Hypergames and Cyber-Physical Security for Control Systems

Abstract: The identification of the Stuxnet worm in 2010 provided a highly publicized example of a cyber attack used to damage an industrial control system physically. This raised public awareness about the possibility of similar attacks against other industrial targets -- including critical infrastructure. In this paper, we use hypergames to analyze how adversarial perturbations, like those used by Stuxnet, can be used to manipulate a system that employs optimal control. Hypergames form an extension of game theory that enables us to model strategic interactions where the players may have significantly different perceptions of the game(s) they are playing. Past work with hypergames has been limited to relatively simple interactions consisting of a small set of discrete choices for each player, but here, we apply hypergames to larger systems with continuous variables. We find that manipulating constraints can be a more effective attacker strategy than directly manipulating objective function parameters. Moreover, the attacker need not change the underlying system to carry out a successful attack -- it may be sufficient to deceive the defender controlling the system. It is possible to scale our approach up to even larger systems, but the ability to do so will depend on the characteristics of the system in question, and we identify several characteristics that will make those systems amenable to hypergame analysis.