[PPT] - Secure Contingency Prediction and Response for Cyber-Physical PowerPoint Presentation

SLIDE 1

Secure Contingency Prediction and Response for Cyber-Physical Systems

Erik Miehling, Cedric Langbort, Tamer Başar

Coordinated Science Lab University of Illinois at Urbana-Champaign Urbana, IL, 61820 CCTA 2020 — August 26, 2020

SLIDE 2

Some cyber-physical attacls…

Stuxnet (~2005-09)

Used a combination of exploits (including social

engineering atuacks and zero-days) to gain access to the computers responsible for re-programming PLCs

Ukrainian power grid hacl (2015)

Used spear-phishing atuacks (malicious emails) to

install malware that opened a backdoor on the substations’ computers, in turn facilitating recon atuacks and eventual remote access

Kemuri water company attacl (2016)

Exploited a vulnerability in the payment system to

gain access to the valve and flow control applications

Altered setuings for water flow and chemical levels

2

SLIDE 3

Primary ciallenges

Cyber-physical systems security shares all of the challenges of cyber-security…
Partial observability
Dynamic
Large-scale
Time-sensitivity
…as well as challenges due to the existence of the physical system
Cyber defenses are limited by operational requirements of the physical

system

Tie need to maintain accurate estimates and good control performance in

the presence of corrupted sensors and compromised actuators

3

SLIDE 4

4

Related work and contribution

Related work

Surveys: [Chaterji et al., ’19], [Zhu & Başar, ’15], [Lun et al., ’19], [Dibaji et al., ’19]
CPS atuack analysis: [Chen et al., ’11], [Davis et al., ’15], [Li et al., ’17]
Secure state estimation and control: [Zonouz et al., ’12], [Etigowni et al., ’16],

[Chang et al., ’18], [Barreto et al., ’13], [Fawzi et al., ’14]

Contribution

We propose a model, termed secure contingency prediction and response

(SCPR), that links the security status of the cyber network with the operational status of the physical system

First to use an atuack graph to define a state process on the cyber network for

the purposes of prescribing joint control of the cyber and physical processes

Atuack graph description allows one to reason over combinatorially many

atuack paths in the cyber network, enabling a granular view of the atuacker’s capabilities

SLIDE 5

Tie SCPR Model

estimator

dk ∈ D

<latexit sha1_base64="a0pi6Vsj7Iv0YB3FZEnMRHtSu8=">AKfHicfdbdctM4FABg87fQLsUuOQmbMvMzm7pJB1+bpkShgItLZBAZzCTkewTRxNJ9shym9TjZ+GWfaR9mZ2VEwnso+zmJmf0naMjKXZsmnGW617v70uXr1y9tP1Gxudn2/+8utzdt3PuZpoSIYRSlP1SklOXAmYaSZ5nCaKSCcvhEZ89r/3QGKmepHOpFBl8ESbsIhoMzTevLsdj2chk6EgehoRXg6q7fHmVm+3t/x0/aBvg63Afk7GtzfehXEaFQKkjJ8/9Xqa/lERpFnGoOp2wyCEj0YwkUCaKZFMWzXeo2CEirxtXrQzmC8EbQ9Clus0iyft0TxSMNcg46r7oDtJVZenZhNdQVTCZN5M/awKDvGOTBXwnF2AiUyZWSNPUsX0VOwBaijNfhTRy+VLOI9SIYiMy9Cg1FUZatO5PDquqjZzkRnk5ieICSK6Miq6/+GysGwCRKmAhFhdxe2E/WbC8ZoEUVCrAk8OmjgzIZ7YiLs49vFmBw0cYHzRwBcemo6m5aTrS2zqziBqFaOciS2eYEjopN4JUd0Ei65FMx6DZy8bK32JpzIG3qAdWpXMvXK3Aa9klcWXnQ7OQpE7aOYXntWr3G8qYx4RuMh812h57Stj4oV1eIqUKZR43EI4xvG/gW4lb+IknzbV5+r6B7z10k/qibB2lftmHZscPWHM7p7f5YaNq6KFkLR6XD70fL3PLzbBQJxRL7CTGAk4Ay8zJDItyorDMLcwxnFo4xbCwsPA2c2HlAkvh2hdYRo3DG2GMXFnknyg3hYWMQdWPxfWHm9Fi9UexnmHNHN6RQmsOj7P2FH6PtvTu9k9YVnuLiym65vFv6pcrdf1zJ3bGZzC+cYLqBa3fw9LHpqHhjopJZjaxO/n9baFLoatX8za1P2WylDm9IJB2BeOxQcmfM4zuqHdqr+MA9qlQgmq2UQ3g/r+P9SyfxHqolXT3T0LwxiDKGCZOsfmeqysGPuJXDwSyzKg+Xy2x31U5tEFLo1Sl3CzK3DvPv4fmJayPX7n84OPebv/R7uN3e1vP9u3r2I3gXvBb8HvQD54Gz4KD4CQYBVGwCL4G34K/Nv7pbHf+7DxcpV6+ZGvuBq1P58m/B+f3bA=</latexit>

sc

k

<latexit sha1_base64="aM+9gEqxQVEx3TbhfW/p1DBi3Ug=">AKbnicfZbdbtQ4FMfDxy7tLt8rLQ3CDFLQUKoW81UrPa2KkUaGmBGVqJYSvbOZOxk4i2mnjfIQ3MKT8Rb7COvM2JAcz25ucuTf/3z4xI5Nc8G16fW+Xrp85eoP15bWe38dP3nX27cvHX7vc4KxWDIMpGpY0o0CJ7C0HAj4DhXQCQVcESnT2t+dApK8ywdmPMcPkqSpHzMGTF26OiBPpn+zR6c3FzrbfTmTzc0+s5Yi9xzeHJr9c0ozlghITVMEK0/9Hu5+VgSZTgTUHU6o0JDTtiUJFAmiuQTzmbrVK4TqSUxk6olsIP6XNL2IOTaZHk8bo9qpmBmI2r7sPuOFNdkTEiupKohKe6Kf2gCgHxepopEJpfgLWsm61RJniZiI3ASVM7XwUMfPyUzhjmZQkjcuRhampypGxmcv9g6pqYyFzC4VtekwQogtGZfc/eFo4bA2EMgkJcXRhtwXbTcHBEoEsqKMSBwdDPLMmDmxJ/Y1sX8tPNmdBtzB8FkDPgugzWhTjrshia3fKbCWM9KMnfMYg4SO65kQ1U0wMTUxXMQsOeNSp/jkLu6QXcxnbhKJoGbn2Dg8sKBFwFoZgol86PY/LSp3qJyatGwFcY7jXT7QWUtunDcrFCrBdS7jeE+xi+bsDXGB76wg8D0qwtoG8b8G0AfdCQKOdHaej2rpnxHabaxQwmP2h4DQKY8hY+Kf8IPl7uy80xoZ5QTGJPYkzAE8Bk6skUE+WJwmTmwAyDYweOMTh34DyYzIUjF5gUPn2BybDRvCGzLuxsKPCOhZpDKo+CJc3N6fF4kexHMOSGEFLoRUjwHk7RJijzcPwPnpAeK79wuKm3izhqvK+QdZT37dTM4cOMPgAqrF5u9hYib2wECdmo8tFX7r1lIJXYy638xSyXZLMnCSzmgH7LVDwb7tx0FeH9qZemwPapVInlZzY/T7qLb/T0pm36XWXpz6NqG9McgyhjFPeX1Lqsqd73ZLI8CWZV781eLuHdVDpzRoixTmbBF2b3z9JtpL2F9fOUKjfebG/0nG3+2Vzb2nbXsZXoTnQ/ehT1o7+irWg3OoyGEYum0afoc/Rl9Z/Ob527nXsL6eVLzufXqPV0Hv0LxZzx7g=</latexit>

sp

t

<latexit sha1_base64="jNY/oiv5I2VEPmR/WUvkshLb8A=">AKbnicfZbdbtMwFMfD91a+QeIGIQoDCaExtROI2kMWBjA1o2icJkJ6epVTuJbGfrFuUhuIUn4y14BJzWhuS4kJsc+fc/Hz6xY9OM6U7nZ+nTp85e+78hYXF1sVLl69cvXb9xieV5jKEfpjyVO5ToCzBPqaQ7mQiKIc9On5R8b1DkIqlSU8fZ/BFkDhQxYSbYb2HqgD/TV7cHBtqbPSmT5t3+haYymwz+7B9cX3gygNcwGJDjlR6nO3k+kvBZGahRzKVmuQK8hIOCYxFLEk2YiFk2UqlolQguhR2RCYQXUsaHMQMqXTLBo2R1UoYaIhicr2w/YwlW2ehoS3BZExS1Rd+lnmHKLlJXAFTsBYxk3UyOPU8n0SKwCSpiY+Uip+UncBSmQpAkKgYGJrosBtpkLrZ3yrKJucgM5KbpEUGIzhgV7X/wJLfYGAilAmJi6cxuCtbrgp05ApFTSwUODpo4Zkwc2JDqG5m+Fut4shs1uIHhyxp86UGT0aQctn0SGb9DCBvOSDO0zkMYjqsZkJkO8ZEV0QzHoHXtUqfYVDbqoa3cR0ZCsZeW5ugp7Lawte6CeyaNMWD+GyRuX6g0mb2sB32K4VU+35VHapA+L2QoxXki5XRNuY/iuBt9huOsK3/VIvTaPfqjBDx50QX0irR+lvtvHesaPmCob05t8r+bV82DCGvigeOJ9vMyVm2FCHaGYRI5EmIAjgMnYkTEm0hGJycSCQb7FuxjcGzBsTeZE0tOMld+hyTfq15fQxD5xb6HeXGMU8ikNVBOL+5Gc1nP4r5GObE8FoKjRgezpoh/BxN7od30T3CMuUWFtPVZvFXlfP1sh6vh1icmTBEQYnUM42fwcTPTIHBurUdGyu8E+35krobNT+ZuZK1huSnpW0Bhtgrh0Stk0/drLq0E7lY3NQy1iwpJwag3uDyv6flEz+So09O/VNQnNjEUEQ5aw6pZUFht/7YaGgymzLamrwax7LoWaNBw1Sm3BRl9s6LP6a5hHXxlcs3Pq2udJ+uPHu/urS2bq9jC8Ht4H7wKOgGz4O1YDPYDfpBGIyDb8H34Mfir9at1p3W3Zn09CnrczNoPK1HvwGiK/IE</latexit>

{ek} ⊆ E

<latexit sha1_base64="Xu0E/28lR93F56HKOEy56BeqO8=">AKhnicfdbhb9M4FADwB3cyB3cuPt4QurdQDqhMbXTIb5OYxMDNjaghUkEVXbymlq1k5ztbN2ifOKvua/w1/Df4LQ2JM/l+qVP/r3nZ7tJE1pwpnS/nK1R9+vHb9p7Ub4c+/3Lz16/rt396ovJQxjOKc5/KUEgWcZTDSTHM4LSQTm8pbPHjb89A6lYng31RQHvBUkzNmEx0WZovH7nblTBeBbVkSqpAg3/RoLoaUx4tV/fHa9v9Lf6i0/PDwY2Ajs52R8+8bLKMnjUkCmY06UejfoF/p9RaRmMYc6DKNSQUHiGUmhSiUpiyeb1KxSYRqGtedBDOoLgTtDkKhdF4k+6oiXMNWRJ3bvXm+Syx3OziZ4gMmWZaqe+kyWHZDPLJXDFLsFEpsyskae5ZHoqtgE1zMx+JNGL5WdwHudCkCypIoOZrqtIm87V0XFd5mLwiA3P0ZCENGlUdH7jmelZRMgygWkxOoy7ibsthOVySIkloVeHLQxJkJ8cRG3MWxize718I9jPst3PfQdDQtJz1fElN3BnGnGOVMbPEQ0onzU6I7KVYdCOa8Q8e9Ja6RM85YFq6QHWqV3J1CtzG/RKnlp46kG7k6dM2DqG5Zlr9QzL89aEzEetsdekq7eq9aXiGmCmUetRKPML5o4QuMJ27hJ5601+bpqxa+8tBN6ou0dZT6Za/bHV9jVXZOb/PDVtXQw4x1eFw98H68wi23wEKdUCyJkwQLOAEsMyczLNKJxDK3MdwauEUw4WFC28zl1YusZSufYl1Dq8EcbYlcX+iXJTWGYJyOYBufpwC1ou/yhWM6yYwztS6MzhcdGdwu/RdX96N7snrFDuwmK6uVn8q8rVel3P3LmdYTm3cI7hEurlzd/HoqfmgYFOajG2MvHra1MoctR+zezMmW3kzK0KWG0B+a1Q8KROY/jonlo5/K+eVDLVLCsXgTRn1ET/18qmX9LNfHyqW8amjcGUSUwYRlr3p7qau9b3MnhYJZV4eLr47Y7oa2qCjcS5zbhZl7p3HX0PzEjbAr1x+8GZ7a/DP1sOX2xs7u/Z1bC34I/gr+DsYBI+CneAgOAlGQRx8CP4LPgafwrVwK3wYPlqmXr1ia34POp9w5wvjvfsY</latexit>

zk ∈ Z

<latexit sha1_base64="cA0GRzx+CMPpbS84fsU3pazXOzs=">AB/HicbVDLSsNAFL3xWesr2qWbYCu4KklRdFl047KCfWATwmQ6aYdOJmFmItRQf8WNC0Xc+iHu/BsnbRbaemDgcM693DMnSBiVyra/jZXVtfWNzdJWeXtnd2/fPDjsyDgVmLRxzGLRC5AkjHLSVlQx0ksEQVHASDcYX+d+94EISWN+pyYJ8SI05DSkGCkt+Wal9uiPXcrdCKkRiy7n9Z8s2rX7RmsZeIUpAoFWr75Q5inEaEK8yQlH3HTpSXIaEoZmRadlNJEoTHaEj6mnIUEels/BT60QrAyuMhX5cWTP190aGIiknUaAn84xy0cvF/7x+qsJL6M8SRXheH4oTJmlYitvwhpQbBiE0QFlRntfAICYSV7qusS3AWv7xMOo26c1Y/v21Um1dFHSU4gmM4BQcuoAk30I2YJjAM7zCm/FkvBjvxsd8dMUodirwB8bnD40mlLY=</latexit>

yτ ∈ Y

<latexit sha1_base64="9feF1LUh2iEUWdL+E0b+UlP8DY=">ACAXicbVBNS8NAEJ3Ur1q/ol4EL4ut4KkRdFj0YvHCvZDmlA27dLMJuxuhHrxr3jxoIhX/4U3/42bNgetPh4vDfDzLwg5kxpx/myCkvLK6trxfXSxubW9o69u9dSUSIJbZKIR7ITYEU5E7Spmea0E0uKw4DTdjC+yvz2PZWKReJWT2Lqh3go2IARrI3Usw8qk56ncYI8JpAXYj0imKd30rPLjtVZwb0l7g5KUORs/+9PoRSUIqNOFYqa7rxNpPsdSMcDoteYmiMSZjPKRdQwUOqfLT2QdTdGyUPhpE0pTQaKb+nEhxqNQkDExndqNa9DLxP6+b6MGFnzIRJ5oKMl80SDjSEcriQH0mKdF8YgmkplbERlhiYk2oZVMCO7iy39Jq1Z1T6tnN7Vy/TKPowiHcAQn4MI51OEaGtAEAg/wBC/waj1az9ab9T5vLVj5zD78gvXxDaQ4lmE=</latexit>

uτ ∈ U

<latexit sha1_base64="jx5wCzIHWsV4jpR8yHh+YFmpTo=">ACAXicbVDLSsNAFJ3UV62vqBvBzWAruCpJUXRZdOygmkLTQiT6aQdOpmEeQgl1I2/4saFIm79C3f+jdM2C209cOFwzr3ce0+UMSqV43xbpZXVtfWN8mZla3tnd8/eP2jLVAtMPJyVHQjJAmjnHiKka6mSAoiRjpRKObqd95IELSlN+rcUaCBA04jSlGykihfVToa+Qhj7l0E+QGmLEcm9SC+2qU3dmgMvELUgVFGiF9pfT7FOCFeYISl7rpOpIEdCUczIpOJrSTKER2hAeoZylBAZ5LMPJvDUKH0Yp8IUV3Cm/p7IUSLlOIlM5/RGuehNxf+8nlbxVZBTnmlFOJ4vijWDKoXTOGCfCoIVGxuCsKDmVoiHSCsTGgVE4K7+PIyaTfq7n94q5RbV4XcZTBMTgBZ8AFl6AJbkELeACDR/AMXsGb9WS9WO/Wx7y1ZBUzh+APrM8fl7iWQ=</latexit>

