Skip to content
Permalink
Browse files

Addition of image showing risk behavior and starting writing on devel…

…opment of risk equation for assests.
  • Loading branch information
Duncan
Duncan committed Jul 6, 2016
1 parent 0b6da48 commit 0ccb666e87fa95d5501fdba51ab238c47eaa2dfa
Showing with 38 additions and 1 deletion.
  1. +38 −1 AADLSecPaper.tex
@@ -21,6 +21,9 @@
% Equation packages
\usepackage{amsmath}

% Graph generation package
\usepackage{tikz}

\usepackage{listings} % Include the listings-package
\usepackage{color}
\usepackage{balance}
@@ -233,7 +236,41 @@ \section{Defining Risk}
attacker directly attempts to brute force a given security mechanism or standard. $p_{ida}$ represents the
probability of an indirect attack, where an indirect attacker is one where a malicious user attempts to circumvent existing security by some aspect that is not directly related to the mentioned security implementation.
%XXX What is the definition of security metric in the equation?
Once risk has been defined in the scope of examination, one can develop an `Estimation Metric' that can be compared and contrasted with each other to determine the `worth' of any given design. However, before these metrics can be developed, one must first determine a framework by which these calculations will be incorporated to allow for a relevant and meaningful interpretation of verification and selection metrics.
Once risk has been defined in the scope of examination, one can develop an `Estimation Metric' that can be compared and contrasted with each other to determine the `worth' of any given design. However, before these metrics can be developed, one must first determine a framework by which these calculations will be incorporated to allow for a relevant and meaningful interpretation of verification and selection metrics.

\section{Design Oriented Examination of Risk}

\begin{figure}
\centering
\begin{tikzpicture} [xscale=3.5, yscale=2]
\draw [<->] (0,1.5) -- (0,0) -- (3,0);
\node [below right] at (3,0) {$p_s*A$};
\node [left] at (0,1.5) {$p_a$};
\draw [dashed, gray] (0,1) -- (3,1);
\draw (1,0) to [out=90,in=180] (3,1);
%\draw [green, domain=0:3] plot (\x, {1 - exp(-\x - 1)});
\draw (1,-0.1) -- (1,0.1);
\node [below] at (1,0) {$c_a$};
\node [left] at (0,0) {0};
\node [left] at (0,1) {1};
\end{tikzpicture}
\caption{Estimation of Attack Risk Behavior}
\label{fig:attackRisk}
\end{figure}

Since the traditional view of risk does not account for an attacker's motivations, this paper moves to develop an equation that will represent not only risk due to an attacker but also account for the fact that the calculation is reliant upon multiple sources of probability. A graphical estimation of this behavior is shown in Figure~\ref{fig:attackRisk}.

Security risk of an attack can be represented as a combination of the probability of an attack, probability of the attack succeeding, and the impact of the attack.

\begin{equation} \label{equ:attackRisk}
R = p_a * p_s * I
\end{equation}

The probability of success is tied to the level of security implemented in the design, represented by the security metric (SM) value. This alters Equation~\ref{equ:attackRisk} to become:

\begin{equation}
R = p_a * (1 - SM) * I
\end{equation}

\section{Introducing the Framework}
\label{sec:framework}

0 comments on commit 0ccb666

Please sign in to comment.
You can’t perform that action at this time.