Biblio

Recent disasters have shown that hazards can be unpredictable and can have catastrophic consequences. Emergency plans are key to dealing with these situations and communications play a key role in emergency management. In this paper, we provide a formalism to design resilient emergency plans in terms of communications. We exemplify how to use the formalism using a case study of a Nuclear Emergency Plan.

Recognizing the need for proactive analysis of cyber adversary behavior, this paper presents a new event-driven simulation model and implementation to reveal the efforts needed by attackers who have various entry points into a network. Unlike previous models which focus on the impact of attackers' actions on the defender's infrastructure, this work focuses on the attackers' strategies and actions. By operating on a request-response session level, our model provides an abstraction of how the network infrastructure reacts to access credentials the adversary might have obtained through a variety of strategies. We present the current capabilities of the simulator by showing three variants of Bronze Butler APT on a network with different user access levels.

Cyber risk assessment of a Cyber-Physical System (CPS) without damaging it and without contaminating it with malware is an important and hard problem. Previous work developed a solution to this problem using a control component for simulating cyber effects in a CPS model to mimic a cyber attack. This paper extends the previous work by presenting an algorithm for semi-automated insertion of control components into a CPS model based on Discrete Event Systems (DEVS) formalism. We also describe how to use this algorithm to insert a control component into Live, Virtual, Constructive (LVC) environments that may have non-DEVS models, thereby extending our solution to other systems in general.