Multi-Metrics analysis

From its-wiki.no

Jump to: navigation, search

Keyword Multi-Metrics analysis

Multi-Metrics analysis
Wikipedia
Related keywords Measurable Security, Security functionality, Security metrics, Multi-Metrics Method
All pages containing keywords

(edit page)

About the Multi-Metrics Approach

The Multi-Metrics Approach has the goal to to measure the Security, Privacy and Dependability (SPD) level of a system. The objective is to achieve an overall system SPD level, SPDSystem. The main advantage of this methodology is that it provides a simple mechanism to measure and evaluate the system security, privacy and dependability levels.

SPDSystem is a triplet, composed of individual Security, Privacy and Dependability levels (s,p,d). Each of the levels is represented by a range between 0 and 100, i.e. the higher the number, the higher the Security, Privacy and Dependability level. However, in order to end up with SPDSystem, during the whole process, the criticality is evaluated. Criticality is again a triplet (Cs,Cp,Cd), defined as the complement of SPD, and expressed as (Cs, Cp, Cd) = (100, 100, 100) − (s, p, d).

MultiMetrics System.gif

The Figure shows a system being composed of multiple sub-systems, which at the same time consist of various components.

Ongoing Discusssions

from Toktam: My suggestion is that since systems are complicated and nested, we may need to collect metrics and parameters in existing approaches for:

  • Application security, by using and not limited to OWASP as a reference (regardless of the name, this reference is one of the best),
  • Network security by using, but not limited to, CWE as a reference,
  • System security based on risk assessment in which measurement of risk itself is useful, and also (1- risk) might give a promising view of the level of security preservation,
  • and so on to collect and then make a contribution.

In addition, if instead of the security of the whole system, just data flow and information flow is the aim of the labeling, then such references could be investigated toward these (unfortunately it is time consuming).

References

  1. J. Noll, I. Garitano, S. Fayyad, E. Åsberg, H. Abie, «Measurable Security, Privacy and Dependability in Smart Grids», Journal of Cyber Security, 3_4, (2015) -> http://riverpublishers.com/journal/journal_articles/RP_Journal_2245-1439_342.pdf
  2. I. Garitano, S. Fayyad, J. Noll, «Multi-Metrics Approach for Security, Privacy and Dependability in Embedded Systems», Wireless Pers. Commun. 81, pp1359-1376 (2015)

Contains pages with keyword "Multi-Metrics analysis".

Related information

Thumb Title Author Date Keywords
Screenshot 2020-05-29 at 01.11.46.png Measurable Security for the Internet of Things
Click to Open
Guest Lecture at UPM - 29May2020
Josef Noll 28 May 2020 Measurable Security, Multi-Metrics analysis, Smart Meter, Personal Mobility