skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Application of Rank-Weight Methods to Blockchain Cybersecurity Vulnerability Assessment Framework

Conference ·
ORCiD logo [1];  [1];  [2]
  1. BATTELLE (PACIFIC NW LAB)
  2. University of Arkansas at Little Rock
+ Show Author Affiliations

Cybersecurity vulnerability assessment tools, frameworks, and methodologies are used to understand the cybersecurity maturity of a system or a facility. However, these tools are strictly developed based on standards defined by organizations such as the National Institute of Standards and Technology (NIST) and the U.S. Department of Energy; the majority of these tools and frameworks do not provide a platform to prioritize the requirements to reach a desired cybersecurity maturity. To address that challenge, we have been developing a framework and software application called cybersecurity vulnerability mitigation framework through empirical paradigm (CyFEr). CyFEr treats the problem at hand as a multi-criteria decision analysis (MCDA) problem, which requires that various criteria be weighed relatively. Defining those weights is non-trivial and often leads to subjective decisions leading to undesired complications. To facilitate such a weighting system in CyFEr, we evaluated the application of various rank-weight methods (such as rank sum, reciprocal rank, rank exponent, and rank order centroid). The efficacy of those rank-weight methods was evaluated by applying them and testing against the blockchain cybersecurity framework (BC2F). BC2F was developed using the NIST cybersecurity framework to evaluate the cybersecurity posture of the blockchain nodes and networks in a given blockchain application or use-case. This paper provides 1) technical insights on the application of rank-weight methods to cybersecurity vulnerability assessments, 2) an overview of BC2F, 3) the application of rank-weight methods to BC2F, and 4) a depiction of the integration of the discussed rank-weight methods in CyFEr.

Research Organization:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Organization:
USDOE
DOE Contract Number:
AC05-76RL01830
OSTI ID:
1525865
Report Number(s):
PNNL-SA-143718
Resource Relation:
Conference: IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC 2019), January 7-9, 2019, Las Vegas, NV
Country of Publication:
United States
Language:
English

Similar Records

Cybersecurity Vulnerability Mitigation Framework through Empirical Paradigm (CyFEr): Prioritized Gap Analysis
Journal Article · Mon Jun 03 00:00:00 EDT 2019 · IEEE Systems Journal · OSTI ID:1525865
Cybersecurity Vulnerability Mitigation Framework through Empirical Paradigm: Enhanced Prioritized Gap Analysis
Journal Article · Wed Apr 01 00:00:00 EDT 2020 · Future Generation Computer Systems · OSTI ID:1525865
Cybersecurity Resiliency of Marine Renewable Energy Systems-Part 1: Identifying Cybersecurity Vulnerabilities and Determining Risk
Journal Article · Sun Nov 01 00:00:00 EDT 2020 · Marine Technology Society Journal · OSTI ID:1525865
+5 more

Related Subjects