R-PNT Virtual Conflict Simulation
Project Description: This project will entail developing a virtual testbed for modeling various cyber and cyber-physical attacks and designing defense mechanisms to mitigate the effects of these attacks. As part of this effort, simulations will be conducted to evaluate the network-wide effect of such attacks and to evaluate the adequacy of various defense mechanisms in resolving and recovering from these attacks.
​
While this five-year project will address numerous cyber and cyber-physical attacks, including GNSS jamming and spoofing, the focus of the effort in the first year will be on spoofing of routing attacks, given that these have occurred with Google and Waze. Specifically, in the case of Google, an artist in Berlin tricked Google Maps into creating traffic jam alerts by pulling 99 phones – with their location services on – slowly around the German capital in a handcart1. As part of this effort, the INTEGRATION agent-based traffic simulation model will be modified to allow for the sharing of erroneous real-time travel time information that will impact the dynamic feedback traffic router (similar to the Google maps router). This will be tested on at least one network for different attack locations and intensities to quantify network-wide impacts of such attacks. In addition, various filtering techniques will be devised to try to identify anomalies in the data and rectify data as a means of defense against such attacks.
​
US DOT Priorities: This research project directly targets the US DOT’s research priority area of Reducing Transportation Cybersecurity Risks by continuously improving US DOT’s internal cyber defense practices of identify, protect, detect, respond, and recover to ensure high availability of US DOT systems and information resources, by strengthening US DOT’s cybersecurity total situational awareness and system control as intended and authorized to ensure continuity of operations, by providing professional development and training for US DOT staff to act as required in their roles to reduce US DOT cybersecurity risks, and by making all US DOT systems secure by design. We will be developing a simulation environment that we plan eventually to transition to use by US DOT staff in a continuous “war-gaming” exercise that will be used to identify and mitigate new potential threats as the gamers become aware of them. This tool will enable continuous improvement of the cyber- and cyber-physical resilience of the navigation and routing functions of US surface transportation systems by pro-actively identifying threats and developing mitigations before they become actual problems in the real world. Given the adversarial relationship between the US DOT and potential disruptors, this type of simulation is envisioned as the transportation-system analog to the general cyber-security ecosystem where vulnerabilities are identified and mitigated, but in this case, preferably long before they become day-0 vulnerabilities. This “war-gaming” simulation will also be useful for training US DOT staff in cyber and cyber-physical security of US DOT systems.
​
Outputs: In this cross-cutting project, we will develop and provide:
-
A fully integrated (V2X and traffic) dynamic connected vehicle freeware.
-
A mechanism for simulating a specific type of cyber or cyber-physical attack, which will also serve as a prototype for how additional types of attacks can be simulated.
-
A mechanism for simulating a specific proposed defense mechanism against the specific cyber or cyber-physical attack, which will also serve as a prototype for how additional types of defenses can be simulated.
-
Data supporting validation of the attack and defense methods through simulation.
​
We expect interest in this research from the automated transportation industry and will actively encourage those on CARNATIONS External Advisory Board to contribute feedback and collaborate throughout the effort. We will also welcome them to try the simulation.
​
Outputs/Impacts: Cyber and cyber-physical attacks can cause widespread delays or cascading failures across multiple modes of transportation. The aim of this project is to make significant strides toward creating a digital twin of reality so that network-wide impacts of cyber and cyber-physical attacks can be quantified, and optimum defense mechanisms can be developed to minimize the negative impacts of such attacks.
​
Final Research Report: Given that the project is multi-year, we envision submitting a report each year summarizing the work completed in that year.