Open this publication in new window or tab >>2013 (English)In: IEEE Systems Journal, ISSN 1932-8184, E-ISSN 1937-9234, Vol. 7, no 3, p. 363-373Article in journal (Refereed) Published
Abstract [en]
The cyber security modeling language (CySeMoL) is a modeling language for enterprise-level system architectures coupled to a probabilistic inference engine. If the computer systems of an enterprise are modeled with CySeMoL, this inference engine can assess the probability that attacks on the systems will succeed. The theory used for the attack-probability calculations in CySeMoL is a compilation of research results on a number of security domains and covers a range of attacks and countermeasures. The theory has previously been validated on a component level. In this paper, the theory is also validated on a system level. A test indicates that the reasonableness and correctness of CySeMoL assessments compare with the reasonableness and correctness of the assessments of a security professional. CySeMoL's utility has been tested in case studies.
Place, publisher, year, edition, pages
IEEE Press, 2013
Keywords
Computer security, expert systems, risk analysis, supervisory control and data acquisition (SCADA) systems
National Category
Computer Systems
Research subject
FOI-portföljer, Äldre portföljer
Identifiers
urn:nbn:se:trafikverket:diva-12464 (URN)10.1109/JSYST.2012.2221853 (DOI)000321641800003 ()2-s2.0-84880572592 (Scopus ID)
Projects
Säkerhet i industriella styrsystem för kritisk infrastruktur
Funder
Swedish Transport Administration, TRV 2010/92167
2023-12-222023-12-222025-09-04