Computer related risks
Secure computing: threats and safeguards
Secure computing: threats and safeguards
Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System
HICSS '06 Proceedings of the 39th Annual Hawaii International Conference on System Sciences - Volume 09
A scalable approach to attack graph generation
Proceedings of the 13th ACM conference on Computer and communications security
Deception used for cyber defense of control systems
HSI'09 Proceedings of the 2nd conference on Human System Interactions
Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Relationships between information security metrics: an empirical study
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Hi-index | 0.00 |
Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.