ˆ xτ ∈ X

<latexit sha1_base64="fRLCLsBwUKIkbCcX+rz2IYvFg=">ACBnicbVDLSgNBEJz1GeMr6lGEwUTwFHaDosegF48RzAOyIfROJsmQ2dlplcMS05e/BUvHhTx6jd482+cPA6aWNBQVHXT3RXEUh03W9naXldW09s5Hd3Nre2c3t7dMlGjGqySkW4EYLgUildRoOSNWHMIA8nrweB67NfvuTYiUnc4jHkrhJ4SXcEArdTOHRX8PiB9aPsICfWFon4I2Gcg08ao0M7l3aI7AV0k3ozkyQyVdu7L70QsCblCJsGYpufG2EpBo2CSj7J+YngMbA93rRUQchNK528MaInVunQbqRtKaQT9fdECqExwzCwneMbzbw3Fv/zmgl2L1upUHGCXLHpom4iKUZ0nAntCM0ZyqElwLSwt1LWBw0MbXJZG4I3/IiqZWK3lnx/LaUL1/N4siQ3JMTolHLkiZ3JAKqRJGHskzeSVvzpPz4rw7H9PWJWc2c0D+wPn8ASPymEo=</latexit>

cyber layer

security alerts cyber actions exploit activity

cyber network

IRS IDS cyber-physical coupling estimator controller physical system physical layer

state estimates sensor measurements physical actions

Cyber layer

Cyber network is described by a discrete

state evolving on

Intrusion response system (IRS) translates

security alerts from an intrusion detection system (IDS) to cyber actions Physical layer

Physical system is described by a

continuous state evolving on

State estimates and physical actions are

defined on a discrete (sampled) time-scale Cyber-physical system

Tie cyber-physical state at is

k = {0, 1, . . .}

<latexit sha1_base64="xv96SX2ys8PFiFMRhQ79ZeR3xYU=">AB+XicbVBNS8NAEN34WetX1KOXYBE8lJIRGEghePFewHNKFsNpt26WY37E4KJfSfePGgiFf/iTf/jds2B219MPB4b4aZeWHKmQbX/bW1jc2t7ZLO+Xdvf2DQ/vouK1lpghtEcml6oZYU84EbQEDTrupojgJOe2Eo/uZ3xlTpZkUTzBJaZDgWAxIxiM1Lft0Z2fu1Wv6vNIgvanfbvi1tw5nFXiFaSCjT79pcfSZIlVADhWOue56YQ5FgBI5xOy36maYrJCA9oz1CBE6qDfH751Dk3SuTEUpkS4MzV3xM5TrSeJKHpTDAM9bI3E/zehnEN0HORJoBFWSxKM64A9KZxeBETFECfGIJoqZWx0yxAoTMGVTQje8surpH1Z8+q1q8d6pXFbxFCp+gMXSAPXaMGekBN1EIEjdEzekVvVm69WO/Wx6J1zSpmTtAfWJ8/bEKS3g=</latexit>

sc

k

<latexit sha1_base64="PIkgOME25qTa/OvVtxf1APJZY=">AB7HicbVBNS8NAEJ3Ur1q/qh69LBbBU0mkongqePFYwX5AG8tmO2mXbjZhdyOU0N/gxYMiXv1B3vw3btsctPXBwO9GWbmBYng2rjut1NYW9/Y3Cpul3Z29/YPyodHLR2nimGTxSJWnYBqFxi03AjsJMopFEgsB2Mb2d+wmV5rF8MJME/YgOJQ85o8ZKTd0fP7J+ueJW3TnIKvFyUoEcjX75qzeIWRqhNExQrbuemxg/o8pwJnBa6qUaE8rGdIhdSyWNUPvZ/NgpObPKgISxsiUNmau/JzIaT2JAtsZUTPSy95M/M/rpia89jMuk9SgZItFYSqIicnsczLgCpkRE0soU9zeStiIKsqMzadkQ/CWX14lrYuqV6te3tcq9Zs8jiKcwCmcgwdXUIc7aEATGHB4hld4c6Tz4rw7H4vWgpPHMfOJ8/zWeOqg=</latexit>

sp

t

<latexit sha1_base64="qTXF3DObTKikIoxp/H1sOqYGyCk=">AB7HicbVBNS8NAEJ3Ur1q/qh69LBbBU0mkongqePFYwbSFNpbNdtMu3WzC7kQopb/BiwdFvPqDvPlv3LY5aOuDgcd7M8zMC1MpDLrut1NYW9/Y3Cpul3Z29/YPyodHTZNkmnGfJTLR7ZAaLoXiPgqUvJ1qTuNQ8lY4up35rSeujUjUA45THsR0oEQkGEUr+aHj2mvXHGr7hxklXg5qUCORq/81e0nLIu5QiapMR3PTGYUI2CST4tdTPDU8pGdMA7lioacxNM5sdOyZlV+iRKtC2FZK7+npjQ2JhxHNrOmOLQLHsz8T+vk2F0HUyESjPki0WRZkmJDZ56QvNGcox5ZQpoW9lbAh1ZShzadkQ/CWX14lzYuqV6te3tcq9Zs8jiKcwCmcgwdXUIc7aIAPDAQ8wyu8Ocp5cd6dj0VrwclnjuEPnM8f7tGOwA=</latexit>

t ∈ [0, ∞)

<latexit sha1_base64="DzfznRzjWNCtyAjYLELHdHgFuvE=">AB9XicbVBNS8NAEJ34WetX1aOXYBEUpCRSUTwVvHisYD8gjWz3bRLN5uwO1FK6P/w4kERr/4Xb/4bt20O2vpghsd7M+zsCxLBNTrOt7W0vLK6tl7YKG5ube/slvb2mzpOFWUNGotYtQOimeCSNZCjYO1EMRIFgrWC4c3Ebz0ypXks73GUMD8ifclDTgka6QE7XHrOmekhjk67pbJTcawF4mbkzLkqHdLX51eTNOISaSCaO25ToJ+RhRyKti42Ek1Swgdkj7zDJUkYtrPpleP7WOj9OwVqYk2lP190ZGIq1HUWAmI4IDPe9NxP8L8Xwys+4TFJks4eClNhY2xPIrB7XDGKYmQIoYqbW206IpQNEVTQju/JcXSfO84lYrF3fVcu06j6MAh3AEJ+DCJdTgFurQAoKnuEV3qwn68V6tz5mo0tWvnMAf2B9/gDaXpIT</latexit>

τ ∈ {0, 1, . . .}

<latexit sha1_base64="yTbwlg+qj8jDY2eS7a/Gpog4I8=">AB/nicbVBNS8NAEN34WetXVDx5CRbBQymJVBRPBS8eK9gPaELZbDbt0s1u2J0IJRT8K148KOLV3+HNf+O2zUFbHw83pthZl6YcqbBdb+tldW19Y3N0lZ5e2d3b98+OGxrmSlCW0Ryqboh1pQzQVvAgNuqihOQk474eh26nceqdJMigcYpzRI8ECwmBEMRurbxz7gzGfCz92qV/V5JEH7k75dcWvuDM4y8QpSQWafvLjyTJEiqAcKx1z3NTCHKsgBFOJ2U/0zTFZIQHtGeowAnVQT47f+KcGSVyYqlMCXBm6u+JHCdaj5PQdCYhnrRm4r/eb0M4usgZyLNgAoyXxRn3AHpTLNwIqYoAT42BPFzK0OGWKFCZjEyiYEb/HlZdK+qHn12uV9vdK4KeIoRN0is6Rh65QA92hJmohgnL0jF7Rm/VkvVjv1se8dcUqZo7QH1ifP58ulUE=</latexit>

(k, t)

<latexit sha1_base64="QNoF/Kp20imG5ofLHfkE4mHEX0=">AB7HicbVBNS8NAEJ3Ur1q/qh69BItQUoiFcVTwYvHCqYtKFstpt26WYTdidCf0NXjwo4tUf5M1/47bNQVsfDzem2FmXpAIrtFxvq3C2vrG5lZxu7Szu7d/UD48auk4VZR5NBax6gREM8El85CjYJ1EMRIFgrWD8d3Mbz8xpXksH3GSMD8iQ8lDTgkayauOL/C8X64NWcOe5W4OalAjma/NUbxDSNmEQqiNZd10nQz4hCTgWblnqpZgmhYzJkXUMliZj2s/mxU/vMKAM7jJUpifZc/T2RkUjrSRSYzojgSC97M/E/r5tieONnXCYpMkXi8JU2Bjbs8/tAVeMopgYQqji5labjogiFE0+JROCu/zyKmld1tx67eqhXmnc5nEU4QROoQouXEMD7qEJHlDg8Ayv8GZJ68V6tz4WrQUrnzmGP7A+fwDWYI4I</latexit>

sk,t = (sc

k, sp t )

<latexit sha1_base64="DGhd1l+5u9dVxJPc0bP4a+Fv3fw=">ACAHicbVDJSgNBEO2JW4zbqAcPXhqDECGEGYkoghDw4jGCWSDL0NPpJM309AzdNUIYcvFXvHhQxKuf4c2/sbMcNPFBweO9Kqrq+bHgGhzn28qsrK6tb2Q3c1vbO7t79v5BXUeJoqxGIxGpk80E1yGnAQrBkrRkJfsIYf3E78xiNTmkfyAUYx64RkIHmfUwJG8uwj7aVBEcb4Bhe0F3RpUXvQjc8O+UnCnwMnHnJI/mqHr2V7sX0SRkEqgWrdcJ4ZOShRwKtg41040iwkNyIC1DJUkZLqTh8Y41Oj9HA/UqYk4Kn6eyIlodaj0DedIYGhXvQm4n9eK4H+VSflMk6ASTpb1E8EhghP0sA9rhgFMTKEUMXNrZgOiSIUTGY5E4K7+PIyqZ+X3HLp4r6cr1zP48iY3SCshFl6iC7lAV1RBFY/SMXtGb9WS9WO/Wx6w1Y81nDtEfWJ8/IHaVcg=</latexit>

5

SLIDE 6

State Processes - Cyber State

Cyber state is quantified by an atuack graph1
Node set represents security conditions

and exploits

Relationships encoded by the directed edge set

describe how an atuacker uses security conditions to carry out exploits. Each exploit is associated with two sets:

In summary, the cyber state is where ,

security conditions exploits 1[Ammann et al., ’02], [Miehling et al., ’15/’18]

G = (N, R)

<latexit sha1_base64="EvXZivQzuPADVg07Buy60Sd5qJk=">ACEHicbVDLSsNAFJ3UV62vqEs3g0WsICWRiIBRe6kir2AW0ok+mkHTqZhJmJUEI+wY2/4saFIm5duvNvnLShaPXAwJlz7uXe9yQUaks68vIzc0vLC7lwsrq2vrG+bmVkMGkcCkjgMWiJaLJGUk7qipFWKAjyXUa7vAi9Zv3REga8Ds1Conjoz6nHsVIalr7nd8pAYsfgygewNP1eJ4dTfpscdM2iVbGgH+JnZEiyFDrmp+dXoAjn3CFGZKybVuhcmIkFMWMJIVOJEmI8BD1SVtTjnwinXh8UAL3tNKDXiD04wqO1Z8dMfKlHPmurkx3lLNeKv7ntSPlnTox5WGkCMeTQV7EoApgmg7sUGwYiNEBZU7wrxAmElc6woEOwZ0/+SxpHZbtSPr6pFKtnWRx5sAN2QnY4ARUwRWogTrA4AE8gRfwajwaz8ab8T4pzRlZzb4BePjGxaWnJw=</latexit>

N = C ∪ E

<latexit sha1_base64="MqIjfakqabYRy2nvsFlxvDOGpvE=">ACEXicbVDLSsNAFJ3UV62vqEs3g0XoqiRSUQShUARXUsE+oAlMp20QyeTMDMRSsgvuPFX3LhQxK07d/6NkzYUbT0wcO459zL3Hi9iVCrL+jYK6tr6xvFzdLW9s7unrl/0JZhLDBp4ZCFoushSRjlpKWoYqQbCYICj5GON25kfueBCElDfq8mEXEDNOTUpxgpLfXNihMgNcKIJbcpvILzqpE6OI7m5XaN8tW1ZoCLhM7J2WQo9k3v5xBiOAcIUZkrJnW5FyEyQUxYykJSeWJEJ4jIakpylHAZFuMr0ohSdaGUA/FPpxBafq74kEBVJOAk93ZivKRS8T/N6sfIv3ITyKFaE49lHfsygCmEWDxQbBiE0QFlTvCvEICYSVDrGkQ7AXT14m7dOqXaue3dXK9cs8jiI4AsegAmxwDurgBjRBC2DwCJ7BK3gznowX4934mLUWjHzmEPyB8fkD+VadvA=</latexit>

e ∈ E

<latexit sha1_base64="IzjHiSawvFUVGL5rWYyxLbn8Tw=">AB+XicbVDLSgMxFL1TX7W+Rl26CRbBVZkRXFVEMFlBfuATimZ9LYNzWSGJFMoQ/EjQtF3Pon7vwb03YW2nogcDjnXu7JCRPBtfG8b6ewtr6xuVXcLu3s7u0fuIdHDR2nimGdxSJWrZBqFxi3XAjsJUopFEosBmO7mZ+c4xK81g+mUmCnYgOJO9zRo2Vuq6LAZckiKgZMiqy+2nXLXsVbw6ySvyclCFHret+Bb2YpRFKwTVu17ielkVBnOBE5LQaoxoWxEB9i2VNIdSebJ5+SM6v0SD9W9klD5urvjYxGWk+i0E7OIuplbyb+57VT07/pZFwmqUHJFof6qSAmJrMaSI8rZEZMLKFMcZuVsCFVlBlbVsmW4C9/eZU0Lir+ZeXq8bJcvc3rKMIJnMI5+HANVXiAGtSBwRie4RXenMx5cd6dj8Vowcl3juEPnM8fWT6Tdg=</latexit>

C−(e) = {c ∈ C | ∃r = (c, e) ∈ R}

<latexit sha1_base64="0IHlhfTAX+JDnBYbD3WZkZvEpLs=">ACMXicbVDLSsNAFJ34tr6iLt0MFqGClkQqiAIblxWsa3QlDKZ3OjQySTMTMQS8ktu/BNx40IRt/6EkzaL+jgwcDjnXubc4yecKe04r9bU9Mzs3PzCYmVpeWV1zV7faKs4lRaNOaxvPGJAs4EtDTHG4SCSTyOXT8wXnhd+5BKhaLaz1MoBeRW8FCRok2Ut+8CKi7yjh2Xne36/BLj7FXkY9JiYML2IB9uDBxFYntboHuxOTlzlXt63q07dGQH/JW5JqhEs28/e0FM0wiEpwo1XWdRPcyIjWjHPKlypICB2QW+gaKkgEqpeNLs7xjlECHMbSPKHxSJ3cyEik1DyzWQRUv32CvE/r5vq8LiXMZGkGgQdfxSmHOsYF/XhgEmgmg8NIVQykxXTOyIJ1abkinB/X3yX9I+qLuN+uFlo3p2UtaxgLbQNqohFx2hM3SBmqiFKHpEL+gNvVtP1qv1YX2OR6escmcT/YD19Q2Sp6nb</latexit>

C+(e) = {c ∈ C | ∃r = (e, c) ∈ R}

<latexit sha1_base64="Rf0YpcPYi7kScmOezRhHbvjKeZs=">ACMXicbVDLSsNAFJ34tr6iLt0MFqGilEQqiAIblxWsa3QlDKZ3OjQySTMTMQS8ktu/BNx40IRt/6EkzaL+jgwcDjnXubc4yecKe04r9bU9Mzs3PzCYmVpeWV1zV7faKs4lRaNOaxvPGJAs4EtDTHG4SCSTyOXT8wXnhd+5BKhaLaz1MoBeRW8FCRok2Ut+8CKi7yjh2Xne36vBLj7FXkY9JiYML2IB9uDBxFYntZgn+5OTlzlXt63q07dGQH/JW5JqhEs28/e0FM0wiEpwo1XWdRPcyIjWjHPKlypICB2QW+gaKkgEqpeNLs7xjlECHMbSPKHxSJ3cyEik1DyzWQRUv32CvE/r5vq8LiXMZGkGgQdfxSmHOsYF/XhgEmgmg8NIVQykxXTOyIJ1abkinB/X3yX9I+qLuN+uFlo3p2UtaxgLbQNqohFx2hM3SBmqiFKHpEL+gNvVtP1qv1YX2OR6escmcT/YD19Q2PLanZ</latexit>

sc

k = (Gk, ck)

<latexit sha1_base64="4jH402T+5kDKrdZRkGARHdyEMcI=">ACBHicbVDLSsNAFJ3UV62vqMtuBotQUoiFUQCi50WcE+oI1hMp20QyaTMDMRSujCjb/ixoUibv0Id/6NkzYLbT1w4XDOvdx7jxczKpVlfRuFpeWV1bXiemljc2t7x9zda8soEZi0cMQi0fWQJIxy0lJUMdKNBUGhx0jHC64yv/NAhKQRv1PjmDghGnLqU4yUlyzLN3gHsNLWO2HSI0wYun1xA2OsRscuWbFqlTwEVi56QCcjRd86s/iHASEq4wQ1L2bCtWToqEopiRSamfSBIjHKAh6WnKUik06fmMBDrQygHwldXMGp+nsiRaGU49DTndmlct7LxP+8XqL8cyelPE4U4Xi2yE8YVBHMEoEDKghWbKwJwoLqWyEeIYGw0rmVdAj2/MuLpH1Ss+u109t6pXGRx1EZXAqsAGZ6ABbkATtAGj+AZvI348l4Md6Nj1lrwchn9sEfGJ8/ISGXHQ=</latexit>

Gk = (Ck ∪ Ek, Rk)

<latexit sha1_base64="3mMu0WQGxIe/4wASCZr8bza0jKE=">ACJ3icbZDbSsNAEIY39VTrKeqlN4tFqCAlkYoiKIUielnFHqAJYbPdtEs3B3Y3Qgl9G298FW8EFdFL38RNG4q2Diz80MO/O7EaNCGsaXltYXFpeya8W1tY3Nrf07Z2mCGOSQOHLORtFwnCaEAakpG2hEnyHcZabmDWlpvPRAuaBjcy2FEbB/1AupRjKRCjn5p+Uj2MWLJ9cgZwAtYmoKaAhaOoym4UuBomt2p7NDRi0bZGAecF2YmiCLuqO/Wt0Qxz4JGZIiI5pRNJOEJcUMzIqWLEgEcID1CMdJQPkE2En4ztH8ECRLvRCrl4g4Zj+nkiQL8TQd1VnuqWYraXwv1onlt6ZndAgiUJ8OQjL2ZQhjA1DXYpJ1iyoRIc6p2hbiPOMJSWVtQJpizJ8+L5nHZrJRPbivF6nlmRx7sgX1QAiY4BVwA+qgATB4BM/gDbxrT9qL9qF9TlpzWjazC/6E9v0DIJCmtg=</latexit>

ck ⊆ Ck

<latexit sha1_base64="vxNn4U29HlQ8CBWdo9QJjLWMKt0=">ACAnicbVBNS8NAEN3Ur1q/op7ES7AInkoiFcVToRePFewHNCFstpN2yWYTdzdCcWLf8WLB0W8+iu8+W/ctD1o64OBx3szMwLUkalsu1vo7Syura+Ud6sbG3v7O6Z+wcdmWSCQJskLBG9AEtglENbUcWglwrAcCgG0TNwu8+gJA04XdqnIX4yGnISVYack3j4gfuTILJCi4d2OsRgSzvDnxI9+s2jV7CmuZOHNSRXO0fPLHSQki4ErwrCUfcdOlZdjoShMKm4mYQUkwgPoa8pxzFIL5+MLFOtTKwkTo4sqaqr8nchxLOY4D3VkcKRe9QvzP62cqvPJytNMASezRWHGLJVYR7WgAogio01wURQfatFRlhgonRqFR2Cs/jyMumc15x67eK2Xm1cz+Mo2N0gs6Qgy5RA92gFmojgh7RM3pFb8aT8WK8Gx+z1pIxnzlEf2B8/gANSpfV</latexit>

R

<latexit sha1_base64="zl+gf2W4XOJqBX5K1QM6EoCGWw=">AB8nicbVDLSgMxFL1TX7W+qi7dBIvgqsxIRXFVcOyin3AdCiZNOGZpIhyQhl6Ge4caGIW7/GnX9jp2Fth4IHM65l5x7woQzbVz32ymtrW9sbpW3Kzu7e/sH1cOjpapIrRNJeqF2JNORO0bZjhtJcoiuOQ024uc397hNVmknxaKYJDWI8EixiBsr+f0YmzHBPHuYDao1t+7OgVaJV5AaFGgNql/9oSRpTIUhHGvte25igwrwins0o/1TBZIJH1LdU4JjqIJtHnqEzqwxRJV9wqC5+nsjw7HW0zi0k3lEvezl4n+en5roOsiYSFJDBVl8FKUcGYny+9GQKUoMn1qCiWI2KyJjrDAxtqWKLcFbPnmVdC7qXqN+ed+oNW+KOspwAqdwDh5cQRPuoAVtICDhGV7hzTHOi/PufCxGS06xcwx/4Hz+AIpTkWg=</latexit>

Note that the atuack graph structure may also evolve in time

6

SLIDE 7

State Processes - Physical State

Physical state is quantified by:
Physical components, , consisting of devices that directly interact with the

physical process (e.g., transmission lines, circuit breakers, buses, generators, loads, flow sensors)

Continuous state, , represents the physical state process (e.g., power flow)

P

<latexit sha1_base64="R3tuFGcMQNm0UGOF5xOIYPWtL1E=">AB8nicbVDLSsNAFL2pr1pfVZduBovgqiSiK4KblxWsA9oQ5lMJ+3QySTM3Agl9DPcuFDErV/jzr9x0mahrQcGDufcy5x7gkQKg67ZTW1jc2t8rblZ3dvf2D6uFR28SpZrzFYhnrbkANl0LxFgqUvJtoTqNA8k4wucv9zhPXRsTqEacJ9yM6UiIUjKVev2I4phRmTVng2rNrbtzkFXiFaQGBZqD6ld/GLM04gqZpMb0PDdBP6MaBZN8VumnhieUTeiI9yxVNOLGz+aRZ+TMKkMSxto+hWSu/t7IaGTMNArsZB7RLHu5+J/XSzG8TOhkhS5YouPwlQSjEl+PxkKzRnKqSWUaWGzEjamjK0LVsCd7yaukfVH3LutXD5e1xm1RxlO4BTOwYNraMA9NKEFDGJ4hld4c9B5cd6dj8VoySl2juEPnM8fh0mRZg=</latexit>

x

<latexit sha1_base64="K5gzXdhi3NcAyNrUoQNvwEFamA=">AB6HicbVDLSgNBEOyNrxhfUY9eBoPgKexKRPEU8OIxAfOAZAmzk95kzOzsMjMrhpAv8OJBEa9+kjf/xkmyB0saCiqunuChLBtXHdbye3tr6xuZXfLuzs7u0fFA+PmjpOFcMGi0Ws2gHVKLjEhuFGYDtRSKNAYCsY3c781iMqzWN5b8YJ+hEdSB5yRo2V6k+9Ysktu3OQVeJlpAQZar3iV7cfszRCaZigWnc8NzH+hCrDmcBpoZtqTCgb0QF2LJU0Qu1P5odOyZlV+iSMlS1pyFz9PTGhkdbjKLCdETVDvezNxP+8TmrCa3/CZIalGyxKEwFMTGZfU36XCEzYmwJZYrbWwkbUkWZsdkUbAje8surpHlR9irly3qlVL3J4sjDCZzCOXhwBVW4gxo0gAHCM7zCm/PgvDjvzseiNedkM8fwB87nD+ZpjPw=</latexit>

Tie status of the physical components may evolve in time, e.g., random failures,

malicious actions, or as part of maintaining the control objective

Tie state process evolves in time via physical actions and disturbances from the

environment, subject to the active physical components/structure

In summary, the state of the physical system is given by the pair

where is the current set of physical components and is the current physical state sp

t = (Pt, xt)

<latexit sha1_base64="eqIRVvDJbl+YyTlOzDCLaKZIVM=">ACBHicbVDLSgNBEJyNrxhfqx5zGQxCBAm7ElEIeDFYwTzgGRdZiezyZDZBzO9Ylhy8OKvePGgiFc/wpt/42ySgyYWNBRV3XR3ebHgCizr28gtLa+sruXCxubW9s75u5eU0WJpKxBIxHJtkcUEzxkDeAgWDuWjASeYC1veJX5rXsmFY/CWxjFzAlIP+Q+pwS05JpF5cJdjC9xuRsQGFAi0vrYheMHF45cs2RVrAnwIrFnpIRmqLvmV7cX0SRgIVBlOrYVgxOSiRwKti40E0Uiwkdkj7raBqSgCknTwxoda6WE/krpCwBP190RKAqVGgac7s0vVvJeJ/3mdBPxzJ+VhnAL6XSRnwgMEc4SwT0uGQUx0oRQyfWtmA6IJBR0bgUdgj3/8iJpnlTsauX0plqXcziyKMiOkBlZKMzVEPXqI4aiKJH9Ixe0ZvxZLwY78bHtDVnzGb20R8Ynz+N7Jdj</latexit>

xt ∈ X

<latexit sha1_base64="I5Yi7zop2MvTsjhPGeX4aJgxu48=">AB+nicbVDLSsNAFL2pr1pfqS7dDBbBVUlEUVwV3LisYB/QhjCZTtqhk0mYmagl9lPcuFDErV/izr9x0mahrQcGDufcyz1zgoQzpR3n2yqtrK6tb5Q3K1vbO7t7dnW/reJUEtoiMY9lN8CKciZoSzPNaTeRFEcBp51gfJ37nXsqFYvFnZ4k1IvwULCQEayN5NvVR1/3mehHWI8I5l36ts1p+7MgJaJW5AaFGj69ld/EJM0okITjpXquU6ivQxLzQin0o/VTBZIyHtGeowBFVXjaLPkXHRhmgMJbmCY1m6u+NDEdKTaLATOYR1aKXi/95vVSHl17GRJqKsj8UJhypGOU94AGTFKi+cQTCQzWREZYmJNm1VTAnu4peXSfu07p7Vz2/Pao2ro4yHMIRnIALF9CAG2hCwg8wDO8wpv1ZL1Y79bHfLRkFTsH8AfW5w/SUJRZ</latexit>

Pt ⊆ P

<latexit sha1_base64="aNmio5kN1Nxpa3M3lBXFP1nPLE=">ACnicbVA9SwNBEN2LXzF+nVranAbBKtxJRLEK2FhGMB+QHGFvM5cs2ftwd04IR2ob/4qNhSK2/gI7/417yRUx8cHA470ZuZ5seAKbfvHKysrq1vFDdLW9s7u3vm/kFTRYlk0GCRiGTbowoED6GBHAW0Ywk08AS0vNFN5rceQSoehfc4jsEN6CDkPmcUtdQzj7sBxSGjIq1PethViacA4WFeNct2xZ7CWiZOTsokR71nfnf7EUsCJEJqlTHsWN0UyqRMwGTUjdREFM2ogPoaBrSAJSbTl+ZWKda6Vt+JHWFaE3V+YmUBkqNA093ZieqRS8T/M6CfpXbsrDOEI2WyRnwgLIyvLxepzCQzFWBPKJNe3WmxIJWo0yvpEJzFl5dJ87ziVCsXd9Vy7TqPo0iOyAk5Iw65JDVyS+qkQRh5Ii/kjbwbz8ar8WF8zloLRj5zSP7A+PoFvYabjA=</latexit>

7

SLIDE 8

Cyber actions:

Tie IRS prescribes ,

Control Arciitecture

Control of the cyber-physical system is carried out on both the cyber and

physical layers k ∈ {0, 1, . . .}

<latexit sha1_base64="dtPBmrEzGH49KYMsfU9fFri2VU=">AB+3icbVBNS8NAEN34WetXrEcvwSJ4KCWRiuKp4MVjBfsBTSibzaZdutkNuxOxhP4VLx4U8eof8ea/cdvmoK0PBh7vzTAzL0w50+C639ba+sbm1nZp7y7t39waB9VOlpmitA2kVyqXog15UzQNjDgtJcqipOQ024vp353UeqNJPiASYpDRI8FCxmBIORBnZl7DPh527Nq/k8kqD96cCunV3DmeVeAWpogKtgf3lR5JkCRVAONa67kpBDlWwAin07KfaZpiMsZD2jdU4ITqIJ/fPnXOjBI5sVSmBDhz9fdEjhOtJ0loOhMI73szcT/vH4G8XWQM5FmQAVZLIoz7oB0ZkE4EVOUAJ8Ygoli5laHjLDCBExcZROCt/zyKulc1L1G/fK+UW3eFHGU0Ak6RefIQ1eoie5QC7URQU/oGb2iN2tqvVjv1seidc0qZo7RH1ifPzrnk+g=</latexit>

Physical (control) actions:

Tie controller specifies ,

dk ∈ D

<latexit sha1_base64="VAf/XuxQC0MU+adhbwIvh1KW+i4=">AB+nicbVDLSsNAFL2pr1pfqS7dBIvgqiSiK4KunBZwT6gCWEymbRDJ5MwM1FK7Ke4caGIW7/EnX/jpM1CWw8MHM65l3vmBCmjUtn2t1FZWV1b36hu1ra2d3b3zPp+VyaZwKSDE5aIfoAkYZSTjqKkX4qCIoDRnrB+Lrwew9ESJrwezVJiRejIacRxUhpyTfroT92KXdjpEYsfxm6psNu2nPYC0TpyQNKNH2zS83THAWE64wQ1IOHDtVXo6EopiRac3NJEkRHqMhGWjKUykl8+iT61jrYRWlAj9uLJm6u+NHMVSTuJATxYR5aJXiP95g0xFl15OeZopwvH8UJQxSyVW0YMVUkGwYhNEBZUZ7XwCAmElW6rpktwFr+8TLqnTeseX531mhdlXVU4RCO4AQcuIAW3EIbOoDhEZ7hFd6MJ+PFeDc+5qMVo9w5gD8wPn8AhjqUKA=</latexit>

uτ ∈ U

<latexit sha1_base64="lNgSXhBzWfyWC8cj6IumRXltWo=">AB/XicbVDLSsNAFJ3UV62v+Ni5GSyCq5JIRXFVcOygmkLTQiT6aQdOpmEeQg1FH/FjQtF3Pof7vwbJ20W2npg4HDOvdwzJ8oYlcpxvq3Kyura+kZ1s7a1vbO7Z+8fdGSqBSYeTlkqehGShFOPEUVI71MEJREjHSj8U3hdx+IkDTl92qSkSBQ05jipEyUmgf6dBXSPuU+wlSI4xY7k1Du+40nBngMnFLUgcl2qH95Q9SrBPCFWZIyr7rZCrIkVAUMzKt+VqSDOExGpK+oRwlRAb5LP0UnhplAONUmMcVnKm/N3KUSDlJIjNZRJSLXiH+5/W1iq+CnPJMK8Lx/FCsGVQpLKqAyoIVmxiCMKCmqwQj5BAWJnCaqYEd/HLy6Rz3nCbjYu7Zr1XdZRBcfgBJwBF1yCFrgFbeABDB7BM3gFb9aT9WK9Wx/z0YpV7hyCP7A+fwAd/pWj</latexit>

