validation, verification and explanation in a smarter world
TRANSCRIPT
Validating, Verifying andExplaining Security in a Smarter WorldArosha K. Bandara9 April 2015; Bra, Italy
Variable Assets
RisksZero-day Threat
Security Control Failure
Security in a Smarter World
2
Threat
Asset Adaptive Security:Systems that continue to satisfy their security requirements when threats and assets are uncertain / changing.
Attack
Vulnerability
Validation, Verification & Explanation
● Validation: Will the system protect the assets from security threats? (Have we built the right system?)
● Verification:Has the system been correctly configured to protect the assets from security threats? (Have we built the system right?)
● Explanation:Can we understand the behaviour of the adaptive security system?
Assurances for Adaptive Security
3
Nicholas Morant. National Film Board of Canada. Photothèque. Library and Archives Canada, PA-112911
Adaptive Security – VV&E
● Validation: Is the system measuring the right things to determine if a security adaptation is needed and deciding on the right security controls to be deployed?
● Verification: Is the system measuring things and making decisions in the right way?
● Explanation: Can we understand why we are measuring things and the reasons for doing this in particular way?
Security Metrics, Decision Making and Controls
5
Traceability for VV&E
6
SecurityMetrics
SecurityDecisionMaking
SecurityControls
Security Requirements
Model Causal Relationships
Identify valueof different metrics
RuntimeModels
Traceability for VV&E
7
SecurityMetrics
SecurityDecisionMaking
SecurityControls
Security Requirements
Model Causal Relationships
Identify valueof different metrics
RuntimeModels
Traceability for VV&E
8
SecurityMetrics
SecurityDecisionMaking
SecurityControls
Security Requirements
Model Causal Relationships
Identify valueof different metrics
RuntimeModels
Variable Assets
RisksZero-day Threat
Security Control Failure
Security in a Smarter World
9
Threat
Asset Adaptive Security:Systems that continue to satisfy their security requirements when threats and assets are uncertain / changing.
Attack
Vulnerability
Final Thoughts
● Are there are specific issues for validating, verifying and explaining adaptive security systems?● e.g., Assets, Threats, Attackers, Vulnerabilities
● Can we use decision analysis techniques to determine the best metrics and measurement methods to drive adaptation?
● How do the runtime models need to extended to support validation, verification and explanation for adaptive security?
Comments and Questions
10