Ideal Based Cyber Security Technical Metrics for Control Systems
Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.
- Research Organization:
- Idaho National Lab. (INL), Idaho Falls, ID (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- DE-AC07-99ID-13727
- OSTI ID:
- 924508
- Report Number(s):
- INL/CON-07-12849; TRN: US200809%%357
- Resource Relation:
- Conference: 2nd International Workshop on Critical Information Infrastructures Security,Benalmadena-Costa (Malaga), Spain,10/03/2007,10/05/2007
- Country of Publication:
- United States
- Language:
- English
Similar Records
Primer Control System Cyber Security Framework and Technical Metrics
Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements