CDL - Making Sound Design Decisions using Quantitative Security Metrics
CISE Distinguished Lecture (CDL)
February 15, 2012 10:00 AM
February 15, 2012 11:00 AM
Making sound security decisions when designing, operating, and maintaining a complex system, such as the power grid cyber infrastructure, is a challenging task. Analysts need to be able to understand and predict how different factors affect the overall system security. To provide insight on system security and aid decision-makers, we propose the ADversary VIew Security Evaluation (ADVISE) method to quantitatively evaluate the strength of a system's security. Our approach is to create an executable state-based security model of a system.
This talk describes the system and adversary characterization data that are collected as input for the executable model. It also describes the simulation algorithms for adversary attack behavior and the computation for the probability that an attack attempt is successful. A power grid distribution-side case study illustrates how to analyze system security using the ADVISE method. A tool is currently under development to facilitate automatic model generation and simulation. The ADVISE method aggregates security-relevant information about a system and its adversaries to produce a quantitative security analysis useful for holistic system security decisions.
William H. Sanders is a Donald Biggar Willett Professor of Engineering and the Director of the Coordinated Science Laboratory at the University of Illinois at Urbana-Champaign. He is a Fellow of the IEEE and the ACM, a past Chair of the IEEE Technical Committee on Fault-Tolerant Computing, and past Vice-Chair of the IFIP Working Group 10.4 on Dependable Computing. Dr. Sanders's research interests include secure and dependable computing and security and dependability metrics and evaluation, with a focus on critical infrastructures. He is currently the Director and PI of the DOE/DHS Trustworthy Cyber Infra-structure for the Power Grid (TCIPG) Center. He is also a member of the NIST Smart Grid Advisory Committee.
To Join the Webinar:
The Webinar will be held from 10:00-11:00am EST on February 15, 2012 in Room 110.
To attend virtually, please register by February 14, 23:59 PDT at: https://mmancusa.webex.com/mmancusa/j.php?ED=177656327&RG=1&UID=0&RT=MiMxMQ%3D%3D
After your registration is accepted, you will get an email with a URL to join the meeting. Please be sure to join a few minutes before the start of the webinar. This system does not establish a voice connection on your computer; instead, your acceptance message will have a toll-free phone number that you will be prompted to call after joining. Please note that this registration is a manual process; therefore, do not expect an immediate acceptance. In the event the number of requests exceeds the capacity, some requests may have to be denied.
This event is part of Webinars/Webcasts.
Cynthia A. Jackson, (703) 292-5375, email: email@example.com
NSF Related Organizations
Directorate for Computer and Information Science and Engineering