skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Cyber Contingency Analysis version 1.x

Software ·
DOI:https://doi.org/10.11578/dc.20220718.76· OSTI ID:1328001 · Code ID:76605
; ; ;

Contingency analysis based approach for quantifying and examining the resiliency of a cyber system in respect to confidentiality, integrity and availability. A graph representing an organization's cyber system and related resources is used for the availability contingency analysis. The mission critical paths associated with an organization are used to determine the consequences of a potential contingency. A node (or combination of nodes) are removed from the graph to analyze a particular contingency. The value of all mission critical paths that are disrupted by that contingency are used to quantify its severity. A total severity score can be calculated based on the complete list of all these contingencies. A simple n1 analysis can be done in which only one node is removed at a time for the analysis. We can also compute nk analysis, where k is the number of nodes to simultaneously remove for analysis. A contingency risk score can also be computed, which takes the probability of the contingencies into account. In addition to availability, we can also quantify confidentiality and integrity scores for the system. These treat user accounts as potential contingencies. The amount (and type) of files that an account can read to is used to compute the confidentiality score. The amount (and type) of files that an account can write to is used to compute the integrity score. As with availability analysis, we can use this information to compute total severity scores in regards to confidentiality and integrity. We can also take probability into account to compute associated risk scores.

Short Name / Acronym:
CCA
Project Type:
Closed Source
Site Accession Number:
5940; 30776-E
Software Type:
Scientific
License(s):
Other
Programming Language(s):
C++11 QtCreator 5.3
Research Organization:
Pacific Northwest National Laboratory (PNNL), Richland, WA (United States)
Sponsoring Organization:
USDOE
Primary Award/Contract Number:
AC05-76RL01830
DOE Contract Number:
AC05-76RL01830
Code ID:
76605
OSTI ID:
1328001
Country of Origin:
United States

Similar Records

Centralized Cryptographic Key Management and Critical Risk Assessment - CRADA Final Report For CRADA Number NFE-11-03562
Technical Report · Wed May 28 00:00:00 EDT 2014 · OSTI ID:1328001
Cryptographic Key Management and Critical Risk Assessment
Technical Report · Thu May 01 00:00:00 EDT 2014 · OSTI ID:1328001
Risk-Averse Bi-Level Stochastic Network Interdiction Model for Cyber-Security Risk Management
Journal Article · Mon Mar 01 00:00:00 EST 2021 · International Journal of Critical Infrastructure Protection · OSTI ID:1328001
+1 more

Related Subjects