Abstract

We present a method of computing a prioritized set of vulnerabilities consisting of the γ\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\gamma $$\end{document}-most critical vulnerabilities of the system under study. We model the strategic attacker–defender interaction as a one-shot Stackelberg game on an attack graph, where the defender seeks to protect his system from a (stealthy) intruder by patching vulnerabilities. Our model supports the possibility of patching several vulnerabilities with one patch and thus yields a more realistic and resource-efficient solution than related ansatzes. The security strategy is obtained by computing pure Stackelberg equilibria using Benders decomposition, and linear and integer optimizations. We showcase the use of our model for decision support for a small robotic system (MiR 100 mobile robot). Our contribution shows, how decision support systems and computational intelligence (i.e. game-theoretic optimization) can be employed ethically: to make cyber-physical systems more secure and safer.