Ideal Based Cyber Security Technical Metrics for Control Systems
Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.
- Research Organization:
- Idaho National Laboratory (INL)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC07-99ID13727
- OSTI ID:
- 924508
- Report Number(s):
- INL/CON-07-12849
- Country of Publication:
- United States
- Language:
- English
Similar Records
Primer Control System Cyber Security Framework and Technical Metrics
Help for the Developers of Control System Cyber Security Standards