skip to main content
DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

Abstract

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

Inventors:
; ; ; ; ; ; ;
Issue Date:
Research Org.:
Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1202321
Patent Number(s):
9,092,631
Application Number:
14/055,776
Assignee:
Battelle Memorial Institute (Richland, WA)
DOE Contract Number:  
AC05-76RL01830
Resource Type:
Patent
Resource Relation:
Patent File Date: 2013 Oct 16
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Muller, George, Perkins, Casey J., Lancaster, Mary J., MacDonald, Douglas G., Clements, Samuel L., Hutton, William J., Patrick, Scott W., and Key, Bradley Robert. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture. United States: N. p., 2015. Web.
Muller, George, Perkins, Casey J., Lancaster, Mary J., MacDonald, Douglas G., Clements, Samuel L., Hutton, William J., Patrick, Scott W., & Key, Bradley Robert. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture. United States.
Muller, George, Perkins, Casey J., Lancaster, Mary J., MacDonald, Douglas G., Clements, Samuel L., Hutton, William J., Patrick, Scott W., and Key, Bradley Robert. Tue . "Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture". United States. https://www.osti.gov/servlets/purl/1202321.
@article{osti_1202321,
title = {Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture},
author = {Muller, George and Perkins, Casey J. and Lancaster, Mary J. and MacDonald, Douglas G. and Clements, Samuel L. and Hutton, William J. and Patrick, Scott W. and Key, Bradley Robert},
abstractNote = {Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2015},
month = {7}
}

Patent:

Save / Share:

Works referenced in this record:

Modeling Modern Network Attacks and Countermeasures Using Attack Graphs
conference, December 2009

  • Ingols, Kyle; Chu, Matthew; Lippmann, Richard
  • 2009 Annual Computer Security Applications Conference (ACSAC)
  • DOI: 10.1109/ACSAC.2009.21

Cyber/physical security vulnerability assessment integration
conference, February 2013

  • MacDonald, D.; Clements, S. L.; Patrick, S. W.
  • 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT 2013), 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT)
  • DOI: 10.1109/ISGT.2013.6497883

Quantitative assessment of cyber security risk using bayesian network-based model
conference, April 2009

  • Mo, Sheung Yin Kevin; Beling, Peter A.; Crowther, Kenneth G.
  • 2009 Systems and Information Engineering Design Symposium (SIEDS)
  • DOI: 10.1109/SIEDS.2009.5166177