DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

Abstract

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

Inventors:
; ; ; ; ; ; ;
Issue Date:
Research Org.:
Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1202321
Patent Number(s):
9092631
Application Number:
14/055,776
Assignee:
Battelle Memorial Institute (Richland, WA)
Patent Classifications (CPCs):
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
DOE Contract Number:  
AC05-76RL01830
Resource Type:
Patent
Resource Relation:
Patent File Date: 2013 Oct 16
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Muller, George, Perkins, Casey J., Lancaster, Mary J., MacDonald, Douglas G., Clements, Samuel L., Hutton, William J., Patrick, Scott W., and Key, Bradley Robert. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture. United States: N. p., 2015. Web.
Muller, George, Perkins, Casey J., Lancaster, Mary J., MacDonald, Douglas G., Clements, Samuel L., Hutton, William J., Patrick, Scott W., & Key, Bradley Robert. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture. United States.
Muller, George, Perkins, Casey J., Lancaster, Mary J., MacDonald, Douglas G., Clements, Samuel L., Hutton, William J., Patrick, Scott W., and Key, Bradley Robert. Tue . "Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture". United States. https://www.osti.gov/servlets/purl/1202321.
@article{osti_1202321,
title = {Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture},
author = {Muller, George and Perkins, Casey J. and Lancaster, Mary J. and MacDonald, Douglas G. and Clements, Samuel L. and Hutton, William J. and Patrick, Scott W. and Key, Bradley Robert},
abstractNote = {Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2015},
month = {7}
}

Works referenced in this record:

Modeling Modern Network Attacks and Countermeasures Using Attack Graphs
conference, December 2009


Cyber/physical security vulnerability assessment integration
conference, February 2013

  • MacDonald, D.; Clements, S. L.; Patrick, S. W.
  • 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT 2013), 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT)
  • https://doi.org/10.1109/ISGT.2013.6497883

Quantitative assessment of cyber security risk using bayesian network-based model
conference, April 2009


Method for evaluating a network
patent, September 2012


Method for simulation aided security event management
patent, March 2013


Embedded model interaction within attack projection framework of information system
patent, April 2013


Method, a system, and a computer program product for managing access change assurance
patent, December 2013


System and method for risk detection and analysis in a computer network
patent-application, September 2005


Value-Adaptive Security Threat Modeling and Vulnerability Ranking
patent-application, March 2009


Systems, Program Product and Methods for Performing a Risk Assessment Workflow Process for Plant Networks and Systems
patent-application, July 2012


Threat Evaluation System and Method
patent-application, December 2013


System, Method and Apparatus for Assessing a Risk of One or More Assets Within an Operational Technology Infrastructure
patent-application, May 2014