Yulia Cherdantseva | Cardiff University (original) (raw)

Papers by Yulia Cherdantseva

Research paper thumbnail of A Configurable Dependency Model of a SCADA System for Goal-Oriented Risk Assessment

Applied Sciences

A key purpose of a Supervisory Control and Data Acquisition (SCADA) system is to enable either an... more A key purpose of a Supervisory Control and Data Acquisition (SCADA) system is to enable either an on-site or remote supervisory control and monitoring of physical processes of various natures. In order for a SCADA system to operate safely and securely, a wide range of experts with diverse backgrounds must work in close rapport. It is critical to have an overall view of an entire system at a high level of abstraction which is accessible to all experts involved, and which assists with gauging and assessing risks to the system. Furthermore, a SCADA system is composed of a large number of interconnected technical and non-technical sub-elements, and it is crucial to capture the dependencies between these sub-elements for a comprehensive and rigorous risk assessment. In this paper, we present a generic configurable dependency model of a SCADA system which captures complex dependencies within a system and facilitates goal-oriented risk assessment. The model was developed by collecting and ...

Research paper thumbnail of Towards SecureBPMN- Aligning BPMN with the Information Assurance & Security Domain

Abstract. The participation of business experts in the elicitation and formulation of Information... more Abstract. The participation of business experts in the elicitation and formulation of Information Assurance & Security (IAS) requirements is crucial. Although business experts have security-related knowledge, there is still no formalised business process modelling notation allowing them to express this knowledge in a clear, unambiguous manner. In this paper we outline the foundational basis for SecureBPMN- a graphical secu-rity modelling extension for the BPMN 2.0. We also align the BPMN with the IAS domain in order to identify points for the extension. Se-cureBPMN adopts a holistic approach to IAS and is designed to serve as a ”communication bridge ” between business and security experts. 1

Research paper thumbnail of A reference model of information assurance and security

Abstract—Information Assurance & Security (IAS) is a dynamic domain which changes continuously in... more Abstract—Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response to the evolution of society, business needs and technology. This paper proposes a Reference Model of Information Assurance & Security (RMIAS), which endeavours to address the recent trends in the IAS evolution, namely diversification and de-perimetrisation. The model incorporates four dimensions:

Research paper thumbnail of Security Architecture in a Collaborative De-Perimeterised Environment: Factors of Success

Security Architecture (SA) is concerned with such tasks as design, development and management of ... more Security Architecture (SA) is concerned with such tasks as design, development and management of secure business information systems. These tasks are inherently complex and become several orders of magnitude more sophisticated in a Collaborative De-Perimeterised Environment (CDePE). Although significant research exists about the technical solutions that may be used in a CDePE, we believe there is an important gap in current literature in addressing the specifics of collaboration and deperimeterisation at the stages of design and management of a SA. This paper discusses how a CDePE is addressed in the ISO/IEC 27000 series of standards and identifies ten factors, besides technical ones, that are important for the success of a SA. This paper emerged as a result of an analysis of the current state of the information security discipline and of the modern trends in the discipline. 1

Research paper thumbnail of Live Free or Die Hard: Cybersecurity, Governments, Corporations and Responses to threats to Critical National Infrastructure in the United States and UK

Research paper thumbnail of Towards Gender Equality in Software Engineering: The NSA Approach

2018 IEEE/ACM 1st International Workshop on Gender Equality in Software Engineering (GE), 2018

Multiple studies show that women are under-represented in almost all of fields of Science, Techno... more Multiple studies show that women are under-represented in almost all of fields of Science, Technology, Engineering and Maths (STEM). This gender gap is also present at higher education institutions in both student numbers and academic staff. A range of measures could be implemented to tackle this issue. In this position paper, we outline the measures that the School of Computer Sciences and Informatics of Cardiff University, UK, implemented over the past years, to foster a culture in which women could excel. Then, we discuss the measures that we plan to implement in future in order to increase the number of women both among students and academic staff.

