Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

Title: Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

Patent · Tue Jul 28 00:00:00 EDT 2015

OSTI ID:1202321

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

View Patent

Cite

Export

Save

Research Organization:: Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)

Sponsoring Organization:: USDOE

DOE Contract Number:: AC05-76RL01830

Assignee:: Battelle Memorial Institute (Richland, WA)

Patent Number(s):: 9,092,631

Application Number:: 14/055,776

OSTI ID:: 1202321

Resource Relation:: Patent File Date: 2013 Oct 16

Country of Publication:: United States

Language:: English

References (12)

Modeling Modern Network Attacks and Countermeasures Using Attack Graphs Ingols, Kyle; Chu, Matthew; Lippmann, Richard 2009 Annual Computer Security Applications Conference (ACSAC) https://doi.org/10.1109/ACSAC.2009.21	conference	December 2009
Cyber/physical security vulnerability assessment integration MacDonald, D.; Clements, S. L.; Patrick, S. W. 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT 2013), 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT) https://doi.org/10.1109/ISGT.2013.6497883	conference	February 2013
Quantitative assessment of cyber security risk using bayesian network-based model Mo, Sheung Yin Kevin; Beling, Peter A.; Crowther, Kenneth G. 2009 Systems and Information Engineering Design Symposium (SIEDS) https://doi.org/10.1109/SIEDS.2009.5166177	conference	April 2009
Method for evaluating a network Lotem, Amnon; Choen, Gideon; Meiseles, Moshe https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8272061 US Patent Document 8,272,061	patent	September 2012
Method for simulation aided security event management Lotem, Amnon; Cohen, Gideon; Ban Naon, Lior https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8407798 US Patent Document 8,407,798	patent	March 2013
Embedded model interaction within attack projection framework of information system Bush, Stephen Francis; Kulkarni, Amit Bhavanishankar https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8433768 US Patent Document 8,433,768	patent	April 2013
Method, a system, and a computer program product for managing access change assurance Lotem, Amnon; Haiut, Alexander; Circus, Ravid https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8621552 US Patent Document 8,621,552	patent	December 2013
System and method for risk detection and analysis in a computer network Cohen, Gideon; Meiseles, Moshe; Reshef, Eran https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20050193430 US Patent Document 11/118308; 20050193430	patent-application	September 2005
Value-Adaptive Security Threat Modeling and Vulnerability Ranking Chen, Yue; Boehm, Barry W.; Sheppard, Luke https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20090077666 US Patent Document 12/047293; 20090077666	patent-application	March 2009
Systems, Program Product and Methods for Performing a Risk Assessment Workflow Process for Plant Networks and Systems Al-Harbi, Saad A.; Almadi, Soloman M.; Al-Salem, Hussain A. https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20120180133 US Patent Application 12/987635; 20120180133	patent-application	July 2012
Threat Evaluation System and Method Flores, Roderick A.; Rolston, Britny https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20130347116 US Patent Application 13/928178; 20130347116	patent-application	December 2013
System, Method and Apparatus for Assessing a Risk of One or More Assets Within an Operational Technology Infrastructure Martinez, Ralph; Cordero, Salvador; Obregon, Eduardo https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20140137257 US Patent Application 14/078514; 20140137257	patent-application	May 2014

Similar Records

Use of Multi-attribute Utility Functions in Evaluating Security Systems

Technical Report · Fri Jun 13 00:00:00 EDT 2008 · OSTI ID:1202321

Meyers, C; Lamont, A; Sicherman, A

Cyber / Physical Security Vulnerability Assessment Integration

Conference · Sat Jul 28 00:00:00 EDT 2012 · OSTI ID:1202321

MacDonald, Douglas G.; Simpkins, Bret E.

Evaluation Report on "The Department's Unclassified Cyber Security Program"

Technical Report · Thu Oct 01 00:00:00 EDT 2009 · OSTI ID:1202321

Related Subjects

97 MATHEMATICS AND COMPUTING

Title: Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

Citation Formats

References (12)

Similar Records

Related Subjects