τ ∈ {0, 1, . . .}

<latexit sha1_base64="yTbwlg+qj8jDY2eS7a/Gpog4I8=">AB/nicbVBNS8NAEN34WetXVDx5CRbBQymJVBRPBS8eK9gPaELZbDbt0s1u2J0IJRT8K148KOLV3+HNf+O2zUFbHw83pthZl6YcqbBdb+tldW19Y3N0lZ5e2d3b98+OGxrmSlCW0Ryqboh1pQzQVvAgNuqihOQk474eh26nceqdJMigcYpzRI8ECwmBEMRurbxz7gzGfCz92qV/V5JEH7k75dcWvuDM4y8QpSQWafvLjyTJEiqAcKx1z3NTCHKsgBFOJ2U/0zTFZIQHtGeowAnVQT47f+KcGSVyYqlMCXBm6u+JHCdaj5PQdCYhnrRm4r/eb0M4usgZyLNgAoyXxRn3AHpTLNwIqYoAT42BPFzK0OGWKFCZjEyiYEb/HlZdK+qHn12uV9vdK4KeIoRN0is6Rh65QA92hJmohgnL0jF7Rm/VkvVjv1se8dcUqZo7QH1ifP58ulUE=</latexit>

Gk+1 = fG(Gk, ck, dk, vG

k )

ck+1 = fc(Gk, ck, dk, ukτ , vc

k)

<latexit sha1_base64="Hw576T/Yb79/3JIP8Hk3ErF7/c=">ACb3icdVHLSsNAFJ3EV62vWhcuKjJYFItSEqkoglBwocsKtgpNDZPbiQ6ZPJiZFErI1g905z+48Q+cPhatjwsXDue+5gzXsKZVJb1YZgLi0vLK4XV4tr6xuZWabvckXEqgLYh5rF48oiknEW0rZji9CkRlIQep49ecDOqPw6okCyOHtQwob2QvETMZ0CUptzSmxMS9QqEZ7e5mwUndo6PrHvZjN8fjwrCk5BZ1/nwA2e53Q1xynC7BT4pzPVItdRJM3HQ6DmlqpW3RoH/g3sKaiabTc0rvTjyENaSAEym7tpWoXkaEYsBpXnRSRMCAXmhXQ0jElLZy8Z+5fhQM3sx0JnpPCYne3ISCjlMPS0cnS+/FkbkX/VuqnyL3sZi5JU0Qgmi/yUYxXjkfm4zwQFxYcaEBM34rhlQgCSn9RUZtg/3zyb9A5q9uN+vl9o9q8mtpRQBV0gI6RjS5QE92hFmojQJ9G2agYe8aXuWvum3giNY1pzw6aC7P2DfNRu7Y=</latexit>

˙ Pt = gP(Gtk, ctk, Pt, xt, dtk, utτ , vP

t )

˙ xt = gx(Gtk, ctk, Pt, xt, utτ , vx

t )

<latexit sha1_base64="RFAHpZ8sEVusSM0tLDR1RlF6o=">ACtniclVFLSwMxEM6u7/qevQSLIpCKbs+UARB8KDHCtYH3RqyaVpDsw+SWlZ8hO9ePfmG0XUevFgWG+zDevzISpFBo878NxZ2bn5hcWlyrLK6tr69WNzXudZIrxFktkoh5DqrkUMW+BAMkfU8VpFEr+EA6uCv7hlSstkvgORinvRLQfi5gFKyLVN+CiMILozIPugngpiGA9y5wn+RfRNOY/a/HtSE5kIGps9J+CyNQH1rtlkxW2DwAmhlTfyXw/KPkQRBUxi2HNsxMeg7/1Weq/vCAVGtewxsLngZ+CWqolCapvtsZWBbxGJikWrd9L4VOThUIJrmpBJnmKWUD2udtC2Macd3Jx2s3eNd6uriXKsx4LH3e0ZOI61HUWgji+H1b65w/sW1M+idXIRpxnwmE0a9TKJIcHFDXFXKM5AjiygTAk7K2YvVFEG9tIVuwT/95enwf1hwz9unNwe1y7Py3Usom20g/aRj07RJbpBTdRCzDlynpzQYe6Z+xytz8JdZ0yZwv9EDf9BMdk2sM=</latexit>

Cyber-physical state evolves as a function of joint cyber-physical action (dk, uτ)

<latexit sha1_base64="jlvNGYLG/Qb9jpIP8dbgjyBjivI=">AB83icbVDJSgNBEK2JW4xb1KOXxiBEkDAjEcVTwIvHCGaBzD09PQkTXoWehHCkN/w4kERr/6MN/GTjIHTXxQ8Hiviqp6QcaZVLb9bZXW1jc2t8rblZ3dvf2D6uFRV6ZaENohKU9FP8CScpbQjmK034mKI4DTnvB+G7m956okCxNHtUko16MhwmLGMHKSG49McX2ncV1ud+tWY37DnQKnEKUoMCb/65Yp0TFNFOFYyoFjZ8rLsVCMcDqtuFrSDJMxHtKBoQmOqfTy+c1TdGaUEWpMJUoNFd/T+Q4lnISB6Yzxmokl72Z+J830Cq68XKWZFrRhCwWRZojlaJZAChkghLFJ4ZgIpi5FZERFpgoE1PFhOAsv7xKupcNp9m4emjWrdFHGU4gVOogwPX0IJ7aEMHCGTwDK/wZmnrxXq3PhatJauYOY/sD5/ACVukRc=</latexit>

)

<latexit sha1_base64="CRqrM6sEPHbTfBnbKZ0KUND+Y=">AB7nicbVBNS8NAEJ2tX7V+VT16WSyCp5JIRfFU9OKxgv2AJpTNdpMu3WzC7kYoT/CiwdFvPp7vPlv3LY5aOuDgcd7M8zMC1LBtXGcb1RaW9/Y3CpvV3Z29/YPqodHZ1kirI2TUSiegHRTHDJ2oYbwXqpYiQOBOsG47uZ31iSvNEPpJyvyYRJKHnBJjpa53y6PImw6qNafuzIFXiVuQGhRoDapf3jChWcykoYJo3Xed1Pg5UYZTwaYVL9MsJXRMIta3VJKYaT+fnzvFZ1YZ4jBRtqTBc/X3RE5irSdxYDtjYkZ62ZuJ/3n9zITXfs5lmhkm6WJRmAlsEjz7HQ+5YtSIiSWEKm5vxXREFKHGJlSxIbjL6+SzkXdbdQvHxq15k0RxlO4BTOwYUraMI9tKANFMbwDK/whlL0gt7Rx6K1hIqZY/gD9PkDJXePbg=</latexit>

)

<latexit sha1_base64="CRqrM6sEPHbTfBnbKZ0KUND+Y=">AB7nicbVBNS8NAEJ2tX7V+VT16WSyCp5JIRfFU9OKxgv2AJpTNdpMu3WzC7kYoT/CiwdFvPp7vPlv3LY5aOuDgcd7M8zMC1LBtXGcb1RaW9/Y3CpvV3Z29/YPqodHZ1kirI2TUSiegHRTHDJ2oYbwXqpYiQOBOsG47uZ31iSvNEPpJyvyYRJKHnBJjpa53y6PImw6qNafuzIFXiVuQGhRoDapf3jChWcykoYJo3Xed1Pg5UYZTwaYVL9MsJXRMIta3VJKYaT+fnzvFZ1YZ4jBRtqTBc/X3RE5irSdxYDtjYkZ62ZuJ/3n9zITXfs5lmhkm6WJRmAlsEjz7HQ+5YtSIiSWEKm5vxXREFKHGJlSxIbjL6+SzkXdbdQvHxq15k0RxlO4BTOwYUraMI9tKANFMbwDK/whlL0gt7Rx6K1hIqZY/gD9PkDJXePbg=</latexit>

updated cyber state, updated physical state, sc

k+1

<latexit sha1_base64="E0ucIh3rtCOWnK7IRjBY1UqSdOo=">AB8HicbVBNSwMxEJ2tX7V+VT16CRZBEMquVBRPBS8eK9gPadeSTbNtaJdkqxQlv4KLx4U8erP8ea/MdvuQVsfDzem2FmXhBzpo3rfjuFldW19Y3iZmlre2d3r7x/0NJRoghtkohHqhNgTmTtGmY4bQTK4pFwGk7GN9kfvuJKs0ieW8mMfUFHkoWMoKNlR50Px2fedNH0i9X3Ko7A1omXk4qkKPRL3/1BhFJBJWGcKx13Nj46dYGUY4nZ6iaYxJmM8pF1LJRZU+ns4Ck6scoAhZGyJQ2aqb8nUiy0nojAdgpsRnrRy8T/vG5iwis/ZTJODJVkvihMODIRyr5HA6YoMXxiCSaK2VsRGWGFibEZlWwI3uLy6R1XvVq1Yu7WqV+ncdRhCM4hlPw4BLqcAsNaAIBAc/wCm+Ocl6cd+dj3lpw8plD+APn8wduRJAm</latexit>

˙ sp

t

<latexit sha1_base64="YT18xLoQZP9Bn2iR1f8wYboWuA=">AB83icbVDLSgMxFL1TX7W+qi7dBIvgqsxIRXFVcOygn1AO5ZMmlDMzMhuSOUob/hxoUibv0Zd/6NaTsLbT0QOJxzD/fmBEoKg67RTW1jc2t4rbpZ3dvf2D8uFRySpZrzJEpnoTkANlyLmTRQoeUdpTqNA8nYwvp357SeujUjiB5wo7kd0GItQMIpW6vUGCRLTz3D6qPrlilt15yCrxMtJBXI0+uUvG2dpxGNkhrT9VyFfkY1Cib5tNRLDVeUjemQdy2NacSNn81vnpIzqwxImGj7YiRz9Xcio5ExkyiwkxHFkVn2ZuJ/XjfF8NrPRKxS5DFbLApTSTAhswLIQGjOUE4soUwLeythI6opQ1tTyZbgLX95lbQuql6tenlfq9Rv8jqKcAKncA4eXEd7qABTWCg4Ble4c1JnRfn3flYjBacPHMf+B8/gAqdpHB</latexit>

8

SLIDE 9

Cyber-physical coupling

Set of physical components with each cyber action that

become disabled as a result of the cyber action

Each condition is associated with a set of physical components

such that if atuacker enables then it gains control over P(c) ⊆ P

<latexit sha1_base64="zlNbwaeAIRvaUFeGsEunBeP2+Xw=">AC3icbVDLSsNAFJ3UV62vqEs3Q4tQNyWRiuKq4MZlBfuAJpTJ9KYdOnk4MxFK6N6Nv+LGhSJu/QF3/o2TNovaeuDC4Zx7ufceL+ZMKsv6MQpr6xubW8Xt0s7u3v6BeXjUlEiKLRoxCPR9YgEzkJoKaY4dGMBJPA4dLzxTeZ3HkFIFoX3ahKDG5BhyHxGidJS3yw7AVEjSnjanFbpmSMT4KChwW5b1asmjUDXiV2TioR7NvfjuDiCYBhIpyImXPtmLlpkQoRjlMS04iISZ0TIbQ0zQkAUg3nf0yxadaGWA/ErpChWfq4kRKAikngac7sxPlspeJ/3m9RPlXbsrCOFEQ0vkiP+FYRTgLBg+YAKr4RBNCBdO3YjoiglCl4yvpEOzl1dJ+7xm12sXd/VK4zqPo4hOUBlVkY0uUQPdoiZqIYqe0At6Q+/Gs/FqfBif89aCkc8coz8wvn4BtjObdw=</latexit>

P(d) ⊆ P

<latexit sha1_base64="AknhP/0O7WXxbm+IvnIekbT8ekE=">AC3icbVBNS8NAEN3Ur1q/oh69hBahXkoiFcVTwYvHCvYD2lA2m0m7dLOJuxuhN69+Fe8eFDEq3/Am/GTZtDbX0w8Hhvhpl5XsyoVLb9YxTW1jc2t4rbpZ3dvf0D8/CoLaNEGiRiEWi62EJjHJoKaoYdGMBOPQYdLzxTeZ3HkFIGvF7NYnBDfGQ04ASrLQ0Mv9EKsRwSxtTqv+WV8mngQFDwvywKzYNXsGa5U4OamgHM2B+d3I5KEwBVhWMqeY8fKTbFQlDCYlvqJhBiTMR5CT1OQ5BuOvtlap1qxbeCSOjiypqpixMpDqWchJ7uzE6Uy14m/uf1EhVcuSnlcaKAk/miIGWiqwsGMunAohiE0wEVTfapERFpgoHV9Jh+Asv7xK2uc1p167uKtXGtd5HEV0gsqoihx0iRroFjVRCxH0hF7QG3o3no1X48P4nLcWjHzmGP2B8fULt8ybeA=</latexit>

d ∈ D

<latexit sha1_base64="hbFZEdoZlxiIpOBg2bKr0MN5qU=">AB+HicbVDLSsNAFL2pr1ofjbp0M1gEVyWRiuKqoAuXFewDmlAmk2k7dDIJMxOhn6JGxeKuPVT3Pk3TtostPXAwOGce7lnTpBwprTjfFultfWNza3ydmVnd2+/ah8cdlScSkLbJOax7AVYUc4EbWumOe0lkuIo4LQbTG5yv/tIpWKxeNDThPoRHgk2ZARrIw3saugx4UVYjwnm2e1sYNecujMHWiVuQWpQoDWwv7wJmlEhSYcK9V3nUT7GZaEU5nFS9VNMFkgke0b6jAEV+Ng8+Q6dGCdEwluYJjebq740MR0pNo8BM5hHVspeL/3n9VA+v/IyJNVUkMWhYcqRjlHeAgqZpETzqSGYSGayIjLGEhNtuqYEtzlL6+SzndbdQv7hu15nVRxmO4QTOwIVLaMIdtKANBFJ4hld4s56sF+vd+liMlqxi5wj+wPr8Af2Bk0o=</latexit>

c ∈ C

<latexit sha1_base64="p3Qy+nLCxk/GEdcml60BYeMYmNA=">AB+HicbVDLSsNAFL2pr1ofjbp0M1gEVyWRiuKq0I3LCvYBTSiT6aQdOpmEmYlQ7/EjQtF3Pop7vwbJ20W2npg4HDOvdwzJ0g4U9pxvq3SxubW9k5t7K3f3BYtY+OuypOJaEdEvNY9gOsKGeCdjTnPYTSXEUcNoLpq3c7z1SqVgsHvQsoX6Ex4KFjGBtpKFdJR4TXoT1hGCeteZDu+bUnQXQOnELUoMC7aH95Y1ikZUaMKxUgPXSbSfYakZ4XRe8VJFE0ymeEwHhgocUeVni+BzdG6UEQpjaZ7QaKH+3shwpNQsCsxkHlGtern4nzdIdXjZ0wkqaCLA+FKUc6RnkLaMQkJZrPDMFEMpMVkQmWmGjTVcWU4K5+eZ10L+tuo35136g1b4s6ynAKZ3ABLlxDE+6gDR0gkMIzvMKb9WS9WO/Wx3K0ZBU7J/AH1ucP+mqTSA=</latexit>

c

<latexit sha1_base64="0PqcIjB917PsecphRJepwq7ovqU=">AB6HicbVBNS8NAEJ3Ur1q/qh69LBbBU0mkongqePHYgq2FNpTNdtKu3WzC7kYob/AiwdFvPqTvPlv3LY5aOuDgcd7M8zMCxLBtXHdb6ewtr6xuVXcLu3s7u0flA+P2jpOFcMWi0WsOgHVKLjEluFGYCdRSKNA4EMwvp35D0+oNI/lvZk6Ed0KHnIGTVWarJ+ueJW3TnIKvFyUoEcjX75qzeIWRqhNExQrbuemxg/o8pwJnBa6qUaE8rGdIhdSyWNUPvZ/NApObPKgISxsiUNmau/JzIaT2JAtsZUTPSy95M/M/rpia89jMuk9SgZItFYSqIicnsazLgCpkRE0soU9zeStiIKsqMzaZkQ/CWX14l7YuqV6teNmuV+k0eRxFO4BTOwYMrqMdNKAFDBCe4RXenEfnxXl3PhatBSefOY/cD5/AMaVjOc=</latexit>

