Automatic generation of security argument graphs

Nils Ole Tippenhauer, William G. Temple, An Hoa Vu, Binbin Chen, David M. Nicol, Zbigniew Kalbarczyk, William H. Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Graph-based assessment formalisms have proven to be useful in the safety, dependability, and security communities to help stakeholders manage risk and maintain appropriate documentation throughout the system lifecycle. In this paper, we propose a set of methods to automatically construct security argument graphs, a graphical formalism that integrates various security-related information to argue about the security level of a system. Our approach is to generate the graph in a progressive manner by exploiting logical relationships among pieces of diverse input information. Using those emergent argument patterns as a starting point, we define a set of extension templates that can be applied iteratively to grow a security argument graph. Using a scenario from the electric power sector, we demonstrate the graph generation process and highlight its application for system security evaluation in our prototype software tool, Cyber SAGE.

Original languageEnglish (US)
Title of host publicationProceedings - 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014
PublisherIEEE Computer Society
Pages33-42
Number of pages10
ISBN (Electronic)9781479964741
DOIs
StatePublished - Dec 3 2014
Event20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014 - Singapore, Singapore
Duration: Nov 19 2014Nov 21 2014

Publication series

NameProceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC
ISSN (Print)1541-0110

Other

Other20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014
CountrySingapore
CitySingapore
Period11/19/1411/21/14

Fingerprint

Security systems

Keywords

  • Security argument graph
  • argument patterns
  • automatic graph generation
  • extension templates
  • security assessment

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Science Applications
  • Hardware and Architecture
  • Software

Cite this

Tippenhauer, N. O., Temple, W. G., Vu, A. H., Chen, B., Nicol, D. M., Kalbarczyk, Z., & Sanders, W. H. (2014). Automatic generation of security argument graphs. In Proceedings - 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014 (pp. 33-42). [6974749] (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC). IEEE Computer Society. https://doi.org/10.1109/PRDC.2014.13

Automatic generation of security argument graphs. / Tippenhauer, Nils Ole; Temple, William G.; Vu, An Hoa; Chen, Binbin; Nicol, David M.; Kalbarczyk, Zbigniew; Sanders, William H.

Proceedings - 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014. IEEE Computer Society, 2014. p. 33-42 6974749 (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Tippenhauer, NO, Temple, WG, Vu, AH, Chen, B, Nicol, DM, Kalbarczyk, Z & Sanders, WH 2014, Automatic generation of security argument graphs. in Proceedings - 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014., 6974749, Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC, IEEE Computer Society, pp. 33-42, 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014, Singapore, Singapore, 11/19/14. https://doi.org/10.1109/PRDC.2014.13
Tippenhauer NO, Temple WG, Vu AH, Chen B, Nicol DM, Kalbarczyk Z et al. Automatic generation of security argument graphs. In Proceedings - 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014. IEEE Computer Society. 2014. p. 33-42. 6974749. (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC). https://doi.org/10.1109/PRDC.2014.13
Tippenhauer, Nils Ole ; Temple, William G. ; Vu, An Hoa ; Chen, Binbin ; Nicol, David M. ; Kalbarczyk, Zbigniew ; Sanders, William H. / Automatic generation of security argument graphs. Proceedings - 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014. IEEE Computer Society, 2014. pp. 33-42 (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC).
@inproceedings{df99c0fdf07649e2996e8f59c82f6d57,
title = "Automatic generation of security argument graphs",
abstract = "Graph-based assessment formalisms have proven to be useful in the safety, dependability, and security communities to help stakeholders manage risk and maintain appropriate documentation throughout the system lifecycle. In this paper, we propose a set of methods to automatically construct security argument graphs, a graphical formalism that integrates various security-related information to argue about the security level of a system. Our approach is to generate the graph in a progressive manner by exploiting logical relationships among pieces of diverse input information. Using those emergent argument patterns as a starting point, we define a set of extension templates that can be applied iteratively to grow a security argument graph. Using a scenario from the electric power sector, we demonstrate the graph generation process and highlight its application for system security evaluation in our prototype software tool, Cyber SAGE.",
keywords = "Security argument graph, argument patterns, automatic graph generation, extension templates, security assessment",
author = "Tippenhauer, {Nils Ole} and Temple, {William G.} and Vu, {An Hoa} and Binbin Chen and Nicol, {David M.} and Zbigniew Kalbarczyk and Sanders, {William H.}",
year = "2014",
month = "12",
day = "3",
doi = "10.1109/PRDC.2014.13",
language = "English (US)",
series = "Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC",
publisher = "IEEE Computer Society",
pages = "33--42",
booktitle = "Proceedings - 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014",

}

TY - GEN

T1 - Automatic generation of security argument graphs

AU - Tippenhauer, Nils Ole

AU - Temple, William G.

AU - Vu, An Hoa

AU - Chen, Binbin

AU - Nicol, David M.

AU - Kalbarczyk, Zbigniew

AU - Sanders, William H.

PY - 2014/12/3

Y1 - 2014/12/3

N2 - Graph-based assessment formalisms have proven to be useful in the safety, dependability, and security communities to help stakeholders manage risk and maintain appropriate documentation throughout the system lifecycle. In this paper, we propose a set of methods to automatically construct security argument graphs, a graphical formalism that integrates various security-related information to argue about the security level of a system. Our approach is to generate the graph in a progressive manner by exploiting logical relationships among pieces of diverse input information. Using those emergent argument patterns as a starting point, we define a set of extension templates that can be applied iteratively to grow a security argument graph. Using a scenario from the electric power sector, we demonstrate the graph generation process and highlight its application for system security evaluation in our prototype software tool, Cyber SAGE.

AB - Graph-based assessment formalisms have proven to be useful in the safety, dependability, and security communities to help stakeholders manage risk and maintain appropriate documentation throughout the system lifecycle. In this paper, we propose a set of methods to automatically construct security argument graphs, a graphical formalism that integrates various security-related information to argue about the security level of a system. Our approach is to generate the graph in a progressive manner by exploiting logical relationships among pieces of diverse input information. Using those emergent argument patterns as a starting point, we define a set of extension templates that can be applied iteratively to grow a security argument graph. Using a scenario from the electric power sector, we demonstrate the graph generation process and highlight its application for system security evaluation in our prototype software tool, Cyber SAGE.

KW - Security argument graph

KW - argument patterns

KW - automatic graph generation

KW - extension templates

KW - security assessment

UR - http://www.scopus.com/inward/record.url?scp=84919473767&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84919473767&partnerID=8YFLogxK

U2 - 10.1109/PRDC.2014.13

DO - 10.1109/PRDC.2014.13

M3 - Conference contribution

AN - SCOPUS:84919473767

T3 - Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC

SP - 33

EP - 42

BT - Proceedings - 20th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2014

PB - IEEE Computer Society

ER -