The multiple-asymmetric-utility system model: A framework for modeling cyber-human systems

Douglas Eskins, William H Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Traditional cyber security modeling approaches either do not explicitly consider system participants or assume a fixed set of participant behaviors that are independent of the system. Increasingly, accumulated cyber security data indicate that system participants can play an important role in the creation or elimination of cyber security vulnerabilities. Thus, there is a need for cyber security analysis tools that take into account the actions and decisions of human participants. In this paper, we present a modeling approach for quantifying how participant decisions can affect system security. Specifically, we introduce a definition of a cyber-human system (CHS) and its elements, the opportunity-willingness-capability (OWC) ontology for classifying CHS elements with respect to system tasks, the human decision point (HDP) as a first-class system model element, and the multiple-asymmetric-utility system modeling framework for evaluating the effects of HDPs on a CHS. This modeling approach provides a structured and quantitative means of analyzing cyber security problems whose outcomes are influenced by human-system interactions.

Original languageEnglish (US)
Title of host publicationProceedings of the 2011 8th International Conference on Quantitative Evaluation of Systems, QEST 2011
Pages233-242
Number of pages10
DOIs
StatePublished - Nov 2 2011
Event2011 8th International Conference on Quantitative Evaluation of Systems, QEST 2011 - Aachen, Germany
Duration: Sep 5 2011Sep 8 2011

Publication series

NameProceedings of the 2011 8th International Conference on Quantitative Evaluation of Systems, QEST 2011

Other

Other2011 8th International Conference on Quantitative Evaluation of Systems, QEST 2011
Country/TerritoryGermany
CityAachen
Period9/5/119/8/11

Keywords

  • Cyber-Human Systems
  • Human Decision Points
  • Quantitative Security Model
  • State-based Security Model

ASJC Scopus subject areas

  • Computer Science Applications
  • Control and Systems Engineering

Fingerprint

Dive into the research topics of 'The multiple-asymmetric-utility system model: A framework for modeling cyber-human systems'. Together they form a unique fingerprint.

Cite this