Cyber resilience-by-construction: Modeling, measuring & verifying

Yasir Imtiaz Khan; Ehab Al-Shaer; Usman Rauf

doi:10.1145/2809826.2809836

Cyber resilience-by-construction: Modeling, measuring & verifying

Yasir Imtiaz Khan
, Ehab Al-Shaer
, Usman Rauf

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

10 Scopus citations

Abstract

The need of cyber security is increasing as cyber attacks are escalating day by day. Cyber attacks are now so many and sophisticated that many will unavoidably get through. Therefore, there is an immense need to employ resilient architectures to defend known or unknown threats. Engineering resilient system/infrastructure is a challenging task, that implies how to measure the resilience and how to obtain sufficient resilience necessary to maintain its service delivery under diverse situations. This paper has two fold objective, the first is to propose a formal approach to measure cyber resilience from different aspects (i.e., attacks, failures) and at different levels (i.e., pro-active, resistive and reactive). To achieve the first objective, we propose a formal framework named as: Cyber Resilience Engineering Framework (CREF). The second objective is to build a resilient system by construction. The idea is to build a formal model of a cyber system, which is initially not resilient with respect to attacks. Then by systematic refinements of the formal model and by its model checking, we attain resiliency. We exemplify our technique through the case study of simple cyber security device (i.e., network firewall).

Original language	English
Title of host publication	SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense
Publisher	Association for Computing Machinery, Inc
Pages	9-14
Number of pages	6
ISBN (Electronic)	9781450338219
DOIs	https://doi.org/10.1145/2809826.2809836
State	Published - 12 Oct 2015
Externally published	Yes
Event	Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig 2015 - Denver, United States Duration: 12 Oct 2015 → …

Publication series

Name	SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense

Conference

Conference	Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig 2015
Country/Territory	United States
City	Denver
Period	12/10/15 → …

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 9 Industry, Innovation, and Infrastructure

Keywords

Algebraic petri nets
Cyber resilience
Firewall
Model checking

ASJC Scopus subject areas

Computational Theory and Mathematics
Computer Science Applications
Artificial Intelligence

Access to Document

10.1145/2809826.2809836

Cite this

Khan, Y. I., Al-Shaer, E., & Rauf, U. (2015). Cyber resilience-by-construction: Modeling, measuring & verifying. In SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense (pp. 9-14). (SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense). Association for Computing Machinery, Inc. https://doi.org/10.1145/2809826.2809836

Khan, Yasir Imtiaz ; Al-Shaer, Ehab ; Rauf, Usman. / Cyber resilience-by-construction : Modeling, measuring & verifying. SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense. Association for Computing Machinery, Inc, 2015. pp. 9-14 (SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense).

@inproceedings{398ce1a063204d81a32c8f4002b57a5d,

title = "Cyber resilience-by-construction: Modeling, measuring \& verifying",

abstract = "The need of cyber security is increasing as cyber attacks are escalating day by day. Cyber attacks are now so many and sophisticated that many will unavoidably get through. Therefore, there is an immense need to employ resilient architectures to defend known or unknown threats. Engineering resilient system/infrastructure is a challenging task, that implies how to measure the resilience and how to obtain sufficient resilience necessary to maintain its service delivery under diverse situations. This paper has two fold objective, the first is to propose a formal approach to measure cyber resilience from different aspects (i.e., attacks, failures) and at different levels (i.e., pro-active, resistive and reactive). To achieve the first objective, we propose a formal framework named as: Cyber Resilience Engineering Framework (CREF). The second objective is to build a resilient system by construction. The idea is to build a formal model of a cyber system, which is initially not resilient with respect to attacks. Then by systematic refinements of the formal model and by its model checking, we attain resiliency. We exemplify our technique through the case study of simple cyber security device (i.e., network firewall).",

keywords = "Algebraic petri nets, Cyber resilience, Firewall, Model checking",

author = "Khan, \{Yasir Imtiaz\} and Ehab Al-Shaer and Usman Rauf",

year = "2015",

month = oct,

day = "12",

doi = "10.1145/2809826.2809836",

language = "English",

series = "SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense",

publisher = "Association for Computing Machinery, Inc",

pages = "9--14",

booktitle = "SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense",

note = "Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig 2015 ; Conference date: 12-10-2015",

