The right tool for the job: A case for common input scenarios for security assessment

Xinshu Dong, Sumeet Jauhar, William G. Temple, Binbin Chen, Zbigniew Kalbarczyk, William H. Sanders, Nils Ole Tippenhauer, David M. Nicol

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Motivated by the practical importance of security assessment, researchers have developed numerous model-based methodologies. However, the diversity of different methodologies and tool designs makes it challenging to compare their respective strengths or integrate their results. To make it more conducive to incorporate them for practical assessment tasks, we believe it is critical to establish a common foundation of security assessment inputs to support different methodologies and tools. As the initial effort, this paper presents an open repository of Common Input Scenarios for Security Assessment (CISSA) for different model-based security assessment tools. By proposing a CISSA design framework and constructing six initial scenarios based on real-world incidents, we experimentally show how CISSA can provide new insights and concrete reference points to both security practitioners and tool developers. We have hosted CISSA on a publicly available website, and envision that community effort in building CISSA would significantly advance the scientific and practical values of model-based security assessment.

Original languageEnglish (US)
Title of host publicationGraphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers
EditorsMathias Ekstedt, Barbara Kordy, Dong Seong Kim
PublisherSpringer-Verlag
Pages39-61
Number of pages23
ISBN (Print)9783319462622
DOIs
StatePublished - Jan 1 2016
Event3rd International Workshop on Graphical Models for Security, GraMSec 2016 - Lisbon, Portugal
Duration: Jun 27 2016Jun 27 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9987 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other3rd International Workshop on Graphical Models for Security, GraMSec 2016
CountryPortugal
CityLisbon
Period6/27/166/27/16

Fingerprint

Scenarios
Websites
Model-based
Concretes
Methodology
Reference Point
Repository
Integrate

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Dong, X., Jauhar, S., Temple, W. G., Chen, B., Kalbarczyk, Z., Sanders, W. H., ... Nicol, D. M. (2016). The right tool for the job: A case for common input scenarios for security assessment. In M. Ekstedt, B. Kordy, & D. S. Kim (Eds.), Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers (pp. 39-61). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9987 LNCS). Springer-Verlag. https://doi.org/10.1007/978-3-319-46263-9_3

The right tool for the job : A case for common input scenarios for security assessment. / Dong, Xinshu; Jauhar, Sumeet; Temple, William G.; Chen, Binbin; Kalbarczyk, Zbigniew; Sanders, William H.; Tippenhauer, Nils Ole; Nicol, David M.

Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers. ed. / Mathias Ekstedt; Barbara Kordy; Dong Seong Kim. Springer-Verlag, 2016. p. 39-61 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9987 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Dong, X, Jauhar, S, Temple, WG, Chen, B, Kalbarczyk, Z, Sanders, WH, Tippenhauer, NO & Nicol, DM 2016, The right tool for the job: A case for common input scenarios for security assessment. in M Ekstedt, B Kordy & DS Kim (eds), Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9987 LNCS, Springer-Verlag, pp. 39-61, 3rd International Workshop on Graphical Models for Security, GraMSec 2016, Lisbon, Portugal, 6/27/16. https://doi.org/10.1007/978-3-319-46263-9_3
Dong X, Jauhar S, Temple WG, Chen B, Kalbarczyk Z, Sanders WH et al. The right tool for the job: A case for common input scenarios for security assessment. In Ekstedt M, Kordy B, Kim DS, editors, Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers. Springer-Verlag. 2016. p. 39-61. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-46263-9_3
Dong, Xinshu ; Jauhar, Sumeet ; Temple, William G. ; Chen, Binbin ; Kalbarczyk, Zbigniew ; Sanders, William H. ; Tippenhauer, Nils Ole ; Nicol, David M. / The right tool for the job : A case for common input scenarios for security assessment. Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers. editor / Mathias Ekstedt ; Barbara Kordy ; Dong Seong Kim. Springer-Verlag, 2016. pp. 39-61 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{8dedce0e4a8b4dea8c378eee1fc2c48f,
title = "The right tool for the job: A case for common input scenarios for security assessment",
abstract = "Motivated by the practical importance of security assessment, researchers have developed numerous model-based methodologies. However, the diversity of different methodologies and tool designs makes it challenging to compare their respective strengths or integrate their results. To make it more conducive to incorporate them for practical assessment tasks, we believe it is critical to establish a common foundation of security assessment inputs to support different methodologies and tools. As the initial effort, this paper presents an open repository of Common Input Scenarios for Security Assessment (CISSA) for different model-based security assessment tools. By proposing a CISSA design framework and constructing six initial scenarios based on real-world incidents, we experimentally show how CISSA can provide new insights and concrete reference points to both security practitioners and tool developers. We have hosted CISSA on a publicly available website, and envision that community effort in building CISSA would significantly advance the scientific and practical values of model-based security assessment.",
author = "Xinshu Dong and Sumeet Jauhar and Temple, {William G.} and Binbin Chen and Zbigniew Kalbarczyk and Sanders, {William H.} and Tippenhauer, {Nils Ole} and Nicol, {David M.}",
year = "2016",
month = "1",
day = "1",
doi = "10.1007/978-3-319-46263-9_3",
language = "English (US)",
isbn = "9783319462622",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer-Verlag",
pages = "39--61",
editor = "Mathias Ekstedt and Barbara Kordy and Kim, {Dong Seong}",
booktitle = "Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers",

}

TY - GEN

T1 - The right tool for the job

T2 - A case for common input scenarios for security assessment

AU - Dong, Xinshu

AU - Jauhar, Sumeet

AU - Temple, William G.

AU - Chen, Binbin

AU - Kalbarczyk, Zbigniew

AU - Sanders, William H.

AU - Tippenhauer, Nils Ole

AU - Nicol, David M.

PY - 2016/1/1

Y1 - 2016/1/1

N2 - Motivated by the practical importance of security assessment, researchers have developed numerous model-based methodologies. However, the diversity of different methodologies and tool designs makes it challenging to compare their respective strengths or integrate their results. To make it more conducive to incorporate them for practical assessment tasks, we believe it is critical to establish a common foundation of security assessment inputs to support different methodologies and tools. As the initial effort, this paper presents an open repository of Common Input Scenarios for Security Assessment (CISSA) for different model-based security assessment tools. By proposing a CISSA design framework and constructing six initial scenarios based on real-world incidents, we experimentally show how CISSA can provide new insights and concrete reference points to both security practitioners and tool developers. We have hosted CISSA on a publicly available website, and envision that community effort in building CISSA would significantly advance the scientific and practical values of model-based security assessment.

AB - Motivated by the practical importance of security assessment, researchers have developed numerous model-based methodologies. However, the diversity of different methodologies and tool designs makes it challenging to compare their respective strengths or integrate their results. To make it more conducive to incorporate them for practical assessment tasks, we believe it is critical to establish a common foundation of security assessment inputs to support different methodologies and tools. As the initial effort, this paper presents an open repository of Common Input Scenarios for Security Assessment (CISSA) for different model-based security assessment tools. By proposing a CISSA design framework and constructing six initial scenarios based on real-world incidents, we experimentally show how CISSA can provide new insights and concrete reference points to both security practitioners and tool developers. We have hosted CISSA on a publicly available website, and envision that community effort in building CISSA would significantly advance the scientific and practical values of model-based security assessment.

UR - http://www.scopus.com/inward/record.url?scp=84988472412&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84988472412&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-46263-9_3

DO - 10.1007/978-3-319-46263-9_3

M3 - Conference contribution

AN - SCOPUS:84988472412

SN - 9783319462622

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 39

EP - 61

BT - Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers

A2 - Ekstedt, Mathias

A2 - Kordy, Barbara

A2 - Kim, Dong Seong

PB - Springer-Verlag

ER -