Research paper thumbnail of Towards a Framework for Measuring the Performance of a Security Operations Center Analyst

2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)

The past few years have seen several studies reporting on the role of a Security Operations Cente... more The past few years have seen several studies reporting on the role of a Security Operations Center (SOC) analyst and metrics for assessing the performance of analysts. However, research suggests that analysts are dissatisfied with existing metrics as they fail to take into consideration several aspects of their tasks. Existing works advocate for research into this area. A major challenge to devising adequate metrics is that the real work of analysts that needs to be taken into consideration to assess their holistic performance has not been fully discussed. Furthermore, at present, there is no agreement on what constitutes core analysts' functions. Analysts' overall performance in a SOC could be obtained if there is a common agreement on the core functions upon which their performance can be evaluated. In this paper, we propose a framework depicting the core functions of analysts and KPIs that can be used to measure the performance of analysts. To do this, we conducted a thorough analysis of the functions of a SOC described in multiple sources of literature and engaged with several analysts and SOC managers from different industries using qualitative semi-structured interviews. Our research results identify the following: quality of analysts' analysis, quality of analysts' report, time-based measures and the absolute numbers derived from an analyst's tasks as the key performance indicators (KPIs) for assessing analysts' performance. We hope that our findings will stimulate more interest among cybersecurity researchers on assessment methods for analysts.

Research paper thumbnail of SCADA System Forensic Analysis Within IIoT

Springer Series in Advanced Manufacturing

A new wave of industrial technology has emerged in the form of Industry 4.0, which has seen a pro... more A new wave of industrial technology has emerged in the form of Industry 4.0, which has seen a progression from electronic devices and IT (Information Technology) systems that automate production advance to a new revolution of Cyber-Physical Production Systems used for Smart Manufacturing and Smart Factories via IIoT (Industrial Internet of Things). As more and more devices are becoming connected and networked to allow for Smart Manufacturing to take place the number of data sources significantly increases as a result. Real-time Information is then becoming increasingly interlinked across multiple industries for a more efficient productivity process and a reduction in cost. Aside from Smart manufacturing and factories, Industry 4.0 has already seen huge advances in infrastructure management, energy management, transportation and building and home automation. With such industries relying so heavily on real-time data from connected sensors the security of these systems are at risk due to the reliance on low-latency and reliable communication for critical processes. The increase of interconnected networks and devices across the Internet significantly increases the amount of entry points into these systems, increasing their vulnerability and allowing outsiders to take advantage of any weaknesses within them. This has already been highlighted by the events of Stuxnet, Havex, Black Energy and the German Steel Mill that targeted ICS (Industrial Control Systems) and SCADA (Supervisory Control and Data Acquisition) Systems causing catastrophic results. The use of SIEM (Security Information and Event Management) services, IDS (Intrusion Detection Systems), IPS (Intrusion Prevention Systems) and firewalls may be implemented within ICS but only operate on the perimeters of their networks or segmented networks and not at the lower operational level where critical processes rely on speed and availability simply because by doing so could introduce latency between critical processes. When events do occur, regardless of whether an incident is accidental or deliberate, an immediate incident response should take place. This chapter focusses on the forensic challenges and analysis of the physical infrastructure that underpins the systems operating within IIoT. It discusses the development of SCADA system architecture over the past few decades and how it has arrived at IIoT, creating the new generation of SCADA systems. The chapter then discusses the current available tools that exist that can help carry out a forensic investigation of a SCADA system operating within IIoT space before closing with a suggested SCADA Incident Response Model.

Research paper thumbnail of Challenges and performance metrics for security operations center analysts: a systematic review

Journal of Cyber Security Technology

ABSTRACT The increasing use of Security Operations Centers (SOCs) by organisations as a part of t... more ABSTRACT The increasing use of Security Operations Centers (SOCs) by organisations as a part of their cyber security strategy has led to several studies aiming to understand and improve SOC operations. However, to the best of our knowledge, there is no systematic literature review on the challenges faced by SOC analysts or on metrics for measuring analysts performance. To this end, we conducted a Systematic Literature Review (SLR) in accordance with the guidelines for undertaking SLR and analyzed papers published on SOCs between 2008 and 2018. We provide a comprehensive overview of the challenges faced by SOC analysts and of the metrics suggested in the literature for measuring analysts performance. In addition, we present a mapping between the challenges and existing performance metrics showing how the effectiveness of an analyst in addressing a particular challenge could be measured. We also discuss the drawbacks of the existing metrics and suggest directions for improvement. Our findings will enable SOC analysts and managers, as well as the academic community to gain a better understanding of the challenges impeding the performance of SOC analysts, and how analysts performance could be measured and improved.

