SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical...
-
Upload
christophe-feltus -
Category
Documents
-
view
216 -
download
0
Transcript of SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical...
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
1/25
1
Metamodel for Reputation based Agents System –
Case Study for Electrical Distribution SCADA Design
Guy Guemkam, Jonathan Blangenois, Christophe Feltus, Djamel Khadraoui
Laboratoire d’informatique de Paris 6, France
Faculty of Computer Science, University of Namur, Belgium
Public Research Centre Henri Tudor, Luxembourg-Kirchberg, Luxembourg
October 13-16, 2013
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
2/25
Table of contents
2
• Introduction
• ArchiMate
• Policy concept and trust value
• Case study presentation
• Simulations
• Conclusions
October 2013 SMC IEEE conference
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
3/25
Table of contents
3
• Introduction
• ArchiMate
• Policy concept and trust value
• Case study presentation
• Simulations
• Conclusions
October 2013 SMC IEEE conference
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
4/25
Introduction
- Critical Infrastructures are essential for the functioning of a
society and economy
4 statements:
- CI are monitored and secured by SCADA systems
- SCADA are deployed using agents whish are governed by
policies
- Agents behave based on their own perception of the evolving
environment and according the perceived trust
- SCADA operates at different abstraction levels of the CI
October 2013 SMC IEEE conference 4
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
5/25
Introduction
Additionally:
- No integrated approach for designing, managing and
monitoring SCADA systems policies
- No consideration of the trust and reputation existing amongst
the agents
Our goal:
Agents modelling framework based on ArchiMate
Integration of Trust based policy
October 2013 SMC IEEE conference 5
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
6/25
Table of contents
6
• Introduction
• ArchiMate
• Policy concept and trust value
• Case study presentation
• Simulations
• Conclusions
October 2013 SMC IEEE conference
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
7/25
ArchiMate, the «theory»
- Enterprise architecture metamodel
- 3 abstraction layers (business, application and technical)
- 3 families of concepts: structural, behavioral, informational
- ArchiMate core concepts:
http://pubs.opengroup.org/architecture/archimate2-doc/
7October 2013 SMC IEEE conference
http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
8/25
ArchiMate
metamodel
6/16/2014 Presentation Tudor 8
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
9/25
Table of contents
9
• Introduction
• ArchiMate
• Policy concept and trust value
• Policy definition
• ArchiMate specialisation for MAS and with the policy concept
• Policy function of trust
• Case study presentation
• Simulations
• Conclusions
October 2013 SMC IEEE conference
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
10/25
Organizational Policy
Application Policy
10October 2013 SMC IEEE conference
• The set of rules that achieves the organizat ional strategy
• That governs the execution of behaviours which serve the
realization of organizational services
• That are executed by means of processes, which occurs in a specific
context, symbolized by a configuration of the business object
• The set of rules that achieves the appl icat ion strategy
• That governs the execution of behaviours that serve the
realization of application services• That are executed by means of appl icat ions , which occurs in a
specific context, symbolized by a configuration of data ob jects
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
11/25
ArchiMate
metamodel
for MAS
Allows defining:
1. Organizational policy2. Application policy
Policy is defined as a
behavioral rule which is
associated to a concept
from the architecture
11October 2013 SMC IEEE conference
pplication policy
Organisational policy
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
12/25
Policy is a function of the trust
12
• The rules defined by the policy is function of the level of trustthat each agent puts in another.
• To derive the level of trustworthiness the agent exploitsinformation provided by probes.
• The implementation of trust mechanisms are translated into
agent through the concept of Policies called Trust Policies.
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
13/25
Policy and trust value
13
The trust value of a component at an upper level is derived from
sublevels agents.That signifies that, for two given agents A and B, the trust value of agent
B computed by agents A is calculated using the equation adapted
from Guemkam et al. as such:
T AB=OR AB= γDR AB+ (1-γ)(μ1IRi1B+ μ2IRi2B+μ1IRi3B)with μ1+μ2+μ2=1 and 0
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
14/25
Table of contents
14
• Introduction
• ArchiMate
• Policy concept and trust value
• Case study presentation
• Simulations
• Conclusions
October 2013 SMC IEEE conference
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
15/25
Case Study: Electric power distribution
• The ACE Agent’s collects, aggregates and analyses network information andconfirms alerts are sent to the PIE
• The PIE Agent’s receives a confirmed alert from the ACE, set the severity level
and the extent of the network response (depending on the alert layer). The high
level alert messages are transferred to the RDP.
15Septembre 2013 FARES workshop
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
16/25
Example of
ArchiMate
Instanciation of the ACE agent
16
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
17/25
Example of
ArchiMate
Instantiation of all agents
17
Policies
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
18/25
Table of contents
18
• Introduction
• ArchiMate
• Policy concept and trust value
• Case study presentation
• Simulations
• Conclusions
October 2013 SMC IEEE conference
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
19/25
Simulation / Environment
We have simulated a heterogeneous network of ACE and PIE
agents running the reputation model.
The framework used for the test environment has been developed
in JAVA and simulate MAS network in a graphical environment.
Each created agent is deployed and is only connected to a central
supervisor (Composed of an Agent Manager and a Graph
Supervisor ) that gives him the list of his neighbors depending
of his location on the network with a maximum edge size
between agents.
19
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
20/25
Simulation Protocole
The protocol used asks ACE agents to send a message containing
the collected data from the probe to the nearest PIE every five
seconds.
Test environment represents a city of 50x50km with a maximum of
5 kilometers connection distance between agents.Simulations have been running several times during 120 seconds
with different load of malicious agents, respectively 10%, 50%
and 90%.
20
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
21/25
Simulation results
For each load of malicious agents in the network we have collectedthe trust table of the same PIE agent, representing his perception
of his neighbors ACE
As the percentage of malicious growth, the threshold evolvesaccording to the reputation.
Depending on the connection amongst the agent, the reputation
increases, decreases or fluctuates
21
Malicious percentage
10%
50%
90%
ACE Rep ACE Rep ACE Rep
A73 0.8 A73 0.75 A73 0.62 A71
0.86
A71
0.87
A71
0.81
A80
0.69
A80
0.55
A80
0.15
A45 0.72 A45 0.98 A45 0.76
A55 0.91 A55 0.93 A55 0.9 A56
0.93
A56
0.0
A56
0.36
A66 0.82 A66 0.85 A66 0.72
A32 0.8 A32 0.81 A32 0.44 A35
0.84
A35
0.92
A35
0.99
A0 0.73 A0 0.71 A0 0.66
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
22/25
Table of contents
22
• Introduction
• ArchiMate
• Policy concept and trust value
• Case study presentation
• Simulations
• Conclusions
October 2013 SMC IEEE conference
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
23/25
Conclusions
We have elaborated a specialisation of ArchiMate ® for MASpurpose to enrich the agents society collaborations
An trust based policy has been introduced and described to
enhance the modelling of the agent evolution in its
environment
Finally, we have simulated a heterogeneous network of ACE andPIE agents running the reputation model with different load of
malicious agents.
As future works, additional validations are expected in the next
months on larger scale infrastructures. In parallel, a supporting
tool is being developed.
23October 2013 SMC IEEE conference
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
24/25
Acknowledgments
The research described in this paper is funded by the
CockpitCI research project within the 7th frameworkProgramme (FP7) of the European Union (EU) (topic SEC-
2011.2.5-1 – Cyber-attacks against critical infrastructures –
Capability Project).
-
8/16/2019 SINCONF 2013 _ Metamodel for Reputation Based Agents System – Case Study for Electrical Distribution SCADA Design
25/25
Thank you for your attention !
Any questions ?