Implementing the ADVISE security modeling formalism in Möbius

Michael D. Ford, Ken Keefe, Elizabeth Lemay, William H. Sanders, Carol Muehrcke

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The ADversary VIew Security Evaluation (ADVISE) model formalism provides a system security model from the perspective of an adversary. An ADVISE atomic model consists of an attack execution graph (AEG) composed of attack steps, system state variables, and attack goals, as well as an adversary profile that defines the abilities and interests of a particular adversary. The ADVISE formalism has been implemented as a Möbius atomic model formalism in order to leverage the existing set of mature modeling formalisms and solution techniques offered by Möbius. This tool paper explains the ADVISE implementation in Möbius and provides technical details for Möbius users who want to use ADVISE either alone or in combination with other modeling formalisms provided by Möbius.

Original languageEnglish (US)
Title of host publication2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2013
DOIs
StatePublished - Sep 9 2013
Event2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2013 - Budapest, Hungary
Duration: Jun 24 2013Jun 27 2013

Publication series

NameProceedings of the International Conference on Dependable Systems and Networks

Other

Other2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2013
CountryHungary
CityBudapest
Period6/24/136/27/13

Keywords

  • Möbius Atomic Model Formalism
  • Quantitative Security Metrics
  • State-based Security Model

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Ford, M. D., Keefe, K., Lemay, E., Sanders, W. H., & Muehrcke, C. (2013). Implementing the ADVISE security modeling formalism in Möbius. In 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2013 [6575362] (Proceedings of the International Conference on Dependable Systems and Networks). https://doi.org/10.1109/DSN.2013.6575362