Skip to main content
SpringerLink
Log in

Assurance and Trust Indicators to Evaluate Accuracy of On-line Risk in Critical Infrastructures

  • Conference paper
Critical Information Infrastructure Security (CRITIS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6983))

  • 2527 Accesses

Abstract

Critical infrastructure (CI) services are consumed by the society constantly and we expect them to be available 24 hours a day. A common definition is that CIs are so vital to our society that a disruption or destruction would have a severe impact on the social well-being and the economy on national and international levels.

CIs can be mutually dependent on each other and a failure in one infrastructure can cascade to another (inter)dependent infrastructure and cause service disruptions. Methods to better assess and monitor CIs and their (inter)dependencies at run-time in order to be able to evaluate possible risks have to be developed. Furthermore, methods to ensure the validity of evaluated risk have to be investigated.

In this work, we build on existing work of CI security modelling, a CI model that allows modelling the risks of CI services at run-time. We conduct a study of indicators allowing to evaluate the correctness of calculated service risk, taking into account various sources contributing to this evaluation. Trust-based indicators are introduced to capture the dynamically changing behaviour of a system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Artz, D., Gil, Y.: A survey of trust in computer science and the semantic web. In: Web Semantics: Science (January 2007)

    Google Scholar 

  2. Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D.: Real-time security monitoring of interdependent services in critical infrastructures. Case study of a risk-based approach. In: 21st European Safety and Reliability Conference, ESREL 2010 (September 2010)

    Google Scholar 

  3. Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D., Gateau, B.: Risk-based methodology for real-time security monitoring of interdependent services in critical infrastructures. In: International Conference on Availability, Reliability, and Security (ARES 2010), pp. 262–267 (February 2010)

    Google Scholar 

  4. Baiardi, F., Telmon, C., Sgandurra, D.: Hierarchical, Model-based Risk Management of Critical Infrastructures. In: The 18th European Safety and Reliability Conference, ESREL, vol. 94, pp. 1403–1415 (2009)

    Google Scholar 

  5. Caldeira, F., Monteiro, E., Simões, P.: Trust and reputation for information exchange in critical infrastructures. In: Xenakis, C., Wolthusen, S. (eds.) CRITIS 2010. LNCS, vol. 6712, pp. 140–152. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  6. Caldeira, F., Monteiro, E., Simoes, P.: Trust and reputation management for critical infrastructure protection. Int. J. Electronic Security and Digital Forensics 3(3), 187–203 (2010)

    Article  Google Scholar 

  7. Haimes, Y.Y., Kaplan, S., Lambert, J.H.: Risk filtering, ranking, and management framework using hierarchical holographic modeling. Risk Analysis 22(2) (2002)

    Google Scholar 

  8. Haslum, K., Arnes, A.: Multisensor real-time risk assessment using continuous-time hidden markov models. In: International Conference on Computational Intelligence and Security, vol. 2, pp. 1536–1540 (2006)

    Google Scholar 

  9. Ouedraogo, M., Khadraoui, D., De Remont, B., Dubois, E., Mouratidis, H.: Deployment of a security assurance monitoring framework for telecommunication service infrastructures on a voip service. In: New Technologies, Mobility and Security (NTMS 2008), pp. 1–5 (November 2008)

    Google Scholar 

  10. Panzieri, S., Setola, R., Ulivi, G.: An approach to model complex interdependent infrastructures. In: 16th IFAC World Congress (2005)

    Google Scholar 

  11. Rinaldi, S.M., Peerenboom, J.P., Kelly, T.K.: Identifying, understanding, and analyzing critical infrastructure interdependencies. IEEE Control Systems Magazine 21, 11–25 (2001)

    Article  Google Scholar 

  12. Savola, R.M., Pentikainen, H., Ouedraogo, M.: Towards security effectiveness measurement utilizing risk-based security assurance. In: Information Security for South Africa (ISSA), pp. 1–8 (August 2010)

    Google Scholar 

  13. Sokolowski, J., Turnitsa, C., Diallo, S.: A conceptual modeling method for critical infrastructure modeling. In: 41st Annual Simulation Symposium (ANSS 2008), pp. 203–211 (April 2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Service Science & Innovation (SSI), Centre de Recherche Public Henri Tudor, 29, Avenue John F. Kennedy, L-1855, Luxembourg, Luxembourg

    Thomas Schaberreiter, Jocelyn Aubert & Djamel Khadraoui

  2. CISUC - DEI, University of Coimbra Coimbra, 3030-290, Portugal

    Filipe Caldeira, Edmundo Monteiro & Paulo Simões

  3. Polytechnic Institute of Viseu, Viseu, 3504-510, Portugal

    Filipe Caldeira

Authors
  1. Thomas Schaberreiter
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Filipe Caldeira
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jocelyn Aubert
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Edmundo Monteiro
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Djamel Khadraoui
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Paulo Simões
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. ENEA, Via Anguillarese 301, S. Maria di Galeria, 00060, Rome, Italy

    Sandro Bologna

  2. Acris GmbH, Bodenhofstr. 29, 6005, Luzern, Switzerland

    Bernhard Hämmerli

  3. Dept. of Informatics, Athens University of Economics and Business, 47 Evelpidon Str., 113 62, Athens, Greece

    Dimitris Gritzalis

  4. Dept. of Mathematics, Royal Holloway, University of London, TW20 0EX, Egham, UK

    Stephen Wolthusen

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Schaberreiter, T., Caldeira, F., Aubert, J., Monteiro, E., Khadraoui, D., Simões, P. (2013). Assurance and Trust Indicators to Evaluate Accuracy of On-line Risk in Critical Infrastructures. In: Bologna, S., Hämmerli, B., Gritzalis, D., Wolthusen, S. (eds) Critical Information Infrastructure Security. CRITIS 2011. Lecture Notes in Computer Science, vol 6983. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41476-3_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41476-3_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41475-6

  • Online ISBN: 978-3-642-41476-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation