Abstract
We consider the problem of determining the set of damaged components in an infrastructure system solely from outage reports from customers. This problem is especially important in the context of cyber attacks on the information/control systems of the infrastructures since these attacks can present incorrect information about the status of components within the infrastructure. We develop an interdiction-based approach that iteratively determines a set of components to inspect whose damage would best replicate the outage report and thus provides decision-makers with an inspection priority list. Our approach is flexible in the sense that it can produce an updated set of damaged components even if a previous inspection reveals that a component is operational. We apply our approach to damage scenarios on realistic infrastructure systems.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Al-Khayyal, F.A., Falk, J.E.: Jointly constrained biconvex programming. Math. Oper. Res. 8(2), 273–286 (1983)
Alderson, D.L., Brown, G.G., Carlyle, W.M.: Assessing and improving operational resilience of critical infrastructures and other systems. Stat 745, 70 (2014)
Alderson, D.L., Brown, G.G., Carlyle, W.M.: Operational models of infrastructure resilience. Risk Anal. 35(4), 562–586 (2015)
Altner, D.S., Ergun, Ö., Uhan, N.A.: The maximum flow network interdiction problem: valid inequalities, integrality gaps, and approximability. Oper. Res. Lett. 38(1), 33–38 (2010). doi:10.1016/j.orl.2009.09.013
Bayrak, H., Bailey, M.D.: Shortest path network interdiction with asymmetric information. Networks 52(3), 133–140 (2008). doi:10.1002/net.20236
Boyer, S.A.: SCADA: supervisory control and data acquisition, 4th edn. International Society of Automation, USA (2009)
Cormican, K.J., Morton, D.P., Wood, R.K.: Stochastic network interdiction. Oper. Res. 46(2), 184–197 (1998). doi:10.1287/opre.46.2.184
Dilanian, K.: NSA Director: yes, China can shut down our power grids (2014). http://www.businessinsider.com/nsa-director-yes-china-can-shut-down-our-power-grids-2014-11. Accessed 16 June 2015
ICS-CERT: incident response activity trends in incident response in 2013 National Cybersecurity. Tech. Rep. December (2013)
Janjarassuk, U., Linderoth, J.: Reformulation and sampling to solve a stochastic network interdiction problem. Networks 52(3), 120–132 (2008). doi:10.1002/net.20237
Kress, M., Royset, J.O., Rozen, N.: The eye and the fist: optimizing search and interdiction. Eur. J. Oper. Res. 220(2), 550–558 (2012). doi:10.1016/j.ejor.2012.02.016
Kundur, D., Butler-purry, K.L.: Towards a framework for cyber attack impact analysis of the electric smart grid. Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference pp. 244–249 (2010)
Lim, C., Smith, J.C.: Algorithms for discrete and continuous multicommodity flow network interdiction problems IIE Trans. 39(1), 15–26 (2007). doi:10.1080/07408170600729192
Malaviya, A., Rainwater, C., Sharkey, T.: Multi-period network interdiction problems with applications to city-level drug enforcement. IIE Trans. 44(December), 368–380 (2012). doi:10.1080/0740817X.2011.602659
McCormick, G.P.: Computability of global solutions to factorable nonconvex programs: part I—convex underestimating problems. Math. Program. 10(1), 147–175 (1976)
Mendonça, D., Wallace, W.A.: Impacts of the 2001 World Trade Center attack on New York city critical infrastructures. J. Infrastruct. Syst. 12(4), 260–270 (2006)
Mo, Y., Kim, T.H.J., Brancik, K., Dickinson, D., Lee, H., Perrig, A., Sinopoli, B.: Cyber and Physical Security of a Smart Grid Infrastructure. Proc. IEEE 100(1), pp. 195–209 (2012). http://www.chathamhouse.org/sites/default/files/public/Research/InternationalSecurity/0213pr_cyber.pdf
Mora-Flòrez, J., Meléndez, J., Carrillo-Caicedo, G.: Comparison of impedance based fault location methods for power distribution systems. Electric Power Syst. Res. 78(4), 657–666 (2008)
Morton, D.P., Pan, F., Saeger, K.J.: Models for nuclear smuggling interdiction. IIE Trans. 39(1), 3–14 (2007). doi:10.1080/07408170500488956
Murray, A.T.: An overview of network vulnerability modeling approaches. GeoJournal 78(2), 209–221 (2013). doi:10.1007/s10708-011-9412-z
Murray, A.T., Matisziw, T.C., Grubesic, T.H.: Critical network infrastructure analysis: interdiction and system flow. J. Geogr. Syst. 9(2), 103–117 (2007). doi:10.1007/s10109-006-0039-4
Nicholson, A., Webber, S., Dyer, S., Patel, T., Janicke, H.: SCADA security in the light of cyber-warfare. Comput. Secur. 31, 418–436 (2012)
Nurre, S.G., Cavdaroglu, B., Mitchell, J.E., Sharkey, T.C., Wallace, W.A.: Restoring infrastructure systems: an integrated network design and scheduling (INDS) problem. Eur. J. Oper. Res. 223(3), 794–806 (2012). doi:10.1016/j.ejor.2012.07.010
Nurre, S.G., Sharkey, T.C.: Integrated network design and scheduling problems with parallel identical machines. Networks 63(4), 306–326 (2014). http://doi.wiley.com/10.1002/net.21547
Rinaldi, S., Peerenboom, J., Kelly, T.: Identifying, understanding, and analyzing critical infrastructure interdependencies. Control Systems, IEEE, pp. 11–25 (2001)
Robertson, J., Riley, M.A.: Mysterious 08 Turkey Pipeline Blast Opened New Cyberwar (2014). http://www.bloomberg.com/news/articles/2014-12-10/mysterious-08-turkey-pipeline-blast-opened-new-cyberwar. Accessed 16 June 2015
Rocco, S.C.M., Ramirez-Marquez, J.E.: A bi-objective approach for shortest-path network interdiction. Comput. Ind. Eng. 59(2), 232–240 (2010). doi:10.1016/j.cie.2010.04.004
Saha, M.M., Izykowski, J.J., Rosolowski, E.: Fault Location on power networks 25, 425 (2009). https://books.google.com/books?hl=en&lr=&id=CCE8Bm5kpKIC&pgis=1
Set, J.O.R., Wood, R.K.: Solving the bi-objeetive maximum-flow network-interdiction problem. INFORMS J. Comput. 19(2), 175–184 (2007). doi:10.1287/ijoc.l060.0191
Sharkey, T.C., Cavdaroglu, B., Nguyen, H., Holman, J., Mitchell, J.E., Wallace, W.A.: Interdependent network restoration: modeling restoration interdependencies and evaluating the value of information-sharing. Eur. J. Oper. Res. 244(1), 309–321 (2015)
Slay, J., Miller, M.: Critical infrastructure protection. IFIP Int. Fed. Inf. Process. 253, 73–82 (2008). doi:10.1007/978-0-387-75462-8_6
United States Government Accountability Office: Critical Infrastructure Protection: multiple efforts to secure control systems are under way, but challenges remain. Tech. Rep. September (2007)
Wallace, W., Mendonça, D., Lee, E., Mitchell, J., Chow, J.: Managing disruptions to critical interdependent infrastructures in the context of the 2001 World Trade Center attack. In: Myers, M.F. (ed.) In beyond september 11: an account of post-disaster research, pp. 165–198. Natural Hazards Research and Applications Information Center, University of Colorado, Program on Environment and Behavior, Special Publication 39, Boulder, CO (2003)
Wood, R.: Deterministic network interdiction. Math. Comput. Model. 17(2), 1–18 (1993)
Yan, Y., Qian, Y., Sharif, H., Tipper, D.: A survey on cyber security for Smart Grid Communications. IEEE Commun. Surveys Tutor. 14(4), 998–1010 (2012)
Zhu, B., Joseph, A., Sastry, S.: A taxonomy of cyber attacks on SCADA systems. In: Proceedings—2011 IEEE International Conferences on Internet of Things and Cyber, Physical and Social Computing, iThings/CPSCom 2011, pp. 380–388 (2011)
Acknowledgments
The work of Thomas Sharkey was supported in part by the US National Science Foundation under Grant Number CMMI-1254258. This material is based upon work sponsored by Department of Homeland Security through the Command, Control, and Interoperability Center for Advanced Data Analysis Center of Excellence. The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Department of Homeland Security or the US Government.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Nguyen, H., Sharkey, T.C. A computational approach to determine damage in infrastructure networks from outage reports. Optim Lett 11, 753–770 (2017). https://doi.org/10.1007/s11590-016-1044-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11590-016-1044-2