9

SLIDE 10

Information Structure

Note that the decision maker does not possess perfect knowledge of the

underlying cyber-physical state, instead it receives the following information:

In summary,
Tie available information at time is

zk = h(sc

k, dk, ukτ , wc k)

yτ = l(sp

τt, dτk, uτ, wp τ)

<latexit sha1_base64="kBGAd2Th7dpygDWJmQ1u5ys9YA=">ACRHicbVDLSgMxFM34rPVdekmWBQLpcxIRGEghuXClaFThsyaWrDZB4kd5Q6zMe58QPc+QVuXCjiVsy0Xaj1Qsi57DTY4XS6HBtp+tqemZ2bn5wkJxcWl5ZbW0tn6po0Qx3mSRjNS1RzWXIuRNECD5daw4DTzJrz/J9f3XKlRewCDm7YDehKInGAVDkVLrnvh45xj3dzXxO6zaJX41IalPXKBJVr3LyYrFgdDIldKo0zhkDWiY1h1PiZ8eXIePKrE1dIqWzX7GHhSeCMQRmN64yUntxuxJKAh8Ak1brl2DG0U6pAMmzoptoHlPm0xveMjCkAdftdBhChrcN08W9SJkTAh6yPx0pDbQeBJ5RBhT6+u8sJ/+btRLoHbZTEcYJ8JCNFvUSiSHCeaK4KxRnIAcGUKaEeStmfaoA5N70YTg/P3yJLjcqzn12v5vdw4GsdRQJtoC+0iBx2gBjpFZ6iJGHpAL+gNvVuP1qv1YX2OpFPW2LOBfpX19Q3turDr</latexit>

Ik,τ = {d0:k−1, u0:τ−1, z1:k, y1:τ}

<latexit sha1_base64="CHCrSdO9o2yqtB5pkpV0PROx+c=">ACI3icbVDLSsNAFJ3UV62vqEs3g0VwUsiFSUgFNzoroJ9QFPCZDJph0wezEyEGvIvbvwVNy6U4saF/+Kk7UJbLwxz5pxzuXOPmzAqpGF8aWV1bX1jfJmZWt7Z3dP3z/oiDjlmLRxzGLec5EgjEakLalkpJdwgkKXka4b3BR695FwQePoQY4TMgjRMKI+xUgqytGtOycLarZEaQ6voZ15TmZYwZmZ19ICFULxeHIy0wry2ri4p247d/SqUTemBZeBOQdVMK+Wo09sL8ZpSCKJGRKibxqJHGSIS4oZySt2KkiCcICGpK9ghEIiBtl0xyeKMaDfszViScsr87MhQKMQ5d5QyRHIlFrSD/0/qp9K8GY2SVJIzwb5KYMyhkVg0KOcYMnGCiDMqforxCPEZYq1oKwVxceRl0zutmo35x36g2rXkcZXAEjsEpMElaIJb0AJtgMEzeAXv4EN70d60ifY5s5a0ec8h+FPa9w/VDKMt</latexit>

yτ ∈ Y

<latexit sha1_base64="YflARzPDktE064koXsbVWsiFg=">AB/XicbVDLSsNAFJ34rPUVHzs3wSK4KolUFcFNy4r2Ic0IdxMJ+3QySTMTIQYir/ixoUibv0Pd/6NkzYLbT0wcDjnXu6ZEySMSmXb38bS8srq2nplo7q5tb2za+7td2ScCkzaOGax6AUgCaOctBVjPQSQSAKGOkG4+vC7z4QIWnM71SWEC+CIachxaC05JuHme8qSF3K3QjUCAPL7ye+WbPr9hTWInFKUkMlWr75Q5inEaEK8xAyr5jJ8rLQSiKGZlU3VSBPAYhqSvKYeISC+fp9YJ1oZWGEs9OPKmq/N3KIpMyiQE8WEeW8V4j/ef1UhZdeTnmSKsLx7FCYMkvFVlGFNaCYMUyTQALqrNaeAQCsNKFVXUJzvyXF0nrO406ue3jVrzqyjgo7QMTpFDrpATXSDWqiNMHpEz+gVvRlPxovxbnzMRpeMcucA/YHx+QMqbpWr</latexit>

Physical layer:

Physical sensors yield noisy measurements at each time τ

<latexit sha1_base64="+6swQ5ckM2qDU+Ho9BzsBvaV5gU=">AB63icbVBNS8NAEJ3Ur1q/qh69LBbBU0lEUTwVvHisYD+gDWz3bRLdzdhdyKU0L/gxYMiXv1D3vw3Jm0O2vpg4PHeDPzglgKi67ZTW1jc2t8rblZ3dvf2D6uFR20aJYbzFIhmZbkAtl0LzFgqUvBsbTlUgeSeY3OV+54kbKyL9iNOY+4qOtAgFo5hLfaTJoFpz6+4cZJV4BalBgeag+tUfRixRXCOT1Nqe58bop9SgYJLPKv3E8piyCR3xXkY1Vdz6fzWGTnLlCEJI5OVRjJXf0+kVFk7VUHWqSiO7bKXi/95vQTDGz8VOk6Qa7ZYFCaSYETyx8lQGM5QTjNCmRHZrYSNqaEMs3gqWQje8surpH1R9y7rVw+XtcZtEUcZTuAUzsGDa2jAPTShBQzG8Ayv8OYo58V5dz4WrSWnmDmGP3A+fwAhXY5I</latexit>

10

Cyber layer:

Each exploit , when atuempted, generates a set of security alerts
Each alert is also associated with a probability of false alarm
Set of security alerts at each time is a binary vector

ei ∈ E

<latexit sha1_base64="7BgWCIFpVmp+6LXb9QnBiG+PBuA=">AB+nicbVDLSsNAFL2pr1pfqS7dDBbBVUlEUVwVRHBZwT6gCWEynbZDJ5MwM1FK7Ke4caGIW7/EnX/jpM1CWw8MHM65l3vmhAlnSjvOt1VaWV1b3yhvVra2d3b37Op+W8WpJLRFYh7LbogV5UzQlma024iKY5CTjvh+Dr3Ow9UKhaLez1JqB/hoWADRrA2UmBXacA8JrwI6xHBPLuZBnbNqTszoGXiFqQGBZqB/eX1Y5JGVGjCsVI910m0n2GpGeF0WvFSRNMxnhIe4YKHFHlZ7PoU3RslD4axNI8odFM/b2R4UipSRSayTyiWvRy8T+vl+rBpZ8xkaSaCjI/NEg50jHKe0B9JinRfGIJpKZrIiMsMREm7YqpgR38cvLpH1ad8/q53dntcZVUcZDuEITsCFC2jALTShBQe4Rle4c16sl6sd+tjPlqyip0D+APr8weGL5Qo</latexit>

δij

<latexit sha1_base64="270QlG/yX8aJSOmngXNMrCHJTPI=">AB8nicbVBNS8NAEN3Ur1q/qh69LBbBU0mkongqePFYwX5AGspms2nXbnbD7kQoT/DiwdFvPprvPlv3LY5aOuDgcd7M8zMC1PBDbjut1NaW9/Y3CpvV3Z29/YPqodHaMyTVmbKqF0LySGCS5ZGzgI1ks1I0koWDc38787hPThiv5AJOUBQkZSh5zSsBKfj9iAsg54/TQbXm1t058CrxClJDBVqD6lc/UjRLmAQqiDG+56YQ5EQDp4JNK/3MsJTQMRky31JEmaCfH7yFJ9ZJcKx0rYk4Ln6eyIniTGTJLSdCYGRWfZm4n+en0F8HeRcphkwSReL4kxgUHj2P464ZhTExBJCNbe3YjoimlCwKVsCN7y6ukc1H3GvXL+0ateVPEUYn6BSdIw9doSa6Qy3URhQp9Ixe0ZsDzovz7nwsWktOMXOM/sD5/AGigZF4</latexit>

ζj

<latexit sha1_base64="a8Og1CqiUuGx1nqIB5OeGU7ERNg=">AB7nicbVBNS8NAEJ3Ur1q/qh69LBbBU0lEUTwVvHisYD+gDWz3bRrN5uwOxFq6I/w4kERr/4eb/4bt20O2vpg4PHeDPzgkQKg67RWVtfWN4qbpa3tnd298v5B08SpZrzBYhnrdkANl0LxBgqUvJ1oTqNA8lYwupn6rUeujYjVPY4T7kd0oEQoGEUrtbpPHGnvoVeuFV3BrJMvJxUIEe9V/7q9mOWRlwhk9SYjucm6GdUo2CST0rd1PCEshEd8I6likbc+Nns3Ak5sUqfhLG2pZDM1N8TGY2MGUeB7YwoDs2iNxX/8zophld+JlSIldsvihMJcGYTH8nfaE5Qzm2hDIt7K2EDamDG1CJRuCt/jyMmeVb3z6sXdeaV2ncdRhCM4hlPw4BJqcAt1aACDETzDK7w5ifPivDsf89aCk8cwh84nz9nyY+Z</latexit>

zk ∈ Z = {0, 1}|A|

<latexit sha1_base64="d0i9i/TcSzCPzaV5412oC1WABE=">ACFHicbVDLSsNAFJ34rPUVdelmsAiCUhKpKIJQceOygn1gE8tkOm2HTiZhZiLUNB/hxl9x40IRty7c+TdO2iDaeuDC4Zx7ufceL2RUKsv6MmZm5+YXFnNL+eWV1bV1c2OzJoNIYFLFAQtEw0OSMpJVHFSCMUBPkeI3Wvf5H69TsiJA34tRqExPVRl9MOxUhpqWXu37f6DuWOj1QPIxbfJPAMOrF1YDvJbTz80c+TYdIyC1bRGgFOEzsjBZCh0jI/nXaAI59whRmSsmlboXJjJBTFjCR5J5IkRLiPuqSpKUc+kW48eiqBu1pw04gdHEFR+rviRj5Ug58T3emR8pJLxX/85qR6py4MeVhpAjH40WdiEVwDQh2KaCYMUGmiAsqL4V4h4SCudY16HYE+PE1qh0W7VDy6KhXKp1kcObANdsAesMExKINLUAFVgMEDeAIv4NV4NJ6N+N93DpjZDNb4A+Mj28J4J7P</latexit>

according to probability of detection aj ∈ A(ei) ⊆ A

<latexit sha1_base64="Gt89gQXbMukyKM9WiS8mOAKGS64=">ACE3icbVBNS8NAEN3Ur1q/oh69BItQPZREKoqnihePFewHNCFstN27WYTdzdCf0PXvwrXjwo4tWLN/+Nm7aH2vpg4PHeDPzgphRqWz7x8gtLa+sruXCxubW9s75u5eQ0aJIFAnEYtEK8ASGOVQV1QxaMUCcBgwaAaD68xvPoKQNOJ3ahiDF+Iep1KsNKSb5g/96l3A2x6hPM0qtRCXx67MokKDgYcbwzaJdtsewFokzJU0Rc03v91ORJIQuCIMS9l27Fh5KRaKEgajgptIiDEZ4B60NeU4BOml459G1pFWOlY3Erq4sbq7ESKQymHYaA7sxPlvJeJ/3ntRHUvJTyOFHAyWRN2GWiqwsIKtDBRDFhpgIqi+1SJ9LDBROsaCDsGZf3mRNE7LTqV8dlspVi+nceTRATpEJeSgc1RFN6iG6oigJ/SC3tC78Wy8Gh/G56Q1Z0xn9tEfGF+/7te0A=</latexit>

k

<latexit sha1_base64="msn6esVYwszrvrzwWPCyKfhJN8Y=">AB6HicbVBNS8NAEJ3Ur1q/qh69LBbBU0mkongqePHYgq2FNpTNdtKu3WzC7kYob/AiwdFvPqTvPlv3LY5aOuDgcd7M8zMCxLBtXHdb6ewtr6xuVXcLu3s7u0flA+P2jpOFcMWi0WsOgHVKLjEluFGYCdRSKNA4EMwvp35D0+oNI/lvZk6Ed0KHnIGTVWao75Ypbdecgq8TLSQVyNPrlr94gZmE0jBte56bmL8jCrDmcBpqZdqTCgb0yF2LZU0Qu1n80On5MwqAxLGypY0ZK7+nshopPUkCmxnRM1IL3sz8T+vm5rw2s+4TFKDki0WhakgJiazr8mAK2RGTCyhTHF7K2EjqigzNpuSDcFbfnmVtC+qXq162axV6jd5HEU4gVM4Bw+uoA530IAWMEB4hld4cx6dF+fd+Vi0Fpx85hj+wPn8AdK1jO8=</latexit>

aj

<latexit sha1_base64="iWpt7Iw8W5feu78vOzusV4mY/gc=">AB6nicbVBNS8NAEJ3Ur1q/qh69LBbBU0lEUTwVvHisaD+gDWz3bRrN5uwOxFK6E/w4kERr/4ib/4bt20O2vpg4PHeDPzgkQKg67RWVtfWN4qbpa3tnd298v5B08SpZrzBYhnrdkANl0LxBgqUvJ1oTqNA8lYwupn6rSeujYjVA4T7kd0oEQoGEUr3dPeY69cavuDGSZeDmpQI56r/zV7csjbhCJqkxHc9N0M+oRsEkn5S6qeEJZSM64B1LFY248bPZqRNyYpU+CWNtSyGZqb8nMhoZM4C2xlRHJpFbyr+53VSDK/8TKgkRa7YfFGYSoIxmf5N+kJzhnJsCWVa2FsJG1JNGdp0SjYEb/HlZdI8q3rn1Yu780rtOo+jCEdwDKfgwSXU4Bbq0AGA3iGV3hzpPivDsf89aCk8cwh84nz8/Oo3C</latexit>

SLIDE 11

Fixed atuack graph: for all
Partially observable spreading dynamics:
Atuack and success probabilities,
Detection and false alarm probabilities, ;
Cyber state:
Defense actions: blocks exploits
In summary,

Control-Aware Intrusion Response

We propose a variant of intrusion response relevant to cyber-physical systems,

termed control-aware intrusion response, in which cyber actions are chosen to maintain the structural controllability of the physical system Gk = (C ∪ E, R)