}

Khan, YI, Al-Shaer, E & Rauf, U 2015, Cyber resilience-by-construction: Modeling, measuring & verifying. in SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense. SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense, Association for Computing Machinery, Inc, pp. 9-14, Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig 2015, Denver, United States, 12/10/15. https://doi.org/10.1145/2809826.2809836

Cyber resilience-by-construction: Modeling, measuring & verifying. / Khan, Yasir Imtiaz; Al-Shaer, Ehab; Rauf, Usman.
SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense. Association for Computing Machinery, Inc, 2015. p. 9-14 (SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Cyber resilience-by-construction

T2 - Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig 2015

AU - Khan, Yasir Imtiaz

AU - Al-Shaer, Ehab

AU - Rauf, Usman

PY - 2015/10/12

Y1 - 2015/10/12

N2 - The need of cyber security is increasing as cyber attacks are escalating day by day. Cyber attacks are now so many and sophisticated that many will unavoidably get through. Therefore, there is an immense need to employ resilient architectures to defend known or unknown threats. Engineering resilient system/infrastructure is a challenging task, that implies how to measure the resilience and how to obtain sufficient resilience necessary to maintain its service delivery under diverse situations. This paper has two fold objective, the first is to propose a formal approach to measure cyber resilience from different aspects (i.e., attacks, failures) and at different levels (i.e., pro-active, resistive and reactive). To achieve the first objective, we propose a formal framework named as: Cyber Resilience Engineering Framework (CREF). The second objective is to build a resilient system by construction. The idea is to build a formal model of a cyber system, which is initially not resilient with respect to attacks. Then by systematic refinements of the formal model and by its model checking, we attain resiliency. We exemplify our technique through the case study of simple cyber security device (i.e., network firewall).

AB - The need of cyber security is increasing as cyber attacks are escalating day by day. Cyber attacks are now so many and sophisticated that many will unavoidably get through. Therefore, there is an immense need to employ resilient architectures to defend known or unknown threats. Engineering resilient system/infrastructure is a challenging task, that implies how to measure the resilience and how to obtain sufficient resilience necessary to maintain its service delivery under diverse situations. This paper has two fold objective, the first is to propose a formal approach to measure cyber resilience from different aspects (i.e., attacks, failures) and at different levels (i.e., pro-active, resistive and reactive). To achieve the first objective, we propose a formal framework named as: Cyber Resilience Engineering Framework (CREF). The second objective is to build a resilient system by construction. The idea is to build a formal model of a cyber system, which is initially not resilient with respect to attacks. Then by systematic refinements of the formal model and by its model checking, we attain resiliency. We exemplify our technique through the case study of simple cyber security device (i.e., network firewall).

KW - Algebraic petri nets

KW - Cyber resilience

KW - Firewall

KW - Model checking

UR - https://www.scopus.com/pages/publications/84958677081

U2 - 10.1145/2809826.2809836

DO - 10.1145/2809826.2809836

M3 - Conference contribution

AN - SCOPUS:84958677081

T3 - SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense

SP - 9

EP - 14

BT - SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense

PB - Association for Computing Machinery, Inc

Y2 - 12 October 2015

ER -

Khan YI, Al-Shaer E, Rauf U. Cyber resilience-by-construction: Modeling, measuring & verifying. In SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense. Association for Computing Machinery, Inc. 2015. p. 9-14. (SafeConfig 2015 - Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense). doi: 10.1145/2809826.2809836

Cyber resilience-by-construction: Modeling, measuring & verifying

Abstract

Publication series

Conference

UN SDGs

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this