Research paper thumbnail of Determining and Sharing Risk Data in Distributed Interdependent Systems

Computer

While the risks induced by system dependencies have been studied; little is known about modelling... more While the risks induced by system dependencies have been studied; little is known about modelling complex collections of supposedly independent systems at different geographical locations, which are in reality interdependent due to sharing often-unrecognized common elements. It could be argued that any risk analysis of a large infrastructure that does not take account of such interdependencies is dangerously introspective. We present a top-down, goal-to-dependencies approach to modelling and understanding such Complex Systems, which uses secure, distributed computing protocols to share risk data between the risk models of interdependent systems. We present a Bayesian-sensitivity measure of risk, which is both intuitively satisfying and accords with everyday notions of risk. The core benefit of this approach is to capture dependencies between systems and share risk data such that failure of an entity along the 'supply chain' can be rapidly propagated to those who depend on it allowing them to calculate the likely impact and respond accordingly.

Research paper thumbnail of A multifaceted evaluation of the reference model of information assurance & security

Computers & Security, 2016

The evaluation of a conceptual model, which is an outcome of a qualitative research, is an arduou... more The evaluation of a conceptual model, which is an outcome of a qualitative research, is an arduous task due to the lack of a rigorous basis for evaluation. Overcoming this challenge, the paper at hand presents a detailed example of a multifaceted evaluation of a Reference Model of Information Assurance & Security (RMIAS), which summarises the knowledge acquired by the Information Assurance & Security community to date in one all-encompassing model. A combination of analytical and empirical evaluation methods is exploited to evaluate the RMIAS in a sustained way overcoming the limitations of separate methods. The RMIAS is analytically evaluated regarding the quality criteria of conceptual models and compared with existing models. Twenty-six semistructured interviews with IAS experts are conducted to test the merit of the RMIAS. Three workshops and a case study are carried out to verify the practical value of the model. The paper discusses the evaluation methodology and evaluation results.

Research paper thumbnail of Forensic Readiness for SCADA/ICS Incident Response

Electronic Workshops in Computing, 2016

The actions carried out following any cyber-attack are vital in limiting damage, regaining contro... more The actions carried out following any cyber-attack are vital in limiting damage, regaining control and determining the cause and those responsible. Within SCADA and ICS environments there is certainly no exception. Critical National Infrastructure (CNI) relies heavily on SCADA systems to monitor and control critical processes. Many of these systems span huge geographical areas and contain thousands of individual devices, across an array of asset types. When an incident occurs, those assets contain forensic artefacts, which can be thought of as any data that provides explanation to the current state of the SCADA system. Knowing what devices exist within the network and the tools and methods to retrieve data from them are some of the biggest challenges for incident response within CNI. This paper aims to identify those assets and their forensic value whilst providing the tools needed to perform data acquisition in a forensically sound manner. It will also discuss the key stages in which the incident response process can be managed.

Research paper thumbnail of Secure*BPMN : a graphical extension for BPMN 2.0 based on a reference model of information assurance & security

The main contribution of this thesis is Secure*BPMN, a graphical security modelling extension for... more The main contribution of this thesis is Secure*BPMN, a graphical security modelling extension for the de-facto industry standard business process modelling language BPMN 2.0.1. Secure*BPMN enables a cognitively effective representation of security concerns in business process models. It facilitates the engagement of experts with different backgrounds, including non-security and nontechnical experts, in the discussion of security concerns and in security decision-making. The strength and novelty of Secure*BPMN lie in its comprehensive semantics based on a Reference Model of Information Assurance & Security (RMIAS) and in its cognitively effective syntax. The RMIAS, which was developed in this project, is a synthesis of the existing knowledge of the Information Assurance & Security domain. The RMIAS helps to build an agreed-upon understanding of Information Assurance & Security, which experts with different backgrounds require before they may proceed with the discussion of security is...

Research paper thumbnail of Information Security and Information Assurance

Research paper thumbnail of Towards SecureBPMN - Aligning BPMN with the Information Assurance and Security Domain

Lecture Notes in Business Information Processing, 2012

The participation of business experts in the elicitation and formulation of Information Assurance... more The participation of business experts in the elicitation and formulation of Information Assurance & Security (IAS) requirements is crucial. Although business experts have security-related knowledge, there is still no formalised business process modelling notation allowing them to express this knowledge in a clear, unambiguous manner. In this paper we outline the foundational basis for SecureBPMN -a graphical security modelling extension for the BPMN 2.0. We also align the BPMN with the IAS domain in order to identify points for the extension. Se-cureBPMN adopts a holistic approach to IAS and is designed to serve as a "communication bridge" between business and security experts. 1

Research paper thumbnail of Security Architecture in a Collaborative De-Perimeterised Environment: Factors of Success

ISSE 2011 Securing Electronic Business Processes, 2011

Abstract Security Architecture (SA) is concerned with such tasks as design, development and manag... more Abstract Security Architecture (SA) is concerned with such tasks as design, development and management of secure business information systems. These tasks are inherently complex and become several orders of magnitude more sophisticated in a Collaborative De-Perimeterised Environment (CDePE). Although significant research exists about the technical solutions that may be used in a CDePE, we believe there is an important gap in current literature in addressing the specifics of collaboration and deperimeterisation at the ...

