Abstract
Critical infrastructure (CI) services are consumed by the society constantly and we expect them to be available 24 hours a day. A common definition is that CIs are so vital to our society that a disruption or destruction would have a severe impact on the social well-being and the economy on national and international levels.
CIs can be mutually dependent on each other and a failure in one infrastructure can cascade to another (inter)dependent infrastructure and cause service disruptions. Methods to better assess and monitor CIs and their (inter)dependencies at run-time in order to be able to evaluate possible risks have to be developed. Furthermore, methods to ensure the validity of evaluated risk have to be investigated.
In this work, we build on existing work of CI security modelling, a CI model that allows modelling the risks of CI services at run-time. We conduct a study of indicators allowing to evaluate the correctness of calculated service risk, taking into account various sources contributing to this evaluation. Trust-based indicators are introduced to capture the dynamically changing behaviour of a system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Artz, D., Gil, Y.: A survey of trust in computer science and the semantic web. In: Web Semantics: Science (January 2007)
Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D.: Real-time security monitoring of interdependent services in critical infrastructures. Case study of a risk-based approach. In: 21st European Safety and Reliability Conference, ESREL 2010 (September 2010)
Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D., Gateau, B.: Risk-based methodology for real-time security monitoring of interdependent services in critical infrastructures. In: International Conference on Availability, Reliability, and Security (ARES 2010), pp. 262–267 (February 2010)
Baiardi, F., Telmon, C., Sgandurra, D.: Hierarchical, Model-based Risk Management of Critical Infrastructures. In: The 18th European Safety and Reliability Conference, ESREL, vol. 94, pp. 1403–1415 (2009)
Caldeira, F., Monteiro, E., Simões, P.: Trust and reputation for information exchange in critical infrastructures. In: Xenakis, C., Wolthusen, S. (eds.) CRITIS 2010. LNCS, vol. 6712, pp. 140–152. Springer, Heidelberg (2011)
Caldeira, F., Monteiro, E., Simoes, P.: Trust and reputation management for critical infrastructure protection. Int. J. Electronic Security and Digital Forensics 3(3), 187–203 (2010)
Haimes, Y.Y., Kaplan, S., Lambert, J.H.: Risk filtering, ranking, and management framework using hierarchical holographic modeling. Risk Analysis 22(2) (2002)
Haslum, K., Arnes, A.: Multisensor real-time risk assessment using continuous-time hidden markov models. In: International Conference on Computational Intelligence and Security, vol. 2, pp. 1536–1540 (2006)
Ouedraogo, M., Khadraoui, D., De Remont, B., Dubois, E., Mouratidis, H.: Deployment of a security assurance monitoring framework for telecommunication service infrastructures on a voip service. In: New Technologies, Mobility and Security (NTMS 2008), pp. 1–5 (November 2008)
Panzieri, S., Setola, R., Ulivi, G.: An approach to model complex interdependent infrastructures. In: 16th IFAC World Congress (2005)
Rinaldi, S.M., Peerenboom, J.P., Kelly, T.K.: Identifying, understanding, and analyzing critical infrastructure interdependencies. IEEE Control Systems Magazine 21, 11–25 (2001)
Savola, R.M., Pentikainen, H., Ouedraogo, M.: Towards security effectiveness measurement utilizing risk-based security assurance. In: Information Security for South Africa (ISSA), pp. 1–8 (August 2010)
Sokolowski, J., Turnitsa, C., Diallo, S.: A conceptual modeling method for critical infrastructure modeling. In: 41st Annual Simulation Symposium (ANSS 2008), pp. 203–211 (April 2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schaberreiter, T., Caldeira, F., Aubert, J., Monteiro, E., Khadraoui, D., Simões, P. (2013). Assurance and Trust Indicators to Evaluate Accuracy of On-line Risk in Critical Infrastructures. In: Bologna, S., Hämmerli, B., Gritzalis, D., Wolthusen, S. (eds) Critical Information Infrastructure Security. CRITIS 2011. Lecture Notes in Computer Science, vol 6983. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41476-3_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-41476-3_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41475-6
Online ISBN: 978-3-642-41476-3
eBook Packages: Computer ScienceComputer Science (R0)