When faced with uncertain budgets and pressure to make good decisions quickly after defense budgets become known, military and civilian decision makers sometimes make use of a prioritized list of assets to defend in a system. Given a prioritized list and a realization of defense budget uncertainty, a decision maker may be inclined to choose to defend as many items from the top of the prioritized list downwards as he or she can afford. Prioritized lists can simplify decision making in uncertain budget environments, but this simplicity comes at the cost of optimality. Requiring the set of defenses to be presented as a prioritized list is equivalent to requiring monotonicity on the sets of defended assets as budgets increase.
Uncertain budgets can refer to either an unknown defense budget, or an unknown attack budget of an adversary, or both. In the unknown defense budget scenario, decisions about which defenses to make to a system may need to be finalized before a defense budget is known. In the unknown attack budget situation, the defenders of a system may have to choose their defenses without any intelligence about the expected number of enemy attacks on a system. In the circumstance of complete budget uncertainty, the analyst knows nothing about the defense budget and the budget of their attacking enemy, but he or she must prioritize which defenses are best for a system.
A nested defense means that for any pair of defender-attacker-defender (DAD) problem instances with different defense and/or attack budgets that the defense chosen with the smaller budget is a subset of the defenses chosen for a larger budget (Nehme & Morton, 2010). Nested defenses are a monotonic sequence of sets. A closely related term is “prioritization’, which is defined as the process of arranging choices in a list by their priority. In the context of the DAD problem, prioritization of defenses is the ability to rank the relative ability of each different defense to positively affect the objective function value against a worst-case attack. Koc and Morton state, “prioritization involves optimally placing activities into a priority list before the uncertainty is revealed, and, after
realizing the uncertainty, making an activity selection consistent with the priority list” (2015, p. 587). An example of a nested defense is a prioritized list of the best defense against any attack, second best defense, and so on. In the real-world problem of infrastructure defense, prioritization is a logical choice for planning against a wide range of possible defense and attack scenarios. “Prioritization is of interest when some problem parameters are random and we must commit to a ranking of the activities before these parameters are realized” (Koc & Morton, 2015, p. 586).
Ranking the relative importance of defenses of a network into a prioritized list may seem to be a natural method for planning to defend a system when faced with uncertain budgets, but it is not optimal most of the time. Savage et al. (2006) refer to the suboptimal nature of prioritized lists as the “risk of ranking.” The authors note that “It is common when choosing a portfolio of capital investment projects to rank them from best to worst, then start at the top of the list and go down until the budget is exhausted. This flies in the face of modern portfolio theory which is based on the interdependence of investments” (2006, p. 22). In the case of the DAD problem, the choice of defenses represents the capital improvement projects mentioned by these authors. A prioritized list can simplify decision making, but it can lead to a suboptimal solution for any particular budget chosen. It is often the case that the one best defense of a system is not included in the set of the two best defenses, and so on. Brown, Carlyle, Salmeron and Wood. found that “a prioritized list of defended assets has a serious flaw… Such a list creates a “preferred set” of “n+1” assets by adding one asset to the preferred size “n’. But, we know that an optimal set of size “n” and an optimal set of size “n+1” may have nothing in common” (2006, p. 531).
While it is known that nested defenses are often suboptimal solutions, an abundance of research on the impacts of requiring nested defenses for bi-level DA models or tri-level DAD models does not exist. “In spite of its common use in practice, prioritization has received little attention in the academic literature.” (Koc & Morton, 2015, p. 587). One discovery is that the requirements for a naturally occurring nested defense in an optimization problem have been determined. Nehme and Morton show “the nestedness property hinges on supermodularity of the objective function and
submodularity of the [constraints]” (2010, sec. 3). However, these authors also conclude that many real-world problems do not exhibit these qualities.
DAD models that include nested defenses with uncertain budget levels is a parametric programming problem. Bertsimas and Tsitsiklis describe parametric programming as a systematic procedure for obtaining objective function values for all values of a parameter (1997, p. 218). As a parametric programming problem, our DAD model places the uncertain parameter on the right hand side of the defense and/or attack budget constraints. When the defense and/or attack budget is uncertain, the analyst takes into account the entire range of budget scenarios in order to find a solution that contains common defenses.
This chapter examines how much of an impact to optimality is incurred when nested defenses are required in a DAD problem instance with unknown defense and/or attack budgets. This chapter does not consider the idea of nested attacks by an adversary. We compare nested defense solutions against the optimal defense solutions to DAD problem instances in order to measure the effects of nesting. We use the DAD minimum cost flow problem formulation as well as the network of Alderson et al. (2015) described in Chapter I to illustrate nested defenses. Procedures to obtain optimal solutions to DAD minimum cost flow problem instances were displayed in Chapter I. In Figure 20, we plot the optimal solutions to the test network DAD problem for different defense and attack budgets. Figure 20, graph ‘a’ depicts the set of optimal solutions of the DAD problem instances for the test network by varying the defense and attack budgets on two axes, and displaying the corresponding optimal objective function value on the third axis. Each green star represents a DAD problem instance of a specific defense budget and attack budget. The optimal objective function values for DAD problem instances are a set of discrete points, since fractional values for defense budgets and attack budgets are meaningless. Figure 20, graph ’b’ depicts objective function value points connected with line segments. The line segments are for the illustrative purpose of enhancing the three dimensional effect of the plot, and are not meant to imply the existence of a continuous surface.
(a) Test Network Optimal Solutions (b) Optimal Solutions and Connecting Lines
Figure 20. Three Dimensional Plots of Test Network Optimal Solutions