Research paper thumbnail of SecureBPMN-Aligning BPMN with the Information Assurance & Security Domain

Research paper thumbnail of Mind Map of a SCADA system - INVITATION TO PARTICIPATE

In April 2014, the Welsh Government and the EADS Foundation Wales invested in a new research pro... more In April 2014, the Welsh Government and the EADS Foundation Wales invested in a new research project titled “SCADA Cyber Security Lifecycle".

As a part of this project, we are conducting a SCADA mind mapping exercise.

We would like to invite all academics and practitioners who deal with SCADA systems to participate in this exercise.

You are asked only to draw YOUR MIND MAP of a SCADA system. It typically takes between 15-30 minutes.

Research paper thumbnail of Cherdantseva, Y., Burnap P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: "A Review of cyber security risk assessment methods for SCADA systems" . Computers & Security. Volume 56, February 2016, pp. 1-27.

Cherdantseva, Y., Burnap P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: "A Review of cyber security risk assessment methods for SCADA systems" . Computers & Security. Volume 56, February 2016, pp. 1-27.

This paper reviews the state of the art in cyber security risk assessment of Supervisory Control ... more This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods and then analyse them in terms of aim; application domain; the stages of risk management addressed; key risk management concepts covered; impact measurement; sources of probabilistic data; evaluation and tool support. Based on the analysis, we suggest an intuitive scheme for the categorisation of cyber security risk assessment methods for SCADA systems. We also outline five research challenges facing the domain and point out the approaches that might be taken.

Research paper thumbnail of Cherdantseva, Y.; Hilton, J., "A Reference Model of Information Assurance & Security," Availability, Reliability and Security (ARES), 2013 Eighth International Conference on, pp.546-555, 2-6 Sept. 2013

Accepted to SecOnt 2013 workshop which will be held in conjunction with the 8th International Conference on Availability, Reliability and Security (ARES) 2013, University of Regensburg, Germany. September 2nd - 6th, 2013

Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response... more Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response to the evolution of society, business needs and technology. This paper proposes a Reference Model of Information Assurance & Security (RMIAS), which endeavours to address the recent trends in the IAS evolution, namely diversification and deperimetrisation. The model incorporates four dimensions: Information System Security Life Cycle, Information Taxonomy, Security Goals and Security Countermeasures. In addition to the descriptive knowledge, the RMIAS embeds the methodological knowledge. A case study demonstrates how the RMIAS assists with the development and revision of an Information Security Policy Document. 1

Research paper thumbnail of A Configurable Dependency Model of a SCADA System for Goal-Oriented Risk Assessment

Applied Sciences

A key purpose of a Supervisory Control and Data Acquisition (SCADA) system is to enable either an... more A key purpose of a Supervisory Control and Data Acquisition (SCADA) system is to enable either an on-site or remote supervisory control and monitoring of physical processes of various natures. In order for a SCADA system to operate safely and securely, a wide range of experts with diverse backgrounds must work in close rapport. It is critical to have an overall view of an entire system at a high level of abstraction which is accessible to all experts involved, and which assists with gauging and assessing risks to the system. Furthermore, a SCADA system is composed of a large number of interconnected technical and non-technical sub-elements, and it is crucial to capture the dependencies between these sub-elements for a comprehensive and rigorous risk assessment. In this paper, we present a generic configurable dependency model of a SCADA system which captures complex dependencies within a system and facilitates goal-oriented risk assessment. The model was developed by collecting and ...

