Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles

Grunske, Lars and Joyce, David (2008) Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles. Journal of Systems and Software, 81 8: 1327-1345. doi:10.1016/j.jss.2007.11.716


Author Grunske, Lars
Joyce, David
Title Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles
Journal name Journal of Systems and Software   Check publisher's open access policy
ISSN 0164-1212
1873-1228
Publication date 2008-08
Sub-type Article (original research)
DOI 10.1016/j.jss.2007.11.716
Volume 81
Issue 8
Start page 1327
End page 1345
Total pages 19
Place of publication New York, NY, United States
Publisher Elsevier
Language eng
Abstract Systems and software architects require quantitative dependability evaluations, which allow them to compare the effect of their design decisions on dependability properties. For security, however, quantitative evaluations have proven difficult, especially for component based systems. In this paper, we present a risk-based approach that creates modular attack trees for each component in the system. These modular attack trees are specified as parametric constraints, which allow quantifying the probability of security breaches that occur due to internal component vulnerabilities as well as vulnerabilities in the component’s deployment environment. In the second case, attack probabilities are passed between system components as appropriate to model attacks that exploit vulnerabilities in multiple system components. The probability of a successful attack is determined with respect to a set of attack profiles that are chosen to represent potential attackers and corresponding environmental conditions. Based on these attack probabilities and the structure of the modular attack trees, risk measures can be estimated for the complete system and compared with the tolerable risk demanded by stakeholders. The practicability of this approach is demonstrated with an example that evaluates the confidentiality of a distributed document management system.
Keyword Model-driven security evaluation
SysML
Parametric constraints
Risk
Confidentiality
Composability
Secrecy
Privacy
Component-based systems engineering
Quantitative evaluation
Q-Index Code C1
Q-Index Status Provisional Code
Institutional Status UQ

Document type: Journal Article
Sub-type: Article (original research)
Collection: School of Information Technology and Electrical Engineering Publications
 
Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 20 times in Thomson Reuters Web of Science Article | Citations
Scopus Citation Count Cited 28 times in Scopus Article | Citations
Google Scholar Search Google Scholar
Created: Thu, 03 Sep 2009, 09:38:07 EST by Mr Andrew Martlew on behalf of School of Information Technol and Elec Engineering