Bayesian games for the cybersecurity of nuclear power plants

Abstract

Many modern critical infrastructures are cyber–physical systems that rely on the integration of physical processes and computational resources. While this integration enables advanced system diagnostics, monitoring, and control, it also exposes the physical process to cyber-threats. Critical infrastructures such as nuclear power plants may be targeted by a variety of threat agents, each with unique motivations, resources, and capabilities. A Bayesian game-theoretic approach is presented to secure critical infrastructure when the adversary’s characteristics are uncertain. In a Bayesian game, some players have incomplete information about the other players. Within the context of critical infrastructure cybersecurity, plant defenders have incomplete information about threat agents, and threat agents have incomplete information about plant defenders. A Bayesian game provides a quantitative method for security teams to identify optimal defense strategies.The Bayesian game-theoretic approach is demonstrated on the residual heat removal system of a boiling water reactor. Threat agents are modeled as types in the game using a threat agent library that defines each threat’s characteristics. Similarly, different types of defenders are modeled by considering consequences of importance to plant stakeholders. Using these type definitions, utility functions are defined for each player. Nash equilibria of the Stackelberg game and two simultaneous games are identified and discussed. Using this procedure, a security team at a nuclear power plant can select the optimal strategy to defend the plant from cyber-threats.