A comprehensive network security risk model for process control networks

Risk Analysis

Volumn 29, Issue 2, 2009, Pages 223-248

  Henry, Matthew H ^a   Haimes, Yacov Y ^b,c  

^a JOHNS HOPKINS UNIVERSITY   (United States)

^b Center for Risk Management of Engineering Systems   (United States)

^c University of Virginia   (United States)

Author keywords

Cyber attack modeling; Network security; Risk assessment

Indexed keywords

COMMODITY FLOWS; COUPLED PROBLEMS; CYBER ATTACK MODELING; ILLUSTRATIVE EXAMPLES; MANAGEMENT POLICIES; MODELING METHODOLOGIES; PROCESS CONTROL NETWORKS; RISK MODELS; SECURITY RISKS;

COMPUTER CRIME; DECISION MAKING; INTERNET; LAW ENFORCEMENT; NETWORK SECURITY; PROCESS CONTROL; QUALITY CONTROL; RISK ANALYSIS; RISK MANAGEMENT; SAFETY FACTOR; WIMAX (CANDIDATE);

RISK ASSESSMENT;

CONTROL SYSTEM; INTERNET; RISK ASSESSMENT; SECURITY THREAT;

COMPUTER NETWORK; COMPUTER SECURITY; COMPUTER SYSTEM; DECISION TREE; PROCESS CONTROL; PROCESS MODEL; REVIEW; RISK ASSESSMENT; RISK MANAGEMENT; THEORETICAL MODEL;

EID: 58849103145     PISSN: 02724332     EISSN: 15396924     Source Type: Journal    
DOI: 10.1111/j.1539-6924.2008.01151.x     Document Type: Review

References (33)

1. Longstaff TA, Chittister CG, Pethia R, Haimes YY. Are we forgetting the risks of information technology Computer, 2000 33 (12 43 51.
2. Haimes YY. Total risk management. Risk Analysis, 1991 11 : 169 171.
3. Phillips C, Swiler LP. A graph-based system for network-vulnerability analysis. In ACM Workshop on New Security Paradigms. Association for Computing Machinery, 1998.
4. McQueen M, Boyer WF, Flynn MA, Beitel GA. Quantitative cyber risk reduction estimation methodology for a small SCADA control system. In Proceedings of the 39th Hawaii International Conference on System Sciences. IEEE, 2006.
5. McQueen M, Boyer WF, Flynn MA, Beitel GA. Time-to-compromise model for cyber risk reduction estimation. In Proceedings of the 1st Quality of Protection Workshop at the University of Trento, Milan. Springer, 2005.
6. Matalas NC, Fiering MB. Water-resource system planning. In Climate, Climatic Change and Water Supply. National Research Council, National Academy of Sciences, 1977.
7. Haimes YY, Matalas NC, Lambert JH, Jackson BA, Fellows JFR. Reducing the vulnerability of water supply systems to attack. Journal of Infrastructure Systems, 1997 4 (4 164 177.
8. Haimes YY, Kaplan S, Lambert JH. Risk filtering, ranking, and management framework using hierarchical holographic modeling. Risk Analysis, 2002 22 (2 383 398.
9. Haimes YY. Hierarchical holographic modeling. IEEE Transactions on Systems, Man and Cybernetics, 1981 11 : 606 617.
10. Haimes YY. Risk Modeling, Assessment and Management, 2nd ed. Hoboken, NJ : John Wiley and Sons, 2004.
11. Salinas MH. Combining multiple perspectives in the specification of a security assessment methodology. Ph.D. Thesis, University of Virginia, 2003.
12. Stamatelatos M, Vesely W, Dugan JB, Fragola J, Minarick J III., Railsback J. Fault Tree Handbook with Aerospace Applications. Version 1.1. National Aeronautics and Space Administration, 2002.
13. Musa JD, Okumoto K. A logarithmic poisson execution time model for software reliability measurement. In IEEE International Conference on Software Engineering. Institute for Electrical and Electronics Engineers, 1984.
14. Ehrlich WK, Stampfel JP, Wu JR. Application of software reliability modeling to product quality and test process. In IEEE International Conference on Software Engineering. Institute for Electrical and Electronics Engineers, 1990.
15. Sahinoglu M. Compound poisson software reliability model. IEEE Transactions on Software Engineering, 1992 18 (7 624 630.
16. Bertsekas DP. Dynamic Programming and Optimal Control, vol. 2, 2nd ed. Belmont, MA : Athena Scientific, 2001.
17. Lowrance WW. Of Acceptable Risk. Los Angeles, CA : William Kaufmann, 1976.
18. Kertzner P, Watters J, Bodeau D. Process control system security technical risk assessment methodology and technical implementation. Technical Report 06-0707, Institute for Information Infrastructure Protection, 2006.
19. Chankong V, Haimes YY. Multiobjective Decision Making: Theory and Methodology. New York : Elsevier-North Holland, 1983.
20. Kaplan S, Garrick BJ. On the quantitative definition of risk. Risk Analysis, 1981 1 : 11 27.
21. MIL-STD-1629A. Procedures for performing a failure mode, effects and critically analysis. Technical Report, U.S. Department of Defense, 1980.
22. Haimes YY, Horowitz BM. Adaptive two-player hierarchical holographic modeling game for counterterrorism intelligence analysis. Journal of Homeland Security and Emergency Management, 2004 1 (3).
23. Lye KW, Wing J. Game strategies in network security. In Foundations of Computer Security Workshop (FLoC'02). The 2002 Federated Logic Conference, 2002.
24. Alpcan T, Basar T. A game theoretic approach to decision and analysis in network intrusion detection. In IEEE Conference on Decision and Control (CDC03). Institute for Electrical and Electronics Engineers, 2003.
25. Alpcan T, Basar T. A game theoretic analysis of intrusion detection in access control systems. In IEEE Conference on Decision and Control (CDC04). Institute for Electrical and Electronics Engineers, 2004.
26. Bertsekas D, Tsitsiklis J. An analysis of stochastic shortest path problems. Mathematics of Operations Research, 1991 16 (3 580 595.
27. Byres E, Franz M, Miller D. The use of attack trees in assessing vulnerabilities in SCADA systems. In IEEE Conference on International Infrastructure Survivability Workshop (IISW '04). Institute for Electrical and Electronics Engineers, 2004.
28. Henry MH. Minimax Envelopes for Total Cyber Risk Management in Process Control Networks. Ph.D. Thesis, University of Virginia, 2007.
29. Minh DL. Applied Probability Models. Pacific Grove, CA : Duxbury, 2001.
30. Asbeck E, Haimes YY. The partitioned multiobjective risk method. Large Scale Systems, 1984 6 (1 13 38.
31. Haimes YY, Chittister CG. A roadmap for quantifying the efficacy of risk management of information security and interdependent scada systems. Journal of Homeland Security and Emergency Management, 2005 2 (2).
32. Haimes YY, Jiang P. Leontief-based model for risk in complex interconnected infrastructures. ASCE Journal of Infrastructure Systems, 2001 7 (1 1 12.
33. Santos JR, Haimes YY. Modeling the demand reduction input-output inoperability due to terrorism of interconnected infrastructures. Risk Analysis, 2004 24 (6 1437 1451.