2017 Student Merit Award

Matthew Smith Wins 2017 Student Merit Competition

Congratulations to Matthew Smith! The abstract “Cyber Risk Analysis for a Smart Grid: How Smart is Smart Enough? A Multi-Armed Bandit Approach to Cyber Security Investment” was selected as a winner of the student merit award of 2017 SRA Security and Defense Specialty Group (SDSG) Student Merit Competition.

The award was presented at the SDSG business meeting, held at the lunch hour on Monday, December 12, 2017, during the Annual Meeting in Arlington, VA.

Cyber Risk Analysis for a Smart Grid: How Smart is Smart Enough? A Multi-Armed Bandit Approach to Cyber Security InvestmentSmith MD, Pate-Cornell ME*; Stanford University.

Abstract: As electric sector stakeholders make the decision to upgrade traditional power grid architectures by incorporating smart grid technologies and new intelligent components, the benefits of added connectivity must be weighed against the risk of increased exposure to cyberattacks. Therefore, decision makers must ask: how smart is smart enough? This dissertation presents a probabilistic risk analysis (PRA) framework to this problem, involving systems analysis, stochastic modeling, economic analysis, and decision analysis to quantify the overall benefit and risk facing the network and ultimately help decision makers formally assess tradeoffs and set priorities given limited resources. Central to this approach is a new Bayes-adaptive network security model based on a reformulation of the classic “multi-armed bandits” problem, where instead of projects with uncertain probabilities of success, a network defender faces network nodes that can be attacked at uncertain Poisson-distributed rates. This new technique, which by similarity we call “multi-node bandits,” takes a dynamic approach to cybersecurity investment, exploring how network defenders can optimally allocate cyber defense teams among nodes in their network, in effect taking teams that traditionally respond to cyber breaches after they occur, and instead employing them in a proactive manner for defensive and information gathering purposes. We apply this model to a case study of an electric utility considering the degree to which to integrate demand response technology into their smart grid network, jointly identifying both the optimal level of connectivity and the optimal strategy for the sequential allocation of cybersecurity resources.