ABSTRACT
Existing practical architectural models have been proposed with a hierarchy of layers such as Neumann's 8-layered security model. These models cannot reason about complex systems convincingly, so we need new models for systematic and faithful analysis. We have simplified Neumann's model to create a three-layer security model that can be used for understanding and reasoning about the security of complex systems and formalised to automate analysis. The three layers are the semantic (involving people and organisations), logical (computers and networks) and physical layers including the relationships and interactions between them. Our model can be used to analyse systems more systematically and holistically including human and physical factors, rather than as technical systems alone. The model is applied to examine the security of the electricity grid, which is very difficult to analyse because of its complexity. It can also model other aspects of critical infrastructure and other complex systems such as financial networks.
Supplemental Material
Available for Download
Slide presentation for "A multi-layered security architecture for modelling complex systems"
- Neumann PG, "Practical Architectures for Survivable Systems and Networks", SRI International (2000), online at www.csl.sri.com/neumann/survivability.pdf.Google Scholar
- Howard JD and Longstaff TA, "A Common Language for Computer Security Incidents", Sandia Report SAND98--8667 (1998), online at www.cert.org/research/taxonomy_988667.pdf.Google ScholarCross Ref
- Day JD and Zimmermann H, "The OSI Reference Model", Proceedings of the IEEE, vol 71 (1983), pp 1334--1340.Google ScholarCross Ref
- Howard JD, "An Analysis of Security Incidents on the Internet", 1989--1995, PhD thesis, Carnegie-Mellon University (1997), online at www.cert.org/research/JHThesis. Google ScholarDigital Library
- Amin M, "Balancing Market Priorities with Security Issues", IEEE Power and Energy vol 2 no 4 (2004), pp30--38.Google ScholarCross Ref
- Milner, R, "Pure Bigraphs: a Tutorial (Draft 7)" (2007), online at www.cl.cam.ac.uk/~rm135Google Scholar
Index Terms
- A multi-layered security architecture for modelling complex systems
Recommendations
A model for security in distributed systems
A model for security in open distributed systems has been developed by ECMA TC32/TG9. The model is built around the concept of security information as the basis for propagating trust and security knowledge around a distributed system. Security services ...
Cyber physical systems security
Cyber Physical Systems (CPS) are networked systems of cyber (computation and communication) and physical (sensors and actuators) components that interact in a feedback loop with the possible help of human intervention, interaction and utilization. These ...
Security Architecture of Computer Communication System Based on Internet of Things
ICASIT 2020: Proceedings of the 2020 International Conference on Aviation Safety and Information TechnologyIn large-scale service collaboration environment, security and privacy protection are the main factors affecting the development of IoT service applications. The security and privacy requirements of IoT services mainly focus on three aspects: secure ...
Comments