Modeling and simulation of cyberattacks to aid systems security engineers and cyber-physical designs to aid systems engineers

Author

Christopher Daniel Colvett

Date of Award

2023

Document Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Industrial and Systems Engineering and Engineering Management

Committee Chair

Sampson Gholston

Committee Member

James Swain

Committee Member

Bryan Mesmer

Committee Member

John Bland

Subject(s)

Computer security--Computer simulation, Systems engineering

Abstract

The advent of the Internet has led to an ever-increasingly interconnected world. The range of cyber-physical systems being interconnected has expanded to include power generation facilities, automobiles, weapon systems, and others. Securing such systems against cyberattacks is crucial, and consequently cybersecurity research, including cybersecurity modeling, has been growing. However, most cybersecurity modeling efforts to date omit any representation of the computer systems' user, thereby overlooking the potentially negative impact that security measures can have on system users' productivity. A currently ongoing research program, consisting of multiple interrelated research projects, has been modeling cyberattacks based on their descriptions in the MITRE Common Attack Pattern Enumeration and Classification (CAPEC) database. The models are expressed using a formalism, called Petri Nets with Players, Strategies, and Costs (PNPSC), that extends classic Petri nets with features specifically designed to model cyberattacks. However, the CAPEC descriptions, and thus the PNPSC models based on them, are attacker-centric. The research described in this dissertation added representations of computer system users to the CAPEC-based PNPSC models and then showed, using simulation, reinforcement learning, and statistical analysis, that the inclusion of the user representations resulted in significantly different defensive strategies being adopted by the system defender. That result confirmed the importance of representing the system users in cybersecurity models. In addition, the PNPSC formalism was also used to model a real-world cyber-physical system. That model was found to provide additional insight during a systems engineering design review, demonstrating that such models can add value in the systems engineering process.

Recommended Citation

Colvett, Christopher Daniel, "Modeling and simulation of cyberattacks to aid systems security engineers and cyber-physical designs to aid systems engineers" (2023). Dissertations. 329.
https://louis.uah.edu/uah-dissertations/329