Towards improving software security by using simulation to inform requirements and conceptual design
Abstract
We illustrate the use of modeling and simulation early in the system life-cycle to improve security and reduce costs. The models that we develop for this illustration are inspired by problems in reliability analysis and supervisory control, for which similar models are used to quantify failure probabilities and rates. In the context of security, we propose that models of this general type can be used to understand trades between risk and cost while writing system requirements and during conceptual design, and thereby significantly reduce the need for expensive security corrections after a system enters operation
- Authors:
-
- Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
- Publication Date:
- Research Org.:
- Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1223064
- Grant/Contract Number:
- AC05-00OR22725
- Resource Type:
- Accepted Manuscript
- Journal Name:
- Journal of Defense Modeling and Simulation
- Additional Journal Information:
- Journal Volume: 12; Journal ID: ISSN 1548-5129
- Publisher:
- Society for Modeling and Simulation International
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING
Citation Formats
Nutaro, James J., Allgood, Glenn O., and Kuruganti, Teja. Towards improving software security by using simulation to inform requirements and conceptual design. United States: N. p., 2015.
Web. doi:10.1177/1548512915591049.
Nutaro, James J., Allgood, Glenn O., & Kuruganti, Teja. Towards improving software security by using simulation to inform requirements and conceptual design. United States. https://doi.org/10.1177/1548512915591049
Nutaro, James J., Allgood, Glenn O., and Kuruganti, Teja. Wed .
"Towards improving software security by using simulation to inform requirements and conceptual design". United States. https://doi.org/10.1177/1548512915591049. https://www.osti.gov/servlets/purl/1223064.
@article{osti_1223064,
title = {Towards improving software security by using simulation to inform requirements and conceptual design},
author = {Nutaro, James J. and Allgood, Glenn O. and Kuruganti, Teja},
abstractNote = {We illustrate the use of modeling and simulation early in the system life-cycle to improve security and reduce costs. The models that we develop for this illustration are inspired by problems in reliability analysis and supervisory control, for which similar models are used to quantify failure probabilities and rates. In the context of security, we propose that models of this general type can be used to understand trades between risk and cost while writing system requirements and during conceptual design, and thereby significantly reduce the need for expensive security corrections after a system enters operation},
doi = {10.1177/1548512915591049},
journal = {Journal of Defense Modeling and Simulation},
number = ,
volume = 12,
place = {United States},
year = {Wed Jun 17 00:00:00 EDT 2015},
month = {Wed Jun 17 00:00:00 EDT 2015}
}
Free Publicly Available Full Text
Publisher's Version of Record
Other availability
Save to My Library
You must Sign In or Create an Account in order to save documents to your library.
Works referenced in this record:
Secure it now or secure it later: the benefits of addressing cyber-security from the outset
conference, May 2013
- Olama, Mohammed M.; Nutaro, James
- SPIE Defense, Security, and Sensing, SPIE Proceedings
Resilience metrics for cyber systems
journal, November 2013
- Linkov, Igor; Eisenberg, Daniel A.; Plourde, Kenton
- Environment Systems and Decisions, Vol. 33, Issue 4
Closed-form expressions for distribution of sum of exponential random variables
journal, January 1997
- Amari, S. V.; Misra, R. B.
- IEEE Transactions on Reliability, Vol. 46, Issue 4
Cybersecurity Standards: Managing Risk and Creating Resilience
journal, September 2014
- Collier, Zachary A.; DiMase, Daniel; Walters, Steve
- Computer, Vol. 47, Issue 9, p. 70-76