Understanding Effects of Norms and Policies on the Robustness, Liveness, and Resilience of Systems - July 2017

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s):  Emily Berglund, Jon Doyle, Munindar Singh
Researchers:  Nirav Ajmeri, Shams Al Amin

HARD PROBLEM(S) ADDRESSED

• Policy-Governed Secure Collaboration - Norms provide a standard of correctness for collaborative behavior, with respect to which policies of the participants can be evaluated individually or in groups.
• Resilient Architectures - The study of robustness and resilience of systems modeled in terms of norms would provide a basis for understanding resilient social architectures.

PUBLICATIONS

• NA

ACCOMPLISHMENT HIGHLIGHTS

• We completed the implementation of our simulation framework that models the adoption of security practices by individual developers in a software engineering group.  We represent developers with different preferences and strategies for coding, applying security analysis tools, and learning. We represent managers that apply group and individual sanctions based on the security and functionality of the project artifacts. Our simulation results indicate that group sanctioning for security practices yields better functionality and security of the project artifact, while individual sanctioning results in lower retention of developers.

• We completed an implementation of a game based on our earlier enterprise security scenario (involving workforce adoption of cybersecurity practices) that supports gameplay by Amazon MTurk workers.