Search Menu
DOE PAGES title logo U.S. Department of Energy
Office of Scientific and Technical Information
Search Scholarly Publications

Title: Towards improving software security by using simulation to inform requirements and conceptual design

Journal Article · · Journal of Defense Modeling and Simulation
 [1];  [1];  [1]
  1. Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
+ Show Author Affiliations

We illustrate the use of modeling and simulation early in the system life-cycle to improve security and reduce costs. The models that we develop for this illustration are inspired by problems in reliability analysis and supervisory control, for which similar models are used to quantify failure probabilities and rates. In the context of security, we propose that models of this general type can be used to understand trades between risk and cost while writing system requirements and during conceptual design, and thereby significantly reduce the need for expensive security corrections after a system enters operation

Research Organization:
Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Sponsoring Organization:
USDOE
Grant/Contract Number:
AC05-00OR22725
OSTI ID:
1223064
Journal Information:
Journal of Defense Modeling and Simulation, Journal Name: Journal of Defense Modeling and Simulation Vol. 12; ISSN 1548-5129
Publisher:
Society for Modeling and Simulation InternationalCopyright Statement
Country of Publication:
United States
Language:
English

References (9)

Resilience metrics for cyber systems journal November 2013
Closed-form expressions for distribution of sum of exponential random variables journal January 1997
The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures journal September 2013
Cybersecurity Standards: Managing Risk and Creating Resilience journal September 2014
From the ground up: the DIMACS software security workshop journal March 2003
Estimating a System's Mean Time-to-Compromise journal January 2008
Secure it now or secure it later: the benefits of addressing cyber-security from the outset conference May 2013
The Agility Advantage: A Survival Guide for Complex Enterprises and Endeavors report September 2011
Handbook of human-reliability analysis with emphasis on nuclear power plant applications. Final report report August 1983

Similar Records

Software Requirements for a System to Compute Mean Failure Cost
Conference · Fri Jan 01 04:00:00 UTC 2010 · OSTI ID:986407
+1 more
Combining supervisory information and computer model for power optimization
Journal Article · Wed Sep 01 04:00:00 UTC 1982 · Pet. Chem. Ind. Conf., Rec. Conf. Pap.; (United States) · OSTI ID:5091318
Towards Fully Secure 5G Ultra-Low Latency Communications: A Cost-Security Functions Analysis
Journal Article · Thu Sep 22 04:00:00 UTC 2022 · Computers, Materials and Continua · OSTI ID:2368574
+3 more

Related Subjects

97 MATHEMATICS AND COMPUTING