Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Addition of image showing risk behavior and starting writing on devel…
…opment of risk equation for assests.
  • Loading branch information
Duncan committed Jul 6, 2016
1 parent 0b6da48 commit 0ccb666
Showing 1 changed file with 38 additions and 1 deletion.
39 changes: 38 additions & 1 deletion AADLSecPaper.tex
Expand Up @@ -21,6 +21,9 @@
% Equation packages
\usepackage{amsmath}

% Graph generation package
\usepackage{tikz}

\usepackage{listings} % Include the listings-package
\usepackage{color}
\usepackage{balance}
Expand Down Expand Up @@ -233,7 +236,41 @@ $p_{da}$ represents the probability of a direct attack, where direct attack is d
attacker directly attempts to brute force a given security mechanism or standard. $p_{ida}$ represents the
probability of an indirect attack, where an indirect attacker is one where a malicious user attempts to circumvent existing security by some aspect that is not directly related to the mentioned security implementation.
%XXX What is the definition of security metric in the equation?
Once risk has been defined in the scope of examination, one can develop an `Estimation Metric' that can be compared and contrasted with each other to determine the `worth' of any given design. However, before these metrics can be developed, one must first determine a framework by which these calculations will be incorporated to allow for a relevant and meaningful interpretation of verification and selection metrics.
Once risk has been defined in the scope of examination, one can develop an `Estimation Metric' that can be compared and contrasted with each other to determine the `worth' of any given design. However, before these metrics can be developed, one must first determine a framework by which these calculations will be incorporated to allow for a relevant and meaningful interpretation of verification and selection metrics.

\section{Design Oriented Examination of Risk}

\begin{figure}
\centering
\begin{tikzpicture} [xscale=3.5, yscale=2]
\draw [<->] (0,1.5) -- (0,0) -- (3,0);
\node [below right] at (3,0) {$p_s*A$};
\node [left] at (0,1.5) {$p_a$};
\draw [dashed, gray] (0,1) -- (3,1);
\draw (1,0) to [out=90,in=180] (3,1);
%\draw [green, domain=0:3] plot (\x, {1 - exp(-\x - 1)});
\draw (1,-0.1) -- (1,0.1);
\node [below] at (1,0) {$c_a$};
\node [left] at (0,0) {0};
\node [left] at (0,1) {1};
\end{tikzpicture}
\caption{Estimation of Attack Risk Behavior}
\label{fig:attackRisk}
\end{figure}

Since the traditional view of risk does not account for an attacker's motivations, this paper moves to develop an equation that will represent not only risk due to an attacker but also account for the fact that the calculation is reliant upon multiple sources of probability. A graphical estimation of this behavior is shown in Figure~\ref{fig:attackRisk}.

Security risk of an attack can be represented as a combination of the probability of an attack, probability of the attack succeeding, and the impact of the attack.

\begin{equation} \label{equ:attackRisk}
R = p_a * p_s * I
\end{equation}

The probability of success is tied to the level of security implemented in the design, represented by the security metric (SM) value. This alters Equation~\ref{equ:attackRisk} to become:

\begin{equation}
R = p_a * (1 - SM) * I
\end{equation}

\section{Introducing the Framework}
\label{sec:framework}
Expand Down

0 comments on commit 0ccb666

Please sign in to comment.