart grid: Missing elements in the policy process. In: Proceedings of the Hawaii International Conference on System Sciences, Los Alamitos, CA, USA, pp. 1–7 (2010)

    Google Scholar 

  25. Dam, K.W., Owens, W.A., Lin, H.S.: Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities. Committee on Offensive Information Warfare, National Research Council, Philadelphia (2009)

    Google Scholar 

  26. Weiss, J.: Protecting Industrial Control Systems from Electronic Threats. Momentum Press (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of CEE, University of California at Berkeley, Berkeley, CA, USA

    Saurabh Amin

  2. Department of EECS, University of California at Berkeley, Berkeley, CA, USA

    Galina A. Schwartz & S. Shankar Sastry

Authors
  1. Saurabh Amin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Galina A. Schwartz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. S. Shankar Sastry
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Deutsche Telekom Laboratories, Technische Universität Berlin, 10587, Berlin, Germany

    Tansu Alpcan

  2. Laboratory of Cryptography and System Security (CrySyS), Budapest University of Technology and Economics, Budapest, Hungary

    Levente Buttyán

  3. Department of Electrical and Computer Engineering, University of Maryland, College Park, MD, USA

    John S. Baras

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Amin, S., Schwartz, G.A., Sastry, S.S. (2010). Security Interdependencies for Networked Control Systems with Identical Agents. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds) Decision and Game Theory for Security. GameSec 2010. Lecture Notes in Computer Science, vol 6442. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17197-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17197-0_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17196-3

  • Online ISBN: 978-3-642-17197-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation