Using simulation to engineer cybersecurity requirements

Authors:
James Nutaro;Glenn Allgood;Teja Kuruganti;Darren Highfill
Affiliations:
Oak Ridge National Laboratory, Oak Ridge, Tennessee;Oak Ridge National Laboratory, Oak Ridge, Tennessee;Oak Ridge National Laboratory, Oak Ridge, Tennessee;UtiliSec, Oak Ridge, Tennessee
Venue:
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Year:
2013

Citing 4
Cited 0

Theory of Modeling and Simulation

Theory of Modeling and Simulation
Building Software for Simulation: Theory and Algorithms, with Applications in C++

Building Software for Simulation: Theory and Algorithms, with Applications in C++
Of passwords and people: measuring the effect of password-composition policies

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Why software fails [software failure]

IEEE Spectrum

Quantified Score

Hi-index	0.00

Visualization

Abstract

When large software projects fail, it is often because of inappropriate, misunderstood, or poorly conceived requirements. When a project is successful, the cost of building the system can be exceeded by the cost of correcting problems discovered after delivery. This is particularly true of cybersecurity problems, which are typically discovered after a system has been put into operation. By addressing cybersecurity in a system's requirements - at the beginning of the system lifecycle - the total cost of the system can be substantially reduced. In this paper, we discuss the role that modeling and simulation may play in the construction of appropriate and clearly articulated requirements for cybersecurity in complex software systems.