<latexit sha1_base64="web9TdRNDJ5msMUsSB/zEDstMo=">ACIXicbVDLSsNAFJ3UV62vqEs3g0WoICWRikUQCkV0WcU+oAlhMp2QycPZiZCfkVN/6KGxeKdCf+jJM2FG09MHDmnHu59x43ZFRIw/jSciura+sb+c3C1vbO7p6+f9ASQcQxaeKABbzjIkEY9UlTUslIJ+QEeS4jbXdUT/32E+GCBv6jHIfE9tDAp32KkVSo1ctD8khRiy+TZwRvIaluVBPLByF8+9NcjbnD8mpoxeNsjEFXCZmRogQ8PRJ1YvwJFHfIkZEqJrGqG0Y8QlxYwkBSsSJER4hAakq6iPCLseHphAk+U0oP9gKvnSzhVf3fEyBNi7LmqMt1RLHqp+J/XjWS/asfUDyNJfDwb1I8YlAFM4I9ygmWbKwIwpyqXSEeIo6wVKEWVAjm4snLpHVeNivli/tKsXaVxZEHR+AYlIAJLkEN3IEGaAIMnsEreAcf2ov2pn1qk1lpTst6DsEfaN8/IlqkHA=</latexit>

k ∈ {0, 1, . . .}

<latexit sha1_base64="dtPBmrEzGH49KYMsfU9fFri2VU=">AB+3icbVBNS8NAEN34WetXrEcvwSJ4KCWRiuKp4MVjBfsBTSibzaZdutkNuxOxhP4VLx4U8eof8ea/cdvmoK0PBh7vzTAzL0w50+C639ba+sbm1nZp7y7t39waB9VOlpmitA2kVyqXog15UzQNjDgtJcqipOQ024vp353UeqNJPiASYpDRI8FCxmBIORBnZl7DPh527Nq/k8kqD96cCunV3DmeVeAWpogKtgf3lR5JkCRVAONa67kpBDlWwAin07KfaZpiMsZD2jdU4ITqIJ/fPnXOjBI5sVSmBDhz9fdEjhOtJ0loOhMI73szcT/vH4G8XWQM5FmQAVZLIoz7oB0ZkE4EVOUAJ8Ygoli5laHjLDCBExcZROCt/zyKulc1L1G/fK+UW3eFHGU0Ak6RefIQ1eoie5QC7URQU/oGb2iN2tqvVjv1seidc0qZo7RH1ifPzrnk+g=</latexit>

sc

k = ck ⊆ C

<latexit sha1_base64="2voIcp0VY5CBUBOik2NYReZN0Rs=">ACnicbVDLSsNAFJ3UV62vqEs3o0VwVRKpKIJQ6MZlBfuANobJ9LYdMnk4MxFK6NqNv+LGhSJu/QJ3/o2TNgtPXDhcM693HuPF3MmlWV9G4Wl5ZXVteJ6aWNza3vH3N1rySgRFJo04pHoeEQCZyE0FVMcOrEAEngc2p5fz/z2AwjJovBWjWNwAjIM2YBRorTkmofS9e8ovsLU9XFPJp4EBfe4FxA1oSn9Ylrlq2KNQVeJHZOyihHwzW/ev2IJgGEinIiZde2YuWkRChGOUxKvURCTKhPhtDVNCQBSCedvjLBx1rp40EkdIUKT9XfEykJpBwHnu7MTpTzXib+53UTNbhwUhbGiYKQzhYNEo5VhLNcJ8JoIqPNSFUMH0rpiMiCFU6vZIOwZ5/eZG0Tit2tXJ2Uy3XLvM4iugAHaETZKNzVEPXqIGaiKJH9Ixe0ZvxZLwY78bHrLVg5DP76A+Mzx9oKJoW</latexit>

ζj, aj ∈ A

<latexit sha1_base64="mALwGTXxrcsw5pZI0CvRdtDWE=">ACBHicbVDLSsNAFL3xWesr6rKbYBFclJIRXFVceOygn1AE8JkOm3HTiZhZiLU0IUbf8WNC0Xc+hHu/BsnbRbaemCGwzn3cu89QcyoVLb9bSwtr6yurRc2iptb2zu75t5+S0aJwKSJIxaJToAkYZSTpqKkU4sCAoDRtrB6Crz2/dESBrxWzWOiReiAad9ipHSkm+W3AeikH9XcSv6dyl3Q6SGLH0cuKbZbtqT2EtEicnZcjR8M0vtxfhJCRcYak7Dp2rLwUCUxI5Oim0gSIzxCA9LVlKOQSC+dHjGxjrTSs/qR0I8ra6r+7khRKOU4DHRltqKc9zLxP6+bqP65l1IeJ4pwPBvUT5ilIitLxOpRQbBiY0QFlTvauEhEgrnVtRh+DMn7xIWidVp1Y9vamV6xd5HAUowSEcgwNnUIdraEATMDzCM7zCm/FkvBjvxsesdMnIew7gD4zPH59pmBI=</latexit>

d ∈ D

<latexit sha1_base64="hbFZEdoZlxiIpOBg2bKr0MN5qU=">AB+HicbVDLSsNAFL2pr1ofjbp0M1gEVyWRiuKqoAuXFewDmlAmk2k7dDIJMxOhn6JGxeKuPVT3Pk3TtostPXAwOGce7lnTpBwprTjfFultfWNza3ydmVnd2+/ah8cdlScSkLbJOax7AVYUc4EbWumOe0lkuIo4LQbTG5yv/tIpWKxeNDThPoRHgk2ZARrIw3saugx4UVYjwnm2e1sYNecujMHWiVuQWpQoDWwv7wJmlEhSYcK9V3nUT7GZaEU5nFS9VNMFkgke0b6jAEV+Ng8+Q6dGCdEwluYJjebq740MR0pNo8BM5hHVspeL/3n9VA+v/IyJNVUkMWhYcqRjlHeAgqZpETzqSGYSGayIjLGEhNtuqYEtzlL6+SzndbdQv7hu15nVRxmO4QTOwIVLaMIdtKANBFJ4hld4s56sF+vd+liMlqxi5wj+wPr8Af2Bk0o=</latexit>

ck+1 ∼ p(· | ck, dk; G) zk+1 ∼ p(· | ck, ck+1, dk; G)

<latexit sha1_base64="L/McD0HBZNocjDZSzhzTIWjlFPI=">ACTnicfVHLSgMxFM3UV62vqks3waIoSpkRdGN4EKXFewDOmXI3ElrmGRmSDJCHfqFbsSdn+HGhSKatrNQK14IHM459+bmxE84U9q2n63C1PTM7FxvrSwuLS8Ul5da6g4lUDrEPNYtnyiKGcRrWumOW0lkhLhc9r0w4uh3ryjUrE4utH9hHYE6UWsy4BoQ3lCl4W7jmDbVcxgZMdF4JYu4IFGLxwP/DCM1cQfQuEZ5eDXdct3f/nz4dN9Hnlil21R4UngZODCsqr5pWf3CGVNBIAydKtR070Z2MSM2A0HJTRVNCISkR9sGRkRQ1clGcQzwlmEC3I2lOZHGI/Z7R0aEUn3hG+dwR/VbG5J/ae1Ud086GYuSVNMIxhd1U451jIfZ4oBJCpr3DSAgmdkVwy2RBLT5gZIJwfn95EnQOKg6h9Wj68PK+WkeRxFtoE20gx0jM7RFaqhOgL0gF7QG3q3Hq1X68P6HFsLVt6zjn5UofgFdACzZA=</latexit>

Cyber layer δij, ei ∈ E, aj ∈ A

<latexit sha1_base64="NptrImLUw1Ebi5kbFugFZsMY+4=">ACHXicbZBNSwMxEIaz9bt+VT16CRbBg5RdqSieFBE8VrC20C3LbDrV2Gx2SbJCWfpHvPhXvHhQxIMX8d+YbXvQ1hcCL8/MkJk3TATXxnW/ncLM7Nz8wuJScXldW29tLF5o+NUMayzWMSqGYJGwSXWDTcCm4lCiEKBjbB3ntcbD6g0j+W16SfYjuBW8i5nYCwKSlW/g8JAkPH7wb6/TzHgPpd+BOaOgcgucgjB/W92NghKZbfiDkWnjTc2ZTJWLSh9+p2YpRFKwRo3fLcxLQzUIYzgYOin2pMgPXgFlvWSohQt7PhdQO6a0mHdmNlnzR0SH9PZBp3Y9C25mvqCdrOfyv1kpN97idcZmkBiUbfdRNBTUxzaOiHa6QGdG3BpjidlfK7kABMzbQog3Bmzx52twcVLxq5fCqWj49GcexSLbJDtkjHjkip+S1EidMPJInskreXOenBfn3fkYtRac8cwW+SPn6wflsKJq</latexit>

αei, βei, ei ∈ E

<latexit sha1_base64="2WxCJ0p9kybqxsUTK1q06ghVZhc=">ACF3icbVBNSwMxEM3Wr1q/qh69LBbBQym7UlE8FUTwWMHWQrcs+m0Dc1mlyQrlKX/wot/xYsHRbzqzX9j2i6orQ9CXt6bITMviDlT2nG+rNzS8srqWn69sLG5tb1T3N1rqiRFBs04pFsBaCQM4ENzTHViwRwoDjXTC8nPh39ygVi8StHsXYCaEvWI9R0EbyixUPeDwAP0Wfjcte2QtQ/7zM5THhaAHFHh6NfaLJafiTGEvEjcjJZKh7hc/vW5EkxCFphyUartOrDspSM0ox3HBSxTGQIfQx7ahAkJUnXS619g+MkrX7kXSHKHtqfq7I4VQqVEYmMrJiGrem4j/e1E9847KRNxolHQ2Ue9hNs6sich2V0mkWo+MgSoZGZWmw5AtUmyoIJwZ1feZE0TyputXJ6Uy3VLrI48uSAHJj4pIzUiPXpE4ahJIH8kReyKv1aD1b9b7rDRnZT375A+sj29tLqAU</latexit>

E(d) ⊆ E

<latexit sha1_base64="aZBE5b46ckjgzj0re5kGpsLRBWc=">AC3icbVBNS8NAEN3Ur1q/oh69hBahXkoiFcVTQSPFewHNKFsNpN26WYTdzdCb178a948aCIV/+AN/+Nm7YHbX0w8Hhvhpl5fsKoVLb9bRWVtfWN4qbpa3tnd09c/+gLeNUEGiRmMWi62MJjHJoKaoYdBMBOPIZdPzRVe53HkBIGvM7NU7Ai/CA05ASrLTUN8tuhNWQYJZdT6rBiStTX4KC+19y36zYNXsKa5k4c1JBczT75pcbxCSNgCvCsJQ9x06Ul2GhKGEwKbmphASTER5AT1OI5BeNv1lYh1rJbDCWOjiypqvycyHEk5jnzdmZ8oF71c/M/rpSq8DLKk1QBJ7NFYcosFVt5MFZABRDFxpgIqi+1SJDLDBROr6SDsFZfHmZtE9rTr12dluvNC7ncRTRESqjKnLQOWqgG9RELUTQI3pGr+jNeDJejHfjY9ZaMOYzh+gPjM8flWGbYg=</latexit>

11

SLIDE 12

Assume a deterministic, linear, time-invariant

system with state , nominal state matrix , and nominal input matrix

Tie set of physical components is defined as

the collection of nodes, links, and actuators

Tie update of is assumed to be

influenced only by the cyber layer

Components become inactive

for each enabled condition node and selected defense action

Control-Aware Intrusion Response

˙ Pt = Pt \ (P(ctk) ∪ P(dtk)) ˙ xt = A(Ptk)xt + B(Ptk)utτ

<latexit sha1_base64="c3BwLcwiJt9rEGvz9Hc3Mzm1ZNc=">ACjHicbZFdixMxFIYz41db3d2ql94Ey0rLQp2RLluVQlUQLytsP6BThkyatqGZzJCciGWYX+M/8s5/Y2Y6SG17IOTlec85SU6iVHANnvfHcR8fPT4Sa3ePrs4vKq+fzFRCdGUTamiUjULCKaCS7ZGDgINksVI3Ek2DTafin86Q+mNE/kPexStojJWvIVpwQsCpu/gpjAhKRBcsE8CgPAb8Z4H+0BIFmEHNpNG4fG0aZhBu805ATXrIlxXvBEGj7Ppz3/TYXWVU1g3+PMZxR7AMTkYbPldb0y8KnwK9FCVYzC5m97LDUxk0AF0XrueyksMqKAU8HyRmA0SwndkjWbWylJzPQiK4eZ42tLlniVKLsk4JIeVmQk1noXRzazuLM+9gp4zpsbWPUXGZepASbp/qCVERgSXPwMXnLFKIidFYQqbu+K6YoQsH+X8MOwT9+8qmYvOv6ve7t915r+KEaRw29Qq9RG/noDg3RNzRCY0SduvPW6Tv3Uu35350B/tU16lqXqL/wv36F8U3xms=</latexit>

1

<latexit sha1_base64="7gnpTfK5H+ZXH/ir20o6FrhMF4=">AB6HicbVBNS8NAEJ3Ur1q/qh69LBbBU0mkfhwLXjy2YGuhDWznbRrN5uwuxFK6C/w4kERr/4kb/4bt20O2vpg4PHeDPzgkRwbVz32ymsrW9sbhW3Szu7e/sH5cOjto5TxbDFYhGrTkA1Ci6xZbgR2EkU0igQ+BCMb2f+wxMqzWN5byYJ+hEdSh5yRo2Vml6/XHGr7hxklXg5qUCORr/81RvELI1QGiao1l3PTYyfUWU4Ezgt9VKNCWVjOsSupZJGqP1sfuiUnFlQMJY2ZKGzNXfExmNtJ5Ege2MqBnpZW8m/ud1UxPe+BmXSWpQsWiMBXExGT2NRlwhcyIiSWUKW5vJWxEFWXGZlOyIXjL6+S9kXVq1Uvm7VK/SqPowgncArn4ME1OEOGtACBgjP8ApvzqPz4rw7H4vWgpPHMfOJ8/eZmMsQ=</latexit>

2

<latexit sha1_base64="KDvCDdZ7JCj3N4tX8rDc4/lzSeE=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYJPo4kXjxCIo8ENmR26IWR2dnNzKwJIXyBFw8a49VP8ubfOMAeFKyk0pVd7q7gkRwbVz328ltbG5t7+R3C3v7B4dHxeOTlo5TxbDJYhGrTkA1Ci6xabgR2EkU0igQ2A7Gd3O/YRK81g+mEmCfkSHkoecUWOlRqVfLldwGyTryMlCBDvV/86g1ilkYoDRNU67nJsafUmU4Ezgr9FKNCWVjOsSupZJGqP3p4tAZubDKgISxsiUNWai/J6Y0noSBbYzomakV725+J/XTU1460+5TFKDki0XhakgJibzr8mAK2RGTCyhTHF7K2EjqigzNpuCDcFbfXmdtCplr1q+alRLtesjycwTlcgc3UIN7qEMTGCA8wyu8OY/Oi/PufCxbc042cwp/4Hz+AHsdjLI=</latexit>

3

<latexit sha1_base64="Gy4xtViMzJKQHIms/obBwgTgXJw=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYVH0cSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eTW1jc2t/LbhZ3dvf2D4uFRU8epYthgsYhVO6AaBZfYMNwIbCcKaRQIbAWju5nfekKleSwfzDhBP6IDyUPOqLFS/bJXLldw6ySryMlCBDrVf86vZjlkYoDRNU647nJsafUGU4EzgtdFONCWUjOsCOpZJGqP3J/NApObNKn4SxsiUNmau/JyY0nocBbYzomaol72Z+J/XSU1460+4TFKDki0WhakgJiazr0mfK2RGjC2hTHF7K2FDqigzNpuCDcFbfnmVNC/KXqV8Va+UqtdZHk4gVM4Bw9uoAr3UIMGMEB4hld4cx6dF+fd+Vi05pxs5hj+wPn8AXyhjLM=</latexit>

4

<latexit sha1_base64="+ozuFZ5e/mG4kDwnDBFxIzIack=">AB5HicbVBNS8NAEJ3Urxq/qlcvi0XwVBKpH8eCF48V7Ae0oWy2k3btZhN2N0IJ/QVePChe/U3e/Ddu2xy09cHA470ZuaFqeDaeN63U9rY3NreKe+6e/sHh0cV97itk0wxbLFEJKobUo2CS2wZbgR2U4U0DgV2wsnd3O8o9I8kY9mIQ05HkEWfUWOmhPqhUvZq3AFknfkGqUKA5qHz1hwnLYpSGCap1z/dSE+RUGc4Eztx+pjGlbEJH2LNU0h1kC8OnZFzqwxJlChb0pCF+nsip7HW0zi0nTE1Y73qzcX/vF5motsg5zLNDEq2XBRlgpiEzL8mQ6QGTG1hDLF7a2EjamizNhsXBuCv/ryOmlf1vx67arauC7CKMpnMEF+HADbiHJrSAcILvMG78+S8Oh/LxpJTJzAHzifPxPHi4o=</latexit>

5

<latexit sha1_base64="jZL+zczyhelENlAXMXlrQy398F4=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNqEcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1KuNiql2nUWRx7O4BwuwYMbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AH+pjLU=</latexit>

6

<latexit sha1_base64="4SfLYe0SjZLp7wL5eizCgFoHk=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNokcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1K+blRKtWoWRx7O4BwuwYMbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIEtjLY=</latexit>

7

<latexit sha1_base64="2YEwKLrCIfN6PdOf2vI4MAL2caE=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNikcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1K+blRKtZsjycwTlcgdVqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIKxjLc=</latexit>

