Anna 1

Anna Gogacz

Professor ________________

[Course Name]

1 December 2020

Resilience of Cyber-Physical Systems (CPS)

Cyber resilience is a broad field that refers to an organization’s ability to continuously

deliver robust cybersecurity responses and mitigate damage to systems, processes and

reputations arising from adverse cyber events such as the destruction of critical hardware, third-

party cyber attacks and compromisation of digital systems. This paper will discuss a case study

on the resilience of cyber-physical systems, and outline the preventative, detective and corrective

controls embedded in the case study organization’s cyber-physical systems. The Department of

Homeland Security’s Cybersecurity and Infrastructure Security Agency and their plans and

responses to cybersecurity threats during the 2020 U.S. election will be analyzed based on their

published interviews, tweets, web sites, cybersecurity documents and charts.

The Department of Homeland Security’s Cybersecurity and Infrastructure Security

Agency was under significant pressure during the 2020 U.S. presidential elections, given the past

precedent of foreign electoral interference by third parties allegedly linked to President Trump,

and the allegations in 2020 of widespread voter fraud and illegal balloting by President Trump,

voter disinformation efforts by international actors and third parties, as well as public discourse

on the potential breach of electoral integrity through cyber-attacks.

 Anna 2

In light of such a politicised context, it was crucial that the Department of Homeland

Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA) ensured adequate

cyber and physical infrastructure resilience to preserve the integrity of the U.S. presidential

elections and support the public good. In 2020, DHS CISA performed an admirable job of

ensuring the resilience of their cyber-physical systems in four key areas: cybersecurity election

infrastructure, routine digital infrastructure audits, self-help security resource tools, and social

media and public relations communications. These helped to build stakeholder capacity to

promote key security practices, enable stakeholders to conduct cyber-physical resiliency

assessments, and facilitated information sharing and swift corrective actions to thwart threats to

system security and resiliency (Norden 126).

Foremost, the DHS CISA had successfully performed an extensive upgrade of their

digital election infrastructure in terms of voter registration databases, IT counting, auditing and

display infrastructure, post-election reporting algorithms and information pipelines, voting

infrastructure, storage facilities and mail-in ballot counting systems, and had actively

collaborated with key stakeholders, such as state and local regulators, election officials, federal

audit partners and vendors to manage the risk downsides from cybersecurity attacks (Norden

126). The DHS CISA had also conducted detection, prevention, and cybersecurity diagnostic

assessment audits to ensure that its election infrastructure and cyber-physical systems remained

resilient (Norden 126).

 Anna 3

The DHS CISA had also invested heavily in routine digital infrastructure audits ahead of

the election with key cybersecurity partners such as Norton Lifelock and McAfee, to secure their

systems against potential third-party threats (Norden 126). Measures such as pre-election digital

infrastructure testing, state certification of voting equipment and audits by multiple stakeholders

also helped to establish strong system resilience against third-party manipulation of vote results,

which withstood criticism and allegations after the election of voter fraud. On a more technical

level, the DHS CISA also implemented techniques such as survivability testing of mobile cyber

physical systems, which showed a high intrusion tolerance and a dynamic voting-based intrusion

detection technique against third-party election infrastructure attacks (Mitchell & Chen, 2011).

Secondly, the DHS CISA published self-help and open source security resource tools

such as an Election Security Resource Library, Election Disinformation Tookit, Guide to

Vulnerability Reporting for Election Administrators, Risk Assessment and Infographic tools for

mail-in voting, and infographics and planning guides for Election Infrastructure Cyber Risk

Management (Dacasco 176). The DHS CISA had also released a Cyber Incident Detection and

Notification Planning Guide for Election Security, which significantly raised the capacity of the

DHS CISA’s employees for cybersecurity resilience. In doing so, the DHS also built on the joint

expertise and collaborative inputs from multiple stakeholders, such as the Election Task Force,

the Countering Foreign Influence Task Force, the Federal Bureau of Investigation, the Central

Intelligence Agency, think tanks, social media companies, federal partners, cybersecurity

contractors and local state and federal authorities to ensure a whole of government approach to

the securing of critical election infrastructure and cyber-physical system resiliency (Dacasco

206).
 Anna 4

The DHS CISA also invested heavily in cybersecurity for social media and public

relations communications. In 2016, the U.S. elections had been marred by controversy due to the

alleged manipulation of social media platforms such as Facebook to spread voter disinformation

and online falsehoods that inflamed tensions and compromised the integrity and security of the

election. In 2020, the DHS CISA thus partnered actively with social media platforms such as

Facebook to install extensive security monitoring algorithms and account verification tools, in

order to ensure that voter misinformation by third parties could not compromise the resilience of

cyber-physical social media systems (Norden 126).