Research paper thumbnail of Towards SecureBPMN- Aligning BPMN with the Information Assurance & Security Domain

Abstract. The participation of business experts in the elicitation and formulation of Information... more Abstract. The participation of business experts in the elicitation and formulation of Information Assurance & Security (IAS) requirements is crucial. Although business experts have security-related knowledge, there is still no formalised business process modelling notation allowing them to express this knowledge in a clear, unambiguous manner. In this paper we outline the foundational basis for SecureBPMN- a graphical secu-rity modelling extension for the BPMN 2.0. We also align the BPMN with the IAS domain in order to identify points for the extension. Se-cureBPMN adopts a holistic approach to IAS and is designed to serve as a ”communication bridge ” between business and security experts. 1

Research paper thumbnail of A reference model of information assurance and security

Abstract—Information Assurance & Security (IAS) is a dynamic domain which changes continuously in... more Abstract—Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response to the evolution of society, business needs and technology. This paper proposes a Reference Model of Information Assurance & Security (RMIAS), which endeavours to address the recent trends in the IAS evolution, namely diversification and de-perimetrisation. The model incorporates four dimensions:

Research paper thumbnail of Security Architecture in a Collaborative De-Perimeterised Environment: Factors of Success

Security Architecture (SA) is concerned with such tasks as design, development and management of ... more Security Architecture (SA) is concerned with such tasks as design, development and management of secure business information systems. These tasks are inherently complex and become several orders of magnitude more sophisticated in a Collaborative De-Perimeterised Environment (CDePE). Although significant research exists about the technical solutions that may be used in a CDePE, we believe there is an important gap in current literature in addressing the specifics of collaboration and deperimeterisation at the stages of design and management of a SA. This paper discusses how a CDePE is addressed in the ISO/IEC 27000 series of standards and identifies ten factors, besides technical ones, that are important for the success of a SA. This paper emerged as a result of an analysis of the current state of the information security discipline and of the modern trends in the discipline. 1

Research paper thumbnail of Live Free or Die Hard: Cybersecurity, Governments, Corporations and Responses to threats to Critical National Infrastructure in the United States and UK

Research paper thumbnail of Towards Gender Equality in Software Engineering: The NSA Approach

2018 IEEE/ACM 1st International Workshop on Gender Equality in Software Engineering (GE), 2018

Multiple studies show that women are under-represented in almost all of fields of Science, Techno... more Multiple studies show that women are under-represented in almost all of fields of Science, Technology, Engineering and Maths (STEM). This gender gap is also present at higher education institutions in both student numbers and academic staff. A range of measures could be implemented to tackle this issue. In this position paper, we outline the measures that the School of Computer Sciences and Informatics of Cardiff University, UK, implemented over the past years, to foster a culture in which women could excel. Then, we discuss the measures that we plan to implement in future in order to increase the number of women both among students and academic staff.

Research paper thumbnail of Towards a Framework for Measuring the Performance of a Security Operations Center Analyst

2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)

The past few years have seen several studies reporting on the role of a Security Operations Cente... more The past few years have seen several studies reporting on the role of a Security Operations Center (SOC) analyst and metrics for assessing the performance of analysts. However, research suggests that analysts are dissatisfied with existing metrics as they fail to take into consideration several aspects of their tasks. Existing works advocate for research into this area. A major challenge to devising adequate metrics is that the real work of analysts that needs to be taken into consideration to assess their holistic performance has not been fully discussed. Furthermore, at present, there is no agreement on what constitutes core analysts' functions. Analysts' overall performance in a SOC could be obtained if there is a common agreement on the core functions upon which their performance can be evaluated. In this paper, we propose a framework depicting the core functions of analysts and KPIs that can be used to measure the performance of analysts. To do this, we conducted a thorough analysis of the functions of a SOC described in multiple sources of literature and engaged with several analysts and SOC managers from different industries using qualitative semi-structured interviews. Our research results identify the following: quality of analysts' analysis, quality of analysts' report, time-based measures and the absolute numbers derived from an analyst's tasks as the key performance indicators (KPIs) for assessing analysts' performance. We hope that our findings will stimulate more interest among cybersecurity researchers on assessment methods for analysts.

