The right tool for the job: A case for common input scenarios for security assessment

Xinshu Dong, Sumeet Jauhar, William G. Temple, Binbin Chen, Zbigniew Kalbarczyk, William H. Sanders, Nils Ole Tippenhauer, David M. Nicol

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Motivated by the practical importance of security assessment, researchers have developed numerous model-based methodologies. However, the diversity of different methodologies and tool designs makes it challenging to compare their respective strengths or integrate their results. To make it more conducive to incorporate them for practical assessment tasks, we believe it is critical to establish a common foundation of security assessment inputs to support different methodologies and tools. As the initial effort, this paper presents an open repository of Common Input Scenarios for Security Assessment (CISSA) for different model-based security assessment tools. By proposing a CISSA design framework and constructing six initial scenarios based on real-world incidents, we experimentally show how CISSA can provide new insights and concrete reference points to both security practitioners and tool developers. We have hosted CISSA on a publicly available website, and envision that community effort in building CISSA would significantly advance the scientific and practical values of model-based security assessment.

Original languageEnglish (US)
Title of host publicationGraphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers
EditorsMathias Ekstedt, Barbara Kordy, Dong Seong Kim
PublisherSpringer-Verlag Berlin Heidelberg
Pages39-61
Number of pages23
ISBN (Print)9783319462622
DOIs
StatePublished - Jan 1 2016
Event3rd International Workshop on Graphical Models for Security, GraMSec 2016 - Lisbon, Portugal
Duration: Jun 27 2016Jun 27 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9987 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other3rd International Workshop on Graphical Models for Security, GraMSec 2016
CountryPortugal
CityLisbon
Period6/27/166/27/16

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'The right tool for the job: A case for common input scenarios for security assessment'. Together they form a unique fingerprint.

  • Cite this

    Dong, X., Jauhar, S., Temple, W. G., Chen, B., Kalbarczyk, Z., Sanders, W. H., Tippenhauer, N. O., & Nicol, D. M. (2016). The right tool for the job: A case for common input scenarios for security assessment. In M. Ekstedt, B. Kordy, & D. S. Kim (Eds.), Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers (pp. 39-61). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9987 LNCS). Springer-Verlag Berlin Heidelberg. https://doi.org/10.1007/978-3-319-46263-9_3