Autonomic Computing for Resilient Cyber Operations in Contested Environments
Partners: |
Swinburne University Prof Ryszard Kowalczyk, A/Prof Bao Vo |
Data61 Dr Mohan Baruwal Chhetri and Dr Surya Nepal, DSTG NGTF Dr Anton Uzunov |
Resilience – seen as the ability of a system to “fight through” failures or, more generally, adverse events caused by accidental or deliberate means – is an essential property for autonomous cyber defence systems, which often operate in complex and contested environments. Resilience can be supported via self-healing, where adverse events are diagnosed in near-real-time (either proactively or reactively, or both) and recovery operations are automatically effected. Such recovery operations typically require the reconfiguration of some components of the system or even of the entire system. While reconfiguring for recovery in simple systems and scenarios is easily achievable, the possibility of multiple but conflicting reconfigurations being required at run-time – arising, for example, from simultaneous adaptation requests made by other self-* property managers and/or a burst of disparate failures – as well as the nontrivial complexity and inherent distribution of autonomous cyber defence systems, makes achieving optimal reconfigurations a challenging task.
The aim of the project in the first year (2016-17) is to build on a framework for resilient system design and reconstitution proposed by researchers at the Pacific Northwest National Laboratory (PNNL) and to develop a novel Distributed Constraint Optimization (DisCOP) algorithm for determining reconfigurations that meet multiple adaptation requirements while optimizing goals such as impacting the smallest number of components or restoring the original system functionality in the shortest time. To address issues in efficiency, two approaches will be explored: (i) classifying soft constraints into different categories to provide the algorithm with a kind of heuristics to select the less costly reconfigurations; and (ii) pre-compilation of mitigation strategies by offline identification of potential conflicts caused by various reconfigurations and analysis of the vulnerabilities of the system and its constituent parts. The resulting algorithm will be implemented in software, potentially as part of a DST-provided software framework, and the overall solution will be validated using resilience metrics based on those existing in the open literature (e.g. MITRE resilience metrics and others).
It is envisaged that the project would be a stepping stone towards developing solutions for a number of critical problems in distributed autonomic computing for autonomous cyber defence in the 3 years, including: decentralized coordination, synchronization and goal-sensitive decision-making via negotiation protocols, policy-based frameworks and formal languages; higher-order optimality taking into account a variety of whole-of-system goals and strategies; and evaluation/self-evaluation techniques based on the modelling and quantification of cyber resilience.