8

<latexit sha1_base64="bEXvwejEkHBcjo6/x8f46pwJTs0=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNKkcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpias+lMuk9SgZMtFYSqIicn8azLgCpkRE0soU9zeStiIKsqMzaZgQ/BWX14nrauyVylfNyql2k0WRx7O4BwuwYNbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIQ1jLg=</latexit>

9

<latexit sha1_base64="VKGXU/9q24TDpWDksCMDXW/BsR4=">AB6HicbVDLSgNBEOyNrxhfUY9eBoPgKexKfN0CXjwmYB6QLGF20puMmZ1dZmaFEPIFXjwo4tVP8ubfOEn2oIkFDUVN91dQSK4Nq7eTW1jc2t/LbhZ3dvf2D4uFRU8epYthgsYhVO6AaBZfYMNwIbCcKaRQIbAWju5nfekKleSwfzDhBP6IDyUPOqLFS/bZXLldw6ySryMlCBDrVf86vZjlkYoDRNU647nJsafUGU4EzgtdFONCWUjOsCOpZJGqP3J/NApObNKn4SxsiUNmau/JyY0nocBbYzomaol72Z+J/XSU140+4TFKDki0WhakgJiazr0mfK2RGjC2hTHF7K2FDqigzNpuCDcFbfnmVNC/KXqV8Wa+UqldZHk4gVM4Bw+uoQr3UIMGMEB4hld4cx6dF+fd+Vi05pxs5hj+wPn8AYW5jLk=</latexit>

10

<latexit sha1_base64="ELiIj30pA3yt0QUJdKYiRbmlSL8=">AB6XicbVDLSgNBEOyNrxhfUY9eBoPgKexKfBwDXjxGMQ9IljA76U2GzM4uM7NCWPIHXjwo4tU/8ubfOEn2oIkFDUVN91dQSK4Nq7RTW1jc2t4rbpZ3dvf2D8uFRS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfj25nfkKleSwfzSRBP6JDyUPOqLHSg+f2yxW36s5BVomXkwrkaPTLX71BzNIpWGCat313MT4GVWGM4HTUi/VmFA2pkPsWiphNrP5pdOyZlVBiSMlS1pyFz9PZHRSOtJFNjOiJqRXvZm4n9eNzXhjZ9xmaQGJVsClNBTExmb5MBV8iMmFhCmeL2VsJGVFmbDglG4K3/PIqaV1UvVr18r5WqV/lcRThBE7hHDy4hjrcQOawCEZ3iFN2fsvDjvzseiteDkM8fwB87nD+dujOs=</latexit>

11

<latexit sha1_base64="g5h5BcpBoXI+t7aDm4IoMDyMe/U=">AB6XicbVDLSgNBEOyNrxhfUY9eBoPgKexKfBwDXjxGMQ9IljA76U2GzM4uM7NCWPIHXjwo4tU/8ubfOEn2oIkFDUVN91dQSK4Nq7RTW1jc2t4rbpZ3dvf2D8uFRS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfj25nfkKleSwfzSRBP6JDyUPOqLHSg+f1yxW36s5BVomXkwrkaPTLX71BzNIpWGCat313MT4GVWGM4HTUi/VmFA2pkPsWiphNrP5pdOyZlVBiSMlS1pyFz9PZHRSOtJFNjOiJqRXvZm4n9eNzXhjZ9xmaQGJVsClNBTExmb5MBV8iMmFhCmeL2VsJGVFmbDglG4K3/PIqaV1UvVr18r5WqV/lcRThBE7hHDy4hjrcQOawCEZ3iFN2fsvDjvzseiteDkM8fwB87nD+jyjOw=</latexit>

xt ∈ Rn

<latexit sha1_base64="618SVYIoxvnIiW+QkfkwpBkvR6g=">AB+3icbVDLSsNAFJ3UV62vWpduBovgqiRSUVwV3LisYh/QxDKZTtuhk0mYuZGWkF9x40IRt/6IO/GSZuFth4YOJxzL/fM8SPBNdj2t1VYW9/Y3Cpul3Z29/YPyoeVtg5jRVmLhiJUXZ9oJrhkLeAgWDdSjAS+YB1/cpP5nSemNA/lA8wi5gVkJPmQUwJG6pcr0z64XLoBgbHvJ/fpoxGrds2eA68SJydVlKPZL3+5g5DGAZNABdG659gReAlRwKlgacmNYsInZAR6xkqScC0l8yzp/jUKAM8DJV5EvBc/b2RkEDrWeCbySyjXvYy8T+vF8Pwyku4jGJgki4ODWOBIcRZEXjAFaMgZoYQqrjJiumYKELB1FUyJTjLX14l7fOaU69d3NWrjeu8jiI6RifoDnoEjXQLWqiFqJoip7RK3qzUuvFerc+FqMFK985Qn9gf4AhtmUvQ=</latexit>

A ∈ Rn×n

<latexit sha1_base64="rxuNYGON4IUkXon4AJFoWvWgs=">ACA3icbVBNS8NAEN34WetX1ZteFovgqSRSUTxVvHisYj+giWz3bRLN5uwOxFKCHjxr3jxoIhX/4Q3/43bNgdtfTDweG+GmXl+LgG2/62FhaXldWC2vF9Y3Nre3Szm5TR4mirEjEam2TzQTXLIGcBCsHStGQl+wlj+8GvutB6Y0j+QdjGLmhaQvecApASN1S/uXLpduSGDg+ltdp9KF3jINJZt1S2K/YEeJ4OSmjHPVu6cvtRTQJmQqiNYdx47BS4kCTgXLim6iWUzokPRZx1BJzB4vnfyQ4SOj9HAQKVMS8ET9PZGSUOtR6JvO8bV61huL/3mdBIJzL+UyToBJOl0UJAJDhMeB4B5XjIYGUKo4uZWTAdEQomtqIJwZl9eZ40TypOtXJ6Uy3XLvI4CugAHaJj5KAzVEPXqI4aiKJH9Ixe0Zv1ZL1Y79bHtHXBymf20B9Ynz90fJgH</latexit>

B ∈ Rn×m

<latexit sha1_base64="YqHhv0J7NyBe75Oml3qDqW/hfHk=">ACA3icbVDLSsNAFJ34rPUVdaebwSK4KolUFdFNy6r2Ac0sUymk3bozCTMTIQSAm78FTcuFHrT7jzb5y0WjrgQuHc+7l3nuCmFGlHefbWlhcWl5ZLa2V1zc2t7btnd2WihKJSRNHLJKdACnCqCBNTUjnVgSxANG2sHoKvfbD0QqGok7PY6Jz9FA0JBipI3Us/cvPSo8jvQwCNLb7D4VnqacKMiznl1xqs4EcJ64BamAo2e/eX1I5xwIjRmSKmu68TaT5HUFDOSlb1EkRjhERqQrqECmT1+Ovkhg0dG6cMwkqaEhP190SKuFJjHpjO/Fo16+Xif1430eG5n1IRJ5oIPF0UJgzqCOaBwD6VBGs2NgRhSc2tEA+RFib2MomBHf25XnSOqm6terpTa1SvyjiKIEDcAiOgQvOQB1cgwZoAgwewTN4BW/Wk/VivVsf09YFq5jZA39gf4AdJSYBw=</latexit>

P

<latexit sha1_base64="R3tuFGcMQNm0UGOF5xOIYPWtL1E=">AB8nicbVDLSsNAFL2pr1pfVZduBovgqiSiK4KblxWsA9oQ5lMJ+3QySTM3Agl9DPcuFDErV/jzr9x0mahrQcGDufcy5x7gkQKg67ZTW1jc2t8rblZ3dvf2D6uFR28SpZrzFYhnrbkANl0LxFgqUvJtoTqNA8k4wucv9zhPXRsTqEacJ9yM6UiIUjKVev2I4phRmTVng2rNrbtzkFXiFaQGBZqD6ld/GLM04gqZpMb0PDdBP6MaBZN8VumnhieUTeiI9yxVNOLGz+aRZ+TMKkMSxto+hWSu/t7IaGTMNArsZB7RLHu5+J/XSzG8TOhkhS5YouPwlQSjEl+PxkKzRnKqSWUaWGzEjamjK0LVsCd7yaukfVH3LutXD5e1xm1RxlO4BTOwYNraMA9NKEFDGJ4hld4c9B5cd6dj8VoySl2juEPnM8fh0mRZg=</latexit>

Pt ⊆ P

<latexit sha1_base64="aNmio5kN1Nxpa3M3lBXFP1nPLE=">ACnicbVA9SwNBEN2LXzF+nVranAbBKtxJRLEK2FhGMB+QHGFvM5cs2ftwd04IR2ob/4qNhSK2/gI7/417yRUx8cHA470ZuZ5seAKbfvHKysrq1vFDdLW9s7u3vm/kFTRYlk0GCRiGTbowoED6GBHAW0Ywk08AS0vNFN5rceQSoehfc4jsEN6CDkPmcUtdQzj7sBxSGjIq1PethViacA4WFeNct2xZ7CWiZOTsokR71nfnf7EUsCJEJqlTHsWN0UyqRMwGTUjdREFM2ogPoaBrSAJSbTl+ZWKda6Vt+JHWFaE3V+YmUBkqNA093ZieqRS8T/M6CfpXbsrDOEI2WyRnwgLIyvLxepzCQzFWBPKJNe3WmxIJWo0yvpEJzFl5dJ87ziVCsXd9Vy7TqPo0iOyAk5Iw65JDVyS+qkQRh5Ii/kjbwbz8ar8WF8zloLRj5zSP7A+PoFvYabjA=</latexit>

P(c) ∪ P(d)

<latexit sha1_base64="8T/lUrbJzbhlNPWLNhHecj8DPhY=">ACXicbVBNS8NAEN3Ur1q/oh69LBahvZREKoqnghePFWwrNKFsJpt26eaD3Y1Qq9e/CtePCji1X/gzX/jps2htj4YeLw3w8w8L+FMKsv6MUpr6xubW+Xtys7u3v6BeXjUlXEqgHYg5rF48IiknEW0o5ji9CERlIQepz1vfJP7vUcqJIujezVJqBuSYcQCBkRpaWBiJyRqBIRn7WkN6g6kyaLi1wdm1WpYM+BVYhekigq0B+a348eQhjRSwImUfdtKlJsRoRhwOq04qaQJgTEZ0r6mEQmpdLPZJ1N8phUfB7HQFSk8UxcnMhJKOQk93ZlfKZe9XPzP6cquHIzFiWpohHMFwUpxyrGeSzYZ4KC4hNCAimb8UwIoKA0uFVdAj28surpHvesJuNi7tmtXVdxFGJ+gU1ZCNLlEL3aI26iBAT+gFvaF349l4NT6Mz3lryShmjtEfGF+/I9mZ9A=</latexit>

c ∈ C

<latexit sha1_base64="p3Qy+nLCxk/GEdcml60BYeMYmNA=">AB+HicbVDLSsNAFL2pr1ofjbp0M1gEVyWRiuKq0I3LCvYBTSiT6aQdOpmEmYlQ7/EjQtF3Pop7vwbJ20W2npg4HDOvdwzJ0g4U9pxvq3SxubW9k5t7K3f3BYtY+OuypOJaEdEvNY9gOsKGeCdjTnPYTSXEUcNoLpq3c7z1SqVgsHvQsoX6Ex4KFjGBtpKFdJR4TXoT1hGCeteZDu+bUnQXQOnELUoMC7aH95Y1ikZUaMKxUgPXSbSfYakZ4XRe8VJFE0ymeEwHhgocUeVni+BzdG6UEQpjaZ7QaKH+3shwpNQsCsxkHlGtern4nzdIdXjZ0wkqaCLA+FKUc6RnkLaMQkJZrPDMFEMpMVkQmWmGjTVcWU4K5+eZ10L+tuo35136g1b4s6ynAKZ3ABLlxDE+6gDR0gkMIzvMKb9WS9WO/Wx3K0ZBU7J/AH1ucP+mqTSA=</latexit>

d ∈ D

<latexit sha1_base64="hbFZEdoZlxiIpOBg2bKr0MN5qU=">AB+HicbVDLSsNAFL2pr1ofjbp0M1gEVyWRiuKqoAuXFewDmlAmk2k7dDIJMxOhn6JGxeKuPVT3Pk3TtostPXAwOGce7lnTpBwprTjfFultfWNza3ydmVnd2+/ah8cdlScSkLbJOax7AVYUc4EbWumOe0lkuIo4LQbTG5yv/tIpWKxeNDThPoRHgk2ZARrIw3saugx4UVYjwnm2e1sYNecujMHWiVuQWpQoDWwv7wJmlEhSYcK9V3nUT7GZaEU5nFS9VNMFkgke0b6jAEV+Ng8+Q6dGCdEwluYJjebq740MR0pNo8BM5hHVspeL/3n9VA+v/IyJNVUkMWhYcqRjlHeAgqZpETzqSGYSGayIjLGEhNtuqYEtzlL6+SzndbdQv7hu15nVRxmO4QTOwIVLaMIdtKANBFJ4hld4s56sF+vd+liMlqxi5wj+wPr8Af2Bk0o=</latexit>

Physical layer

Figure: a sample physical system.

In summary,

12

SLIDE 13

Control-Aware Intrusion Response

Structural controllability is characterized by the minimum inputs theorem of [Liu et

al., ’11]

In particular, valid control configurations (which nodes need to be controlled in order

for the system to be controllable) described by finding all maximum matchings of the physical system graph

1

<latexit sha1_base64="7gnpTfK5H+ZXH/ir20o6FrhMF4=">AB6HicbVBNS8NAEJ3Ur1q/qh69LBbBU0mkfhwLXjy2YGuhDWznbRrN5uwuxFK6C/w4kERr/4kb/4bt20O2vpg4PHeDPzgkRwbVz32ymsrW9sbhW3Szu7e/sH5cOjto5TxbDFYhGrTkA1Ci6xZbgR2EkU0igQ+BCMb2f+wxMqzWN5byYJ+hEdSh5yRo2Vml6/XHGr7hxklXg5qUCORr/81RvELI1QGiao1l3PTYyfUWU4Ezgt9VKNCWVjOsSupZJGqP1sfuiUnFlQMJY2ZKGzNXfExmNtJ5Ege2MqBnpZW8m/ud1UxPe+BmXSWpQsWiMBXExGT2NRlwhcyIiSWUKW5vJWxEFWXGZlOyIXjL6+S9kXVq1Uvm7VK/SqPowgncArn4ME1OEOGtACBgjP8ApvzqPz4rw7H4vWgpPHMfOJ8/eZmMsQ=</latexit>

2

<latexit sha1_base64="KDvCDdZ7JCj3N4tX8rDc4/lzSeE=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYJPo4kXjxCIo8ENmR26IWR2dnNzKwJIXyBFw8a49VP8ubfOMAeFKyk0pVd7q7gkRwbVz328ltbG5t7+R3C3v7B4dHxeOTlo5TxbDJYhGrTkA1Ci6xabgR2EkU0igQ2A7Gd3O/YRK81g+mEmCfkSHkoecUWOlRqVfLldwGyTryMlCBDvV/86g1ilkYoDRNU67nJsafUmU4Ezgr9FKNCWVjOsSupZJGqP3p4tAZubDKgISxsiUNWai/J6Y0noSBbYzomakV725+J/XTU1460+5TFKDki0XhakgJibzr8mAK2RGTCyhTHF7K2EjqigzNpuCDcFbfXmdtCplr1q+alRLtesjycwTlcgc3UIN7qEMTGCA8wyu8OY/Oi/PufCxbc042cwp/4Hz+AHsdjLI=</latexit>

