Meaningful and Aost-effective Survivability Assessments – Approach and Practice
Citation:
Michael Atighetchi, Joseph Loyall. Meaningful and Aost-effective Survivability Assessments - Approach and Practice.
Submitted to MILCOM 2009.
Formats: Abstract:
Paper (PDF)
With increasing proliferation of information technology (IT) assets
and associated attacks against them, assessing systems for security
vulnerabilities has become more important than ever. Despite this
fact, current testing approaches tend to focus on functional and
performance testing and often postpone security assessments until the
end of the project lifecycle. In our view, this shortcoming can
partially be explained by the large cost and technical difficulty of
formal security testing and the lack of standardized non-binary
security metrics. Since security is a systemic attribute of a system
that touches many layers, finding security problems early is crucial
for incorporating proper fixes into the design. Approaches that don't
consider security analysis as a key part of development and testing
will end up with a patchwork of fixes to symptoms without addressing
the underlying causes. The work presented in this paper describes a
flexible process, based on the concept of security red team exercises,
for assessing systems with respect to security and survivability. We
discuss how our approach enables assessments throughout the project
lifecycle by tailoring the testing to a specific evaluation scope in
terms of depth and coverage. We report on an assessment commissioned
as part of the testing of a prototype information management system
and give examples of attacks used to test availability,
confidentiality, and integrity to show how tests based on these
attacks can be used to systematically evaluate a system.
