Abstract

As development and deployment of secure systems continue to grow at scale, there is an equal need to evaluate these systems for vulnerabilities and other problems. However, the process of evaluating these designs is complicated and mainly proprietary to the group performing the evaluation. Generally, one follows the generic risk equation of probability and impact. In addition, one should examine the costs related to the adversary and the defender of a system. Without accounting for all of these different aspects, one cannot expect to properly assess the security of a system model or design. This work presents a security model adversarial risk-based tool (SMART) for systems security design evaluation. Our tool reads in a systems security model an attack graph and collects the necessary information for the purpose of determining the best solution based on a calculated security risk represented as a monetary amount. The advantage of the tool is the level of automation provided in the evaluation of security attack trees while providing meaningful metrics that are effortless to compare and contrast.

中文翻译：

---

SMART：用于系统安全设计评估的基于安全模型对抗风险的工具

摘要

随着安全系统的开发和部署规模不断扩大，同样需要评估这些系统的漏洞和其他问题。但是，评估这些设计的过程很复杂，并且主要归评估小组所有。通常，遵循概率和影响的通用风险方程。另外，应该检查与系统的防御者和防御者相关的成本。如果不考虑所有这些不同方面，就无法期望正确评估系统模型或设计的安全性。这项工作提出了一种用于系统安全设计评估的基于安全模型对抗风险的工具（SMART）。我们的工具会在系统安全模型中读取攻击图，并收集必要的信息，以基于计算得出的安全风险（以金额表示）确定最佳解决方案。该工具的优点是在评估安全攻击树时提供了自动化级别，同时提供了可以轻松进行比较和对比的有意义的指标。