3

<latexit sha1_base64="Gy4xtViMzJKQHIms/obBwgTgXJw=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYVH0cSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eTW1jc2t/LbhZ3dvf2D4uFRU8epYthgsYhVO6AaBZfYMNwIbCcKaRQIbAWju5nfekKleSwfzDhBP6IDyUPOqLFS/bJXLldw6ySryMlCBDrVf86vZjlkYoDRNU647nJsafUGU4EzgtdFONCWUjOsCOpZJGqP3J/NApObNKn4SxsiUNmau/JyY0nocBbYzomaol72Z+J/XSU1460+4TFKDki0WhakgJiazr0mfK2RGjC2hTHF7K2FDqigzNpuCDcFbfnmVNC/KXqV8Va+UqtdZHk4gVM4Bw9uoAr3UIMGMEB4hld4cx6dF+fd+Vi05pxs5hj+wPn8AXyhjLM=</latexit>

4

<latexit sha1_base64="+ozuFZ5e/mG4kDwnDBFxIzIack=">AB5HicbVBNS8NAEJ3Urxq/qlcvi0XwVBKpH8eCF48V7Ae0oWy2k3btZhN2N0IJ/QVePChe/U3e/Ddu2xy09cHA470ZuaFqeDaeN63U9rY3NreKe+6e/sHh0cV97itk0wxbLFEJKobUo2CS2wZbgR2U4U0DgV2wsnd3O8o9I8kY9mIQ05HkEWfUWOmhPqhUvZq3AFknfkGqUKA5qHz1hwnLYpSGCap1z/dSE+RUGc4Eztx+pjGlbEJH2LNU0h1kC8OnZFzqwxJlChb0pCF+nsip7HW0zi0nTE1Y73qzcX/vF5motsg5zLNDEq2XBRlgpiEzL8mQ6QGTG1hDLF7a2EjamizNhsXBuCv/ryOmlf1vx67arauC7CKMpnMEF+HADbiHJrSAcILvMG78+S8Oh/LxpJTJzAHzifPxPHi4o=</latexit>

5

<latexit sha1_base64="jZL+zczyhelENlAXMXlrQy398F4=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNqEcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1KuNiql2nUWRx7O4BwuwYMbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AH+pjLU=</latexit>

6

<latexit sha1_base64="4SfLYe0SjZLp7wL5eizCgFoHk=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNokcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1K+blRKtWoWRx7O4BwuwYMbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIEtjLY=</latexit>

7

<latexit sha1_base64="2YEwKLrCIfN6PdOf2vI4MAL2caE=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNikcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1K+blRKtZsjycwTlcgdVqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIKxjLc=</latexit>

8

<latexit sha1_base64="bEXvwejEkHBcjo6/x8f46pwJTs0=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNKkcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpias+lMuk9SgZMtFYSqIicn8azLgCpkRE0soU9zeStiIKsqMzaZgQ/BWX14nrauyVylfNyql2k0WRx7O4BwuwYNbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIQ1jLg=</latexit>

9

<latexit sha1_base64="VKGXU/9q24TDpWDksCMDXW/BsR4=">AB6HicbVDLSgNBEOyNrxhfUY9eBoPgKexKfN0CXjwmYB6QLGF20puMmZ1dZmaFEPIFXjwo4tVP8ubfOEn2oIkFDUVN91dQSK4Nq7eTW1jc2t/LbhZ3dvf2D4uFRU8epYthgsYhVO6AaBZfYMNwIbCcKaRQIbAWju5nfekKleSwfzDhBP6IDyUPOqLFS/bZXLldw6ySryMlCBDrVf86vZjlkYoDRNU647nJsafUGU4EzgtdFONCWUjOsCOpZJGqP3J/NApObNKn4SxsiUNmau/JyY0nocBbYzomaol72Z+J/XSU140+4TFKDki0WhakgJiazr0mfK2RGjC2hTHF7K2FDqigzNpuCDcFbfnmVNC/KXqV8Wa+UqldZHk4gVM4Bw+uoQr3UIMGMEB4hld4cx6dF+fd+Vi05pxs5hj+wPn8AYW5jLk=</latexit>

10

<latexit sha1_base64="ELiIj30pA3yt0QUJdKYiRbmlSL8=">AB6XicbVDLSgNBEOyNrxhfUY9eBoPgKexKfBwDXjxGMQ9IljA76U2GzM4uM7NCWPIHXjwo4tU/8ubfOEn2oIkFDUVN91dQSK4Nq7RTW1jc2t4rbpZ3dvf2D8uFRS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfj25nfkKleSwfzSRBP6JDyUPOqLHSg+f2yxW36s5BVomXkwrkaPTLX71BzNIpWGCat313MT4GVWGM4HTUi/VmFA2pkPsWiphNrP5pdOyZlVBiSMlS1pyFz9PZHRSOtJFNjOiJqRXvZm4n9eNzXhjZ9xmaQGJVsClNBTExmb5MBV8iMmFhCmeL2VsJGVFmbDglG4K3/PIqaV1UvVr18r5WqV/lcRThBE7hHDy4hjrcQOawCEZ3iFN2fsvDjvzseiteDkM8fwB87nD+dujOs=</latexit>

11

<latexit sha1_base64="g5h5BcpBoXI+t7aDm4IoMDyMe/U=">AB6XicbVDLSgNBEOyNrxhfUY9eBoPgKexKfBwDXjxGMQ9IljA76U2GzM4uM7NCWPIHXjwo4tU/8ubfOEn2oIkFDUVN91dQSK4Nq7RTW1jc2t4rbpZ3dvf2D8uFRS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfj25nfkKleSwfzSRBP6JDyUPOqLHSg+f1yxW36s5BVomXkwrkaPTLX71BzNIpWGCat313MT4GVWGM4HTUi/VmFA2pkPsWiphNrP5pdOyZlVBiSMlS1pyFz9PZHRSOtJFNjOiJqRXvZm4n9eNzXhjZ9xmaQGJVsClNBTExmb5MBV8iMmFhCmeL2VsJGVFmbDglG4K3/PIqaV1UvVr18r5WqV/lcRThBE7hHDy4hjrcQOawCEZ3iFN2fsvDjvzseiteDkM8fwB87nD+jyjOw=</latexit>

13

SLIDE 14

Control-Aware Intrusion Response

1

<latexit sha1_base64="7gnpTfK5H+ZXH/ir20o6FrhMF4=">AB6HicbVBNS8NAEJ3Ur1q/qh69LBbBU0mkfhwLXjy2YGuhDWznbRrN5uwuxFK6C/w4kERr/4kb/4bt20O2vpg4PHeDPzgkRwbVz32ymsrW9sbhW3Szu7e/sH5cOjto5TxbDFYhGrTkA1Ci6xZbgR2EkU0igQ+BCMb2f+wxMqzWN5byYJ+hEdSh5yRo2Vml6/XHGr7hxklXg5qUCORr/81RvELI1QGiao1l3PTYyfUWU4Ezgt9VKNCWVjOsSupZJGqP1sfuiUnFlQMJY2ZKGzNXfExmNtJ5Ege2MqBnpZW8m/ud1UxPe+BmXSWpQsWiMBXExGT2NRlwhcyIiSWUKW5vJWxEFWXGZlOyIXjL6+S9kXVq1Uvm7VK/SqPowgncArn4ME1OEOGtACBgjP8ApvzqPz4rw7H4vWgpPHMfOJ8/eZmMsQ=</latexit>

2

<latexit sha1_base64="KDvCDdZ7JCj3N4tX8rDc4/lzSeE=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYJPo4kXjxCIo8ENmR26IWR2dnNzKwJIXyBFw8a49VP8ubfOMAeFKyk0pVd7q7gkRwbVz328ltbG5t7+R3C3v7B4dHxeOTlo5TxbDJYhGrTkA1Ci6xabgR2EkU0igQ2A7Gd3O/YRK81g+mEmCfkSHkoecUWOlRqVfLldwGyTryMlCBDvV/86g1ilkYoDRNU67nJsafUmU4Ezgr9FKNCWVjOsSupZJGqP3p4tAZubDKgISxsiUNWai/J6Y0noSBbYzomakV725+J/XTU1460+5TFKDki0XhakgJibzr8mAK2RGTCyhTHF7K2EjqigzNpuCDcFbfXmdtCplr1q+alRLtesjycwTlcgc3UIN7qEMTGCA8wyu8OY/Oi/PufCxbc042cwp/4Hz+AHsdjLI=</latexit>

3

<latexit sha1_base64="Gy4xtViMzJKQHIms/obBwgTgXJw=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYVH0cSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eTW1jc2t/LbhZ3dvf2D4uFRU8epYthgsYhVO6AaBZfYMNwIbCcKaRQIbAWju5nfekKleSwfzDhBP6IDyUPOqLFS/bJXLldw6ySryMlCBDrVf86vZjlkYoDRNU647nJsafUGU4EzgtdFONCWUjOsCOpZJGqP3J/NApObNKn4SxsiUNmau/JyY0nocBbYzomaol72Z+J/XSU1460+4TFKDki0WhakgJiazr0mfK2RGjC2hTHF7K2FDqigzNpuCDcFbfnmVNC/KXqV8Va+UqtdZHk4gVM4Bw9uoAr3UIMGMEB4hld4cx6dF+fd+Vi05pxs5hj+wPn8AXyhjLM=</latexit>

4

<latexit sha1_base64="+ozuFZ5e/mG4kDwnDBFxIzIack=">AB5HicbVBNS8NAEJ3Urxq/qlcvi0XwVBKpH8eCF48V7Ae0oWy2k3btZhN2N0IJ/QVePChe/U3e/Ddu2xy09cHA470ZuaFqeDaeN63U9rY3NreKe+6e/sHh0cV97itk0wxbLFEJKobUo2CS2wZbgR2U4U0DgV2wsnd3O8o9I8kY9mIQ05HkEWfUWOmhPqhUvZq3AFknfkGqUKA5qHz1hwnLYpSGCap1z/dSE+RUGc4Eztx+pjGlbEJH2LNU0h1kC8OnZFzqwxJlChb0pCF+nsip7HW0zi0nTE1Y73qzcX/vF5motsg5zLNDEq2XBRlgpiEzL8mQ6QGTG1hDLF7a2EjamizNhsXBuCv/ryOmlf1vx67arauC7CKMpnMEF+HADbiHJrSAcILvMG78+S8Oh/LxpJTJzAHzifPxPHi4o=</latexit>

5

<latexit sha1_base64="jZL+zczyhelENlAXMXlrQy398F4=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNqEcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1KuNiql2nUWRx7O4BwuwYMbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AH+pjLU=</latexit>

6

<latexit sha1_base64="4SfLYe0SjZLp7wL5eizCgFoHk=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNokcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1K+blRKtWoWRx7O4BwuwYMbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIEtjLY=</latexit>

7

<latexit sha1_base64="2YEwKLrCIfN6PdOf2vI4MAL2caE=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNikcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpia89adcJqlByZaLwlQE5P512TAFTIjJpZQpri9lbARVZQZm03BhuCtvrxOWldlr1K+blRKtZsjycwTlcgdVqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIKxjLc=</latexit>

8

<latexit sha1_base64="bEXvwejEkHBcjo6/x8f46pwJTs0=">AB6HicbVDLTgJBEOzF+IL9ehlIjHxRHYNKkcSLx4hkUcCGzI79MLI7OxmZtaEL7AiweN8eonefNvHGAPClbSaWqO91dQSK4Nq7eQ2Nre2d/K7hb39g8Oj4vFJS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfju7nfkKleSwfzCRBP6JDyUPOqLFSo9ovltyuwBZJ15GSpCh3i9+9QYxSyOUhgmqdzE+NPqTKcCZwVeqnGhLIxHWLXUkj1P50ceiMXFhlQMJY2ZKGLNTfE1MaT2JAtsZUTPSq95c/M/rpias+lMuk9SgZMtFYSqIicn8azLgCpkRE0soU9zeStiIKsqMzaZgQ/BWX14nrauyVylfNyql2k0WRx7O4BwuwYNbqME91KEJDBCe4RXenEfnxXl3PpatOSebOYU/cD5/AIQ1jLg=</latexit>

9

<latexit sha1_base64="VKGXU/9q24TDpWDksCMDXW/BsR4=">AB6HicbVDLSgNBEOyNrxhfUY9eBoPgKexKfN0CXjwmYB6QLGF20puMmZ1dZmaFEPIFXjwo4tVP8ubfOEn2oIkFDUVN91dQSK4Nq7eTW1jc2t/LbhZ3dvf2D4uFRU8epYthgsYhVO6AaBZfYMNwIbCcKaRQIbAWju5nfekKleSwfzDhBP6IDyUPOqLFS/bZXLldw6ySryMlCBDrVf86vZjlkYoDRNU647nJsafUGU4EzgtdFONCWUjOsCOpZJGqP3J/NApObNKn4SxsiUNmau/JyY0nocBbYzomaol72Z+J/XSU140+4TFKDki0WhakgJiazr0mfK2RGjC2hTHF7K2FDqigzNpuCDcFbfnmVNC/KXqV8Wa+UqldZHk4gVM4Bw+uoQr3UIMGMEB4hld4cx6dF+fd+Vi05pxs5hj+wPn8AYW5jLk=</latexit>

10

<latexit sha1_base64="ELiIj30pA3yt0QUJdKYiRbmlSL8=">AB6XicbVDLSgNBEOyNrxhfUY9eBoPgKexKfBwDXjxGMQ9IljA76U2GzM4uM7NCWPIHXjwo4tU/8ubfOEn2oIkFDUVN91dQSK4Nq7RTW1jc2t4rbpZ3dvf2D8uFRS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfj25nfkKleSwfzSRBP6JDyUPOqLHSg+f2yxW36s5BVomXkwrkaPTLX71BzNIpWGCat313MT4GVWGM4HTUi/VmFA2pkPsWiphNrP5pdOyZlVBiSMlS1pyFz9PZHRSOtJFNjOiJqRXvZm4n9eNzXhjZ9xmaQGJVsClNBTExmb5MBV8iMmFhCmeL2VsJGVFmbDglG4K3/PIqaV1UvVr18r5WqV/lcRThBE7hHDy4hjrcQOawCEZ3iFN2fsvDjvzseiteDkM8fwB87nD+dujOs=</latexit>

11

<latexit sha1_base64="g5h5BcpBoXI+t7aDm4IoMDyMe/U=">AB6XicbVDLSgNBEOyNrxhfUY9eBoPgKexKfBwDXjxGMQ9IljA76U2GzM4uM7NCWPIHXjwo4tU/8ubfOEn2oIkFDUVN91dQSK4Nq7RTW1jc2t4rbpZ3dvf2D8uFRS8epYthksYhVJ6AaBZfYNwI7CQKaRQIbAfj25nfkKleSwfzSRBP6JDyUPOqLHSg+f1yxW36s5BVomXkwrkaPTLX71BzNIpWGCat313MT4GVWGM4HTUi/VmFA2pkPsWiphNrP5pdOyZlVBiSMlS1pyFz9PZHRSOtJFNjOiJqRXvZm4n9eNzXhjZ9xmaQGJVsClNBTExmb5MBV8iMmFhCmeL2VsJGVFmbDglG4K3/PIqaV1UvVr18r5WqV/lcRThBE7hHDy4hjrcQOawCEZ3iFN2fsvDjvzseiteDkM8fwB87nD+jyjOw=</latexit>

14

SLIDE 15

Control-Aware Intrusion Response

Define a controllability cost describing how the loss of physical

components (nodes, links, control inputs/actuators) due to enabled conditions and selected cyber actions results in the loss of control configurations

Tie problem of choosing cyber actions, as a function of security alert

information, in order to minimize the controllability cost can then be writuen as a partially observable Markov decision process (POMDP), where the belief is the distribution on the set of enabled security conditions

An optimal policy, which maximally prolongs the structural controllability
f the physical system, can be computed by any off-the-shelf POMDP

solver (e.g., POMCP [Silver & Veness, ’10] as in the intrusion response system of [Miehling et al., ’18])

15

SLIDE 16

Concluding Remarks

Introduced a general model for the secure operation of cyber-physical systems

by explicitly relating the security status of the cyber layer with the operational status of the physical layer

An instance of the SCPR model, termed control-aware intrusion response, was

introduced

While SCPR was presented from a centralized control (single decision maker)

perspective, we hope that the model will provide a structure for more complex analyses involving multiple decision makers and strategic interaction

Thank you!

16