TitleAttack-potential-based survivability modeling for high-consequence systems
Publication TypeConference Paper
Year of Publication2005
AuthorsMcDermott, J.
Conference Name3rd International Information Assurance Workshop
Conference LocationCollege Park, Maryland
Abstract

Previous quantitative models of security or survivability have been defined on a range of probable intruder behavior. This measures survivability as a statistic such as mean time to breach. This kind of purely stochastic quantification is not suitable for high-consequence systems. For high-consequence systems the quantified survivability should be based on the most competent intruders the system is likely to face. We show how to accomplish this with a contingency analysis based on variations in intruder attack-potential. The quantitative results are then organized and presented according to intruder attack potential. Examples of the technique are presented using stochastic process algebra. An interesting result for diverse replication is included in the examples.

Full Text

McDermott2005b.pdf

NRL Publication Release Number

04-1226-3437