Abstract
This paper addresses quantifying security risks associated with data assets within design models of embedded systems. Attack and system behaviours are modelled as time-dependent stochastic processes. The presence of the time dimension allows accounting for dynamic aspects of potential attacks and a system: the probability of a successful attack changes as time progresses; and a system possesses different data assets as its execution unfolds. These models are used to quantify two important attributes of security: confidentiality and integrity. In particular, likelihood/consequence-based measures of confidentiality and integrity losses are proposed to characterise security risks to data assets. In our method, we consider attack and system behaviours as two separate models that are later elegantly combined for security analysis. This promotes knowledge reuse and avoids adding extra complexity in the system design process. We demonstrate the effectiveness of the proposed method and metrics on smart metering devices.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The term, however, was coined by Schneier.
- 2.
We use the term “tuple” as a finite ordered list (a sequence) of elements. Each element is addressed by its name in this paper.
References
CCTA Risk Analysis and Management Method. www.cramm.com, October 2013
The SecFutur project: Design of Secure and Energy-efficient Embedded Systems for Future Internet Application. http://www.secfutur.eu
IEC/ISO 31010 - Risk Management - Risk Assessment Techniques (2009)
DHS Risk Lexicon. Technical report, DHS Risk Steering Committee (2010)
Almasizadeh, J., Azgomi, M.A.: A stochastic model of attack process for the evaluation of security metrics. J. Compt. Networks 57(10), 2159–2180 (2013). (Elsevier)
Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 285–305. Springer, Heidelberg (2014)
Bilge, L., Dumitras, T.: Before we knew it: an empirical study of zero-day attacks in the real world. In: ACM Conference on Computer and Communications Security (2012)
Ciardo, G., German, R., Lindemann, C.: A characterization of the stochastic process underlying a stochastic Petri net. IEEE Trans. Softw. Eng. 20(7), 506–515 (1994)
Flammini, F., Marrone, S., Mazzocca, N., Vittorini, V.: Petri net modelling of physical vulnerability. In: Bologna, S., Hämmerli, B., Gritzalis, D., Wolthusen, S. (eds.) CRITIS 2011. LNCS, vol. 6983, pp. 128–139. Springer, Heidelberg (2013)
Hastie, T., Tibshirani, R., Friedman, J.: The Elements of Statistical Learning: Data Mining, Inference, and Prediction. Springer, New York (2009)
Herrera, F., Posadas, H., Peñil, P., Villar, E., Ferrero, F., Valencia, R., Palermo, G.: The COMPLEX methodology for UML/MARTE modeling and sesign space exploration of embedded systems. J. Syst. Archit. 60(1), 55–78 (2014). (Elsevier)
Howard, R.A.: Dynamic Probabilistic Systems. Wiley, New York (1971)
Jobst, M.E.: Security and privacy in the smart energy grid. In: Smart Grid Security Workshop at CSS. ACM (2014)
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: DAG-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014). (Elsevier)
Lund, M.S., Solhaug, B., Stølen, K.: Model-Driven Risk Analysis: The CORAS Approach. Springer, Heidelberg (2010)
Madan, B.B., Goševa-Popstojanova, K., Vaidyanathan, K., Trivedi, K.S.: A method for modeling and quantifying the security attributes of intrusion tolerant systems. Perform. Eval. 56(1–4), 167–186 (2004). (Elsevier)
Ouchani, S., Mohamed, O., Debbabi, M.: A formal verification framework for SysML activity diagrams. J. Expert Syst. Appl. 41(6), 2713–2728 (2014)
Parsons, S.: Current approaches to handling imperfect information in data and knowledge bases. IEEE Trans. Knowl. Data Eng. 8(3), 353–372 (1996)
Sommestad, T., Ekstedt, M., Johnson, P.: A probabilistic relational model for security risk analysis. Comput. Secur. 29(6), 659–679 (2010). (Elsevier)
Stoneburner, G., Goguen, A.Y., Feringa, A.: SP 800–30. Risk Management Guide for Information Technology Systems. In: NIST (2002)
Vasilevskaya, M., Gunawan, L.A., Nadjm-Tehrani, S., Herrmann, P.: Integrating security mechanisms into embedded systems by domain-specific modelling. J. Secur. Commun. Networks 7(12), 2815–2832 (2013). (Wiley)
Vasilevskaya, M., Nadjm-Tehrani, S.: Model-based security risk analysis for networked embedded systems. In: Conference on Critical Information Infrastructures Security. Springer (2014)
Verendel, V.: Quantified security is a weak hypothesis: a critical survey of results and assumptions. In: New Security Paradigms Workshop. ACM (2009)
Weiss, J.: A system security engineering process. In: National Computer Security Conference. National Institute of Standards and Technology/National Computer Security Center, pp. 572–581 (1991)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Vasilevskaya, M., Nadjm-Tehrani, S. (2015). Quantifying Risks to Data Assets Using Formal Metrics in Embedded System Design. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9337. Springer, Cham. https://doi.org/10.1007/978-3-319-24255-2_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-24255-2_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24254-5
Online ISBN: 978-3-319-24255-2
eBook Packages: Computer ScienceComputer Science (R0)