TY - JOUR
T1 - CyberSAGE
T2 - The cyber security argument graph evaluation tool
AU - Temple, William G.
AU - Wu, Yue
AU - Cheh, Carmen
AU - Li, Yuan
AU - Chen, Binbin
AU - Kalbarczyk, Zbigniew T.
AU - Sanders, William H
AU - Nicol, David
N1 - Publisher Copyright:
© 2022, The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature.
PY - 2023/1
Y1 - 2023/1
N2 - Cyber risk assessment is a critical step in securing the digital systems that support modern society. Typically this is a manual process carried out by consultants or working groups with little or no software support outside of spreadsheet tools. As cybersecurity threats and digital systems themselves become more complex and dynamic, there is a need for greater tool support in the risk assessment process to document and trace assumptions and facilitate the revision or extension of a threat and risk assessment throughout a system’s lifecycle. The Cyber Security Argument Graph Evaluation (CyberSAGE) tool provides a platform for model-based cybersecurity analysis of cyber failure and attack scenarios. It combines models of high-level workflow, system architecture, device properties, attacker capability and skill, to compute holistic, quantitative security metrics. In this paper we describe the models, algorithms, and software architecture of the CyberSAGE tool. To illustrate its application, we describe an assessment carried out on communication systems in two railway lines with the support of an industry partner. Finally, we summarize feedback on the CyberSAGE tool from the railway case study partner, as well as over 40 interviews with practitioners and domain experts and a multinational electronics company who carried out a one year independent evaluation.
AB - Cyber risk assessment is a critical step in securing the digital systems that support modern society. Typically this is a manual process carried out by consultants or working groups with little or no software support outside of spreadsheet tools. As cybersecurity threats and digital systems themselves become more complex and dynamic, there is a need for greater tool support in the risk assessment process to document and trace assumptions and facilitate the revision or extension of a threat and risk assessment throughout a system’s lifecycle. The Cyber Security Argument Graph Evaluation (CyberSAGE) tool provides a platform for model-based cybersecurity analysis of cyber failure and attack scenarios. It combines models of high-level workflow, system architecture, device properties, attacker capability and skill, to compute holistic, quantitative security metrics. In this paper we describe the models, algorithms, and software architecture of the CyberSAGE tool. To illustrate its application, we describe an assessment carried out on communication systems in two railway lines with the support of an industry partner. Finally, we summarize feedback on the CyberSAGE tool from the railway case study partner, as well as over 40 interviews with practitioners and domain experts and a multinational electronics company who carried out a one year independent evaluation.
KW - Attack scenario model
KW - Cybersecurity assessment
KW - Risk assessment
KW - Security argument graph
UR - http://www.scopus.com/inward/record.url?scp=85143826807&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85143826807&partnerID=8YFLogxK
U2 - 10.1007/s10664-021-10056-8
DO - 10.1007/s10664-021-10056-8
M3 - Article
AN - SCOPUS:85143826807
SN - 1382-3256
VL - 28
JO - Empirical Software Engineering
JF - Empirical Software Engineering
IS - 1
M1 - 18
ER -