January 26, 2021
Research Highlight

Optimization and Machine Learning for Safeguarding Cyber-Physical Systems

New approaches for studying critical cyber-physical infrastructure

Artist's rendering of connections in the US power grid.

Artist's rendering of connections in the US power grid.

(Composite image by Timothy Holland | Pacific Northwest National Laboratory)

Delivering secure, reliable electricity is not an easy task—even on an average day. Renewable energy sources, smart devices, natural disasters, and cyberattacks make that task even more complicated than it used to be. As a result, grid operators need to assess competing risks and make informed choices rapidly yet safely.

The task of running the power grid safely, securely, and reliably can be broken down into three nested challenges: predicting future behavior (solvability), meeting performance goals (operability), and dealing with adaptive adversarial threats (security). Meeting performance goals requires at least some ability to predict future behavior, and dealing with potential threats requires a combination of simultaneously meeting performance goals and predicting threats. The fact that the grid is a cyber-physical system is an additional factor to consider; cyberattacks can produce physical impacts, for example. Interacting cyber and physical components create multiple levels of complexity—like playing simultaneous interconnected games of chess.

One way to manage these interconnected challenges is through modeling, where researchers use computers to simulate the grid and perform experiments to see how different circumstances and actions affect the system. Efficient, trustworthy tools and approaches are critical for dependable, accurate models that support a resilient and secure grid. “As systems like the grid become faster, larger, and more complex, humans won't be able to manage all the dots,” said Pacific Northwest National Laboratory (PNNL) computer scientist Chris Oehmen. “Because of this constant motion, we need models that are flexible and can help us visualize the grid more organically.”

Models for an increasingly complex, connected grid

Historically, system operators have used certain assumptions to make their models tractable: simplifying complex dynamics (nonlinearity); smoothing out discrete system changes (discontinuity); and ignoring adaptive attackers (adversarial activity). These assumptions have been in place for decades, but cyber connections, microgrids, and renewables make the grid significantly more complicated than it used to be. That, along with the development of new mathematical and computational methods, means it may be time to revisit those assumptions.

Using theoretical advances in the Koopman operator, disjunctive programming, and multi-level optimization, a multidisciplinary team of PNNL researchers are developing methods for the nested solvability, operability, and security challenges that do not rely on historical assumptions. The Koopman operator (solvability) is a mathematical construct used to transform complex time-varying systems into more tractable systems while preserving complex behavior. Machine learning can be used to determine what that transformation ought to be, and the team has extended this capability to include hybrid systems (i.e., systems with continuous and discrete changes). The result is a fast, accurate way to predict system behavior. “This work with the Koopman operator really goes to show how powerful machine learning can be when you combine it with domain knowledge and advanced mathematics,” said Craig Bakker, the project team leader. “In these situations, the whole becomes much greater than the sum of its parts.”

Graph showing nested cyber-physical system challenges
PNNL researchers meet common grid modeling challenges with state-of-the-art mathematical approaches. (Graphic by Nathan Johnson | Pacific Northwest National Laboratory)

Disjunctive programming (operability) is an advanced optimization approach that exploits logical relationships between different operating modes of a hybrid system. Compared to standard methods, accounting for these logical relationships speeds up the process of calculating optimal decisions and improves the quality of those decisions. Machine learning can further speed up the solution process by identifying which operating modes are most important for the optimization. The disjunctive programming task leader, Arnab Bhattacharya, noted that “the proposed machine learning approach can ensure potential orders of magnitude improvement in solution time, which can enable real-time decision-making in complex operational environments.”

Multi-level optimization (security) provides an integrated way to address combined decision-making processes of different agents in the system (i.e., operators, adversaries, and defenders). This formulation makes it possible to account for and respond to adaptive threats, represent systems of varying complexity, and quantify system resilience. This type of system representation “has multiple near- and long-term decision cycles at play and can be updated and solved over numerous interactive rounds as new information becomes available” said Matt Oster and Sam Chatterjee, data scientists and multi-level optimization task co-leaders.

The three sets of methods bring complementary and mutually enhancing capabilities when it comes to modeling complex systems. Together, they address nested challenges of running cyber-physical systems (like the power grid). They do so, in a way that respects the inherent complexity of those systems while remaining computationally tractable.

Focusing on resilience and critical cyber-physical infrastructure systems

The project team recently led a special session at Resilience Week 2020 conference. This session included paper presentations by the project team on the Koopman operator and multi-level optimization, as well as invited talks from leading academics in the field, the U.S. Department of Energy’s Building Technologies Office, and the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Project work is also about to be published in an upcoming PNNL special edition on autonomic infrastructure resilience in the Journal of Information Warfare. This issue showcases PNNL’s interest and capabilities in cyber-physical systems modeling and critical infrastructure resilience.

Electric grid infrastructure at night
PNNL researchers are working to advance the state-of-the art in electric grid security and operations. (Photo by urbans | Shutterstock.com)

There is, in general, a pressing need for this kind of work in modeling cyber-connected systems. Economics are driving increased cyber-connectivity for other critical infrastructure like transportation, water distribution, and oil and natural gas systems—all of which weren’t built with cyber connections in mind. “No matter what discipline, your gear is becoming digitized,” said Charles Nelson, a strategic advisor in PNNL’s efforts to secure connected systems. “The smarter we get at understanding the interdependencies and potential vulnerabilities of cyber-connected systems, the better off we'll be.”

Funding for this project came from PNNL’s strategic objective in autonomic resilience for cyber-physical systems. The research contributes to PNNL’s growing expertise in critical infrastructure modeling and simulation and helps inform PNNL’s research strategy in these areas.