TY - GEN
T1 - Go with the flow
T2 - 2013 New Security Paradigms Workshop, NSPW 2013
AU - Chen, Binbin
AU - Kalbarczyk, Zbigniew
AU - Nicol, David M.
AU - Sanders, William H.
AU - Tan, Rui
AU - Temple, William G.
AU - Tippenhauer, Nils Ole
AU - Vu, An Hoa
AU - Yau, David K.Y.
PY - 2013
Y1 - 2013
N2 - In this paper we advocate the use of workow|describing how a system provides its intended functionality|as a pillar of cybersecurity analysis and propose a holistic workflow- oriented assessment framework. While workflow models are currently used in the area of performance and reliability assessment, these approaches are designed neither to assess a system in the presence of an active attacker, nor to assess security aspects such as confidentiality. On the other hand, existing security assessment methods typically focus on modeling the active attacker (e.g., attack graphs), but many rely on restrictive models that are not readily applicable to complex (e.g., cyber-physical or cyber-human) systems. By "going with the flow," our assessment framework can naturally adopt a holistic view of such systems, unifying information about system components, their properties, and possible attacks to argue about a security goal. The argument is expressed in a graph structure, based on inputs from several distinct classes that are integrated in a systematic manner. That rigorous structure allows our approach to provide quantitative assessment in an automated fashion (like reliability assessment tools and attack graphs), while maintaining a broad assessment scope. We demonstrate our security assessment process using the case of Advanced Metering Infrastructure in a smart power grid and obtain quantitative results for system availability and confidentiality
AB - In this paper we advocate the use of workow|describing how a system provides its intended functionality|as a pillar of cybersecurity analysis and propose a holistic workflow- oriented assessment framework. While workflow models are currently used in the area of performance and reliability assessment, these approaches are designed neither to assess a system in the presence of an active attacker, nor to assess security aspects such as confidentiality. On the other hand, existing security assessment methods typically focus on modeling the active attacker (e.g., attack graphs), but many rely on restrictive models that are not readily applicable to complex (e.g., cyber-physical or cyber-human) systems. By "going with the flow," our assessment framework can naturally adopt a holistic view of such systems, unifying information about system components, their properties, and possible attacks to argue about a security goal. The argument is expressed in a graph structure, based on inputs from several distinct classes that are integrated in a systematic manner. That rigorous structure allows our approach to provide quantitative assessment in an automated fashion (like reliability assessment tools and attack graphs), while maintaining a broad assessment scope. We demonstrate our security assessment process using the case of Advanced Metering Infrastructure in a smart power grid and obtain quantitative results for system availability and confidentiality
KW - Argument graph
KW - Complex systems
KW - Security assessment
KW - Security model
KW - Workflow
UR - http://www.scopus.com/inward/record.url?scp=84893034417&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84893034417&partnerID=8YFLogxK
U2 - 10.1145/2535813.2535821
DO - 10.1145/2535813.2535821
M3 - Conference contribution
AN - SCOPUS:84893034417
SN - 9781450325820
T3 - ACM International Conference Proceeding Series
SP - 65
EP - 76
BT - NSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop
Y2 - 9 September 2013 through 12 September 2013
ER -