Towards a unifying approach in understanding security problems
ISSRE'09 Proceedings of the 20th IEEE international conference on software reliability engineering
Hi-index | 0.00 |
This paper includes the conditional probability of security failures given the occurrence of reliability failures. To our knowledge, this is the first research to perform this type of integration of reliability and security. It was necessary for us to use hypothetical but realistic probability distributions and parameters because, unfortunately, cyber attack data is not publicly available. In our model, we calculate error rates between predicted and actual values of reliability and security quantities. We provide a discussion of the policy implications for mitigating reliability and security problems based on model results. Our approach is most applicable to critical infrastructure systems.