PCAST Initiating Working Group on Cyber-Physical Resilience
Building Resilience to Failure, Disruption and Degradation for Critical Infrastructure
As our world becomes more digitized, we face rising challenges with the resilience of increasingly interconnected digital and physical systems across our businesses, public services, critical infrastructure, and government institutions. The tightly coupled inter-dependencies among physical and digital components in systems can lead to high levels of “brittleness,” when even minor disruptions lead to wide-scale and unpredictable effects.
The digitization of all aspects of society has made us all dependent on complex and often fragile cyber-physical systems that can easily break down or suffer from cyber-attacks, software glitches, supply chain problems, mechanical failures, natural disasters, or other disruptions. These breakdowns or attacks can have serious and unpredictable consequences for many sectors, such as banking, energy, transportation, and health care.
Events or attacks in one part of one system can have ripple effects leading to banking outages, oil pipeline failures, ground-stops of whole fleets of aircraft, and disruption of medical facilities with devastating outcomes, to name just a few possibilities. In each situation, the common response to failures or rising concerns is often to try and make specific components more reliable, better defended, and more tightly regulated in the hope that system-wide resilience improves. (For instance, a focus of attention might be to patch cyber-hacking vulnerability or to provide backup power capabilities.) Paradoxically, this is often only temporarily helpful because more dependencies are created around specific components that people now think are more trustworthy. Unfortunately, deeper reliance on one component often decreases system-wide resilience, and for each subsequent attack or failure, our answer is to “turn the screw” even harder by reinforcing the last element that failed. As a result, we are creating an increasingly fragile society where the overall systems we rely on can become ever more brittle.
We need a different approach, not just to defend ourselves from cyber-attacks and failures, but to presume that attacks will always get through and that failures of components are unavoidable. We need to be resilient in the face of attacks and failures so we can withstand or recover quickly. This needs a fundamental re-imagining based on taking a holistic, systems-thinking approach.
The President’s Council of Advisors on Science and Technology (PCAST) has created a working group on cyber-physical resilience with the intent of consulting experts from across the public and private sectors, and academia. We will seek to amplify or rapidly advance existing ideas and efforts as well as to develop new approaches to this problem.
This working group is made up of several PCAST members and other leading experts on this topic. Over approximately the next six months, the group will be consulting numerous organizations and experts to formulate recommendations to the president. Our engagement will include leads on cyber-resilience at organizations like NIST, MITRE, DARPA, and DHS.
However, we recognize that people from many different areas, more than we can possibly directly consult, may have valuable perspectives to contribute to this work. So, we are inviting submissions into our deliberation. These could take the form of new ideas, existing ideas, methods, or projects you think could advance our cyber-physical resilience. It could even take the form of removing or adjusting existing practices that are decreasing our natural resilience. We would appreciate the submissions to be concise and not proprietary or otherwise inappropriate for public disclosure.
We don’t want to unduly limit what ideas should be submitted but we are particularly interested in thoughts and potential highly actionable recommendations on:
- Recovery and survivability in the face of attacks and events.
- Approaches to assure continuity of operations in degraded states.
- Mechanisms to measure and assess modularity and limitations of scope or costliness of failures.
- Incentives to balance efficiency which can reduce resilience vs. the investment needed to maintain sufficient resilience.
- Out-of-band or systems-independent means of assuring physical control in the event of digital failures.
- Methodologies and standards to encourage resilient systems design and adoption.
Several interesting lines of reasoning and directions are captured in the CNAS report, “Surviving on a Diet of Poisoned Fruit.”
Please send your ideas to: firstname.lastname@example.org with “Cyber-Physical Resilience” in the subject line.
Unfortunately, we cannot commit to corresponding on all submissions, but we may invite contributors to present their ideas to the working group as part of our evolving process to develop recommendations.
Thank you in advance for your ideas.
Working Group Co-Leads:
Eric Horvitz & Phil Venables
Working Group Members:
Jon Levin, Bill Press, Vicki Sato, Lisa Su, & Kathy Sullivan