On the role of primary and secondary assets in adaptive security: An application in smart grids

Pasquale, Liliana; Salehie, Mazeiar; Ali, Raian; Omoronyia, Inah and Nuseibeh, Bashar (2012). On the role of primary and secondary assets in adaptive security: An application in smart grids. In: Software Engineering for Adaptive and Self-Managing Systems (SEAMS), 2012 ICSE Workshop, 4-5 Jun 2012, Switzerland.

DOI: https://doi.org/10.1109/SEAMS.2012.6224403

Abstract

Adaptive security aims to protect valuable assets managed by a system, by applying a varying set of security controls. Engineering adaptive security is not an easy task. A set of effective security countermeasures should be identified. These countermeasures should not only be applied to (primary) assets that customers desire to protect, but also to other (secondary) assets that can be exploited by attackers to harm the primary assets. Another challenge arises when assets vary dynamically at runtime. To accommodate these variabilities, it is necessary to monitor changes in assets, and apply the most appropriate countermeasures at runtime. The paper provides three main contributions for engineering adaptive security. First, it proposes a modeling notation to represent primary and secondary assets, along with their variability. Second, it describes how to use the extended models in engineering security requirements and designing required monitoring functions. Third, the paper illustrates our approach through a set of adaptive security scenarios in the customer domain of a smart grid. We suggest that modeling secondary assets aids the deployment of countermeasures, and, in combination with a representation of assets variability, facilitates the design of monitoring functions.

Viewing alternatives

Download history

Metrics

Public Attention

Altmetrics from Altmetric

Number of Citations

Citations from Dimensions

Item Actions

Export

About