Visible to the public Biblio

Filters: Author is Gunda, Thushara  [Clear All Filters]
2022-04-01
Williams, Adam D., Adams, Thomas, Wingo, Jamie, Birch, Gabriel C., Caskey, Susan A., Fleming, Elizabeth S., Gunda, Thushara.  2021.  Resilience-Based Performance Measures for Next-Generation Systems Security Engineering. 2021 International Carnahan Conference on Security Technology (ICCST). :1—5.
Performance measures commonly used in systems security engineering tend to be static, linear, and have limited utility in addressing challenges to security performance from increasingly complex risk environments, adversary innovation, and disruptive technologies. Leveraging key concepts from resilience science offers an opportunity to advance next-generation systems security engineering to better describe the complexities, dynamism, and nonlinearity observed in security performance—particularly in response to these challenges. This article introduces a multilayer network model and modified Continuous Time Markov Chain model that explicitly captures interdependencies in systems security engineering. The results and insights from a multilayer network model of security for a hypothetical nuclear power plant introduce how network-based metrics can incorporate resilience concepts into performance metrics for next generation systems security engineering.
2022-02-04
Caskey, Susan A., Gunda, Thushara, Wingo, Jamie, Williams, Adam D..  2021.  Leveraging Resilience Metrics to Support Security System Analysis. 2021 IEEE International Symposium on Technologies for Homeland Security (HST). :1–7.
Resilience has been defined as a priority for the US critical infrastructure. This paper presents a process for incorporating resiliency-derived metrics into security system evaluations. To support this analysis, we used a multi-layer network model (MLN) reflecting the defined security system of a hypothetical nuclear power plant to define what metrics would be useful in understanding a system’s ability to absorb perturbation (i.e., system resilience). We defined measures focusing on the system’s criticality, rapidity, diversity, and confidence at each network layer, simulated adversary path, and the system as a basis for understanding the system’s resilience. For this hypothetical system, our metrics indicated the importance of physical infrastructure to overall system criticality, the relative confidence of physical sensors, and the lack of diversity in assessment activities (i.e., dependence on human evaluations). Refined model design and data outputs will enable more nuanced evaluations into temporal, geospatial, and human behavior considerations. Future studies can also extend these methodologies to capture respond and recover aspects of resilience, further supporting the protection of critical infrastructure.