CRISIS: Knowledge Graph Based Cyber Resilience Integrated Security Inspection System

Modern US Navy ships and submarines are configured with an ever-increasing level of automation, including state-of-the-art embedded wireless sensors that monitor vital system functions. However, sensor nodes have the potential to serve as targets for cybersecurity attacks or be susceptible to corruption through accidental or malicious events. To address these shortfalls and minimize vulnerabilities of CBM+ systems, we propose to develop an integrated approach that includes both data-driven and model-based techniques to build a flexible and extensible cybersecurity layer incorporated into the CBMS for enhanced cyber resiliency. A cost-effective Cyber Resilience Integrated Security Inspection System (CRISIS) is proposed based on the Knowledge Graph (KG) and Deep Learning (DL) framework, which consists of three layers: input layer, knowledge layer, and reasoning layer. Input layer collects and processes dynamic knowledge to extract features based on condition-symptom relationships of machinery components and integrated system models. Knowledge layer develops a 2-levels low dynamic cyber resilience model (DeepDefense) with ML techniques and build a cybersecurity KG database. Reasoning layer implements the diagnostic and prognostic algorithms to derive a list of corresponding prioritized recommended attack detection and mitigation actions. A digital twin testbed is developed to create virtual models to support real-time system-aware cyber resilience monitoring.