From a public relations perspective, the DHS CISA also released social media and guides

such as Real Fake, a graphic novel that illustrated the dangers from misinformation campaigns,

the #Protect2020 Rumor vs. Reality campaign to dispel election related rumors, and a general

guide for Physical Security of Voting Locations and Election Facilities (DHS CISA, 2020).

Posters such as the Election Security PLanning Snapshot Poster and Election Day Emergency

Response Guide Poster also ensured that local stakeholders and voters were served to the ‘Last

Mile’ in order to mitigate and eliminate risks to electoral security, and to equip local stakeholders

with the skills and knowledge required to ensure cyber-physical system resiliency and security

(Mitchell 2259).

These resources helped to build public confidence in the resilience of cyber-physical

systems linked to the 2020 U.S. elections, and allowed Christopher Krebs, the CISA director, to

actively refute any allegations that the security and integrity of the U.S. elections had been
 Anna 5

undermined, including those by incumbent President Trump, with a statement that there was no

evidence that any voting system across the U.S. deleted, lost or altered votes through third-party

cybersecurity attacks or fraudulent actions (Mitchell 2258).

Strong fundamentals in election infrastructure also helped to ensure the resilience of

electoral cyber-physical systems. For example, election infrastructure was designated as part of

the federal government’s critical infrastructure in 2017, which enabled state and local authorities

to utilise the government’s cybersecurity best practices to improve the resilience of cyber-

physical systems. Furthermore, strong cybersecurity software suites were erected against

potential denial-of-service attacks, election system supply chain attacks and loophole

exploitations, which prevented the compromisation of critical electoral infrastructure. Reforms

were also made to close outdated software and bug disclosure issues for voting machines, which

allowed their vulnerabilities to be closed off to potential attackers, while election workers were

trained to monitor signs of suspicious actions to manipulate election infrastructure and processes.

The above measures by the DHS CISA were strong examples of the preventative,

detective and corrective controls that were deployed during the 2020 U.S. presidential election to

prevent the resilience of cyber-physical systems from being compromised (DHS CISA, 2020).

Foremost, preventative controls such as security audits, upgraded software and closure of

potential loopholes were used to keep errors and irregularities in the U.S. election process from

occurring, with strong firewalls and hardware physical security suites in place to stop potential

third-party attackers (Choate & Robert 130).

 Anna 6

Secondly, election officials were trained to detect errors and irregularities that occurred,

while computer security software was installed across all election registration and voting sites to

ensure that they were scanned for potential malware and intrusion. Finally, corrective controls

were made to file reports and enact disciplinary action for cybersecurity breaches, while voter

registration websites, software suites and voting processes were subjected to software patches to

prevent potential loopholes from being exploited for purposes of electoral fraud or third-party

intrusion and manipulation.

In conclusion, the DHS CISA’s preventative, detective and corrective controls that were

deployed during the 2020 U.S. presidential election prevented the resilience of cyber-physical

systems linked to the election from being compromised. The DHS CISA”s approach ensured a

secure and resilient election that adopted a highly vigilant, trustworthy and transparent approach

to secure election infrastructure in 2020.

 Anna 7

References

Baker, Jones Smith, et al. Cybersecurity in the U.S. Elections: A HIstory. OUP, 2017.

Choate, Judd, and Robert Smith. Election Cybersecurity: The Future of Election Administration.

Palgrave Macmillan, 2020.

Dacasco, Albert Clarence. Cybersecurity in Critical Elections Infrastructure: A Primer.

Columbia UP, 2015.

Mitchell, Romeo. “Survivability analysis of mobile cyber physical systems with voting-based

intrusion detection.” 2011 7th International Wireless Communications and Mobile Computing

Conference, vol. 1, no. 1, pp. 2256-2261, 2020,

https://ieeexplore.ieee.org/abstract/document/5982890/. Accessed 19 November 2020.

National Risk Management: Election Infrastructure Security 2020. DHS CISA, 2020,

https://www.cisa.gov/election-security. Accessed 18 November 2020.

Norden, Lacosta. “A Framework for Election Vendor Oversight”. Brennan Center for Justice,

vol. 98, no. 2, 2019, https://www.brennancenter.org/sites/default/files/2019-

11/2019_10_ElectionVendors.pdf. Accessed 20 November 2020.

 Anna 8

Reveron, Devonshire. “Cybersecurity Convergence: Digital Human and National Security.”

Orbis, vol. 64, no. 4, 2020, 555-570, https://doi.org/10.1016/j.orbis.2020.08.005. Accessed 20

November 2020.