Title | Analytics for Cybersecurity Policy of Cyber-Physical Systems |
Publication Type | Conference Paper |
Year of Publication | 2022 |
Authors | Choucri, Nazli, Agarwal, Gaurav |
Conference Name | 2022 IEEE International Symposium on Technologies for Homeland Security (HST) |
Keywords | Analytical models, composability, compositionality, Cyber Dependencies, Cyber-physical systems, cybersecurity, Data models, design structure matrix, Human Behavior, human factors, Metrics, network views, NIST, NISTIR 7628 Rev.1, pubcrawl, resilience, Resiliency, risk management, Scalability, Smart grid, Smart grids, US Department of Homeland Security |
Abstract | Guidelines, directives, and policy statements are usually presented in "linear" text form - word after word, page after page. However necessary, this practice impedes full understanding, obscures feedback dynamics, hides mutual dependencies and cascading effects and the like-even when augmented with tables and diagrams. The net result is often a checklist response as an end in itself. All this creates barriers to intended realization of guidelines and undermines potential effectiveness. We present a solution strategy using text as "data", transforming text into a structured model, and generate network views of the text(s), that we then can use for vulnerability mapping, risk assessments and note control point analysis. For proof of concept we draw on NIST conceptual model and analysis of guidelines for smart grid cybersecurity, more than 600 pages of text. |
DOI | 10.1109/HST56032.2022.10025438 |
Citation Key | choucri_analytics_2022 |