Research paper thumbnail of SCADA System Forensic Analysis Within IIoT

Springer Series in Advanced Manufacturing

A new wave of industrial technology has emerged in the form of Industry 4.0, which has seen a pro... more A new wave of industrial technology has emerged in the form of Industry 4.0, which has seen a progression from electronic devices and IT (Information Technology) systems that automate production advance to a new revolution of Cyber-Physical Production Systems used for Smart Manufacturing and Smart Factories via IIoT (Industrial Internet of Things). As more and more devices are becoming connected and networked to allow for Smart Manufacturing to take place the number of data sources significantly increases as a result. Real-time Information is then becoming increasingly interlinked across multiple industries for a more efficient productivity process and a reduction in cost. Aside from Smart manufacturing and factories, Industry 4.0 has already seen huge advances in infrastructure management, energy management, transportation and building and home automation. With such industries relying so heavily on real-time data from connected sensors the security of these systems are at risk due to the reliance on low-latency and reliable communication for critical processes. The increase of interconnected networks and devices across the Internet significantly increases the amount of entry points into these systems, increasing their vulnerability and allowing outsiders to take advantage of any weaknesses within them. This has already been highlighted by the events of Stuxnet, Havex, Black Energy and the German Steel Mill that targeted ICS (Industrial Control Systems) and SCADA (Supervisory Control and Data Acquisition) Systems causing catastrophic results. The use of SIEM (Security Information and Event Management) services, IDS (Intrusion Detection Systems), IPS (Intrusion Prevention Systems) and firewalls may be implemented within ICS but only operate on the perimeters of their networks or segmented networks and not at the lower operational level where critical processes rely on speed and availability simply because by doing so could introduce latency between critical processes. When events do occur, regardless of whether an incident is accidental or deliberate, an immediate incident response should take place. This chapter focusses on the forensic challenges and analysis of the physical infrastructure that underpins the systems operating within IIoT. It discusses the development of SCADA system architecture over the past few decades and how it has arrived at IIoT, creating the new generation of SCADA systems. The chapter then discusses the current available tools that exist that can help carry out a forensic investigation of a SCADA system operating within IIoT space before closing with a suggested SCADA Incident Response Model.

Research paper thumbnail of Challenges and performance metrics for security operations center analysts: a systematic review

Journal of Cyber Security Technology

ABSTRACT The increasing use of Security Operations Centers (SOCs) by organisations as a part of t... more ABSTRACT The increasing use of Security Operations Centers (SOCs) by organisations as a part of their cyber security strategy has led to several studies aiming to understand and improve SOC operations. However, to the best of our knowledge, there is no systematic literature review on the challenges faced by SOC analysts or on metrics for measuring analysts performance. To this end, we conducted a Systematic Literature Review (SLR) in accordance with the guidelines for undertaking SLR and analyzed papers published on SOCs between 2008 and 2018. We provide a comprehensive overview of the challenges faced by SOC analysts and of the metrics suggested in the literature for measuring analysts performance. In addition, we present a mapping between the challenges and existing performance metrics showing how the effectiveness of an analyst in addressing a particular challenge could be measured. We also discuss the drawbacks of the existing metrics and suggest directions for improvement. Our findings will enable SOC analysts and managers, as well as the academic community to gain a better understanding of the challenges impeding the performance of SOC analysts, and how analysts performance could be measured and improved.

Research paper thumbnail of Determining and Sharing Risk Data in Distributed Interdependent Systems

Computer

While the risks induced by system dependencies have been studied; little is known about modelling... more While the risks induced by system dependencies have been studied; little is known about modelling complex collections of supposedly independent systems at different geographical locations, which are in reality interdependent due to sharing often-unrecognized common elements. It could be argued that any risk analysis of a large infrastructure that does not take account of such interdependencies is dangerously introspective. We present a top-down, goal-to-dependencies approach to modelling and understanding such Complex Systems, which uses secure, distributed computing protocols to share risk data between the risk models of interdependent systems. We present a Bayesian-sensitivity measure of risk, which is both intuitively satisfying and accords with everyday notions of risk. The core benefit of this approach is to capture dependencies between systems and share risk data such that failure of an entity along the 'supply chain' can be rapidly propagated to those who depend on it allowing them to calculate the likely impact and respond accordingly.

Research paper thumbnail of A multifaceted evaluation of the reference model of information assurance & security

Computers & Security, 2016

The evaluation of a conceptual model, which is an outcome of a qualitative research, is an arduou... more The evaluation of a conceptual model, which is an outcome of a qualitative research, is an arduous task due to the lack of a rigorous basis for evaluation. Overcoming this challenge, the paper at hand presents a detailed example of a multifaceted evaluation of a Reference Model of Information Assurance & Security (RMIAS), which summarises the knowledge acquired by the Information Assurance & Security community to date in one all-encompassing model. A combination of analytical and empirical evaluation methods is exploited to evaluate the RMIAS in a sustained way overcoming the limitations of separate methods. The RMIAS is analytically evaluated regarding the quality criteria of conceptual models and compared with existing models. Twenty-six semistructured interviews with IAS experts are conducted to test the merit of the RMIAS. Three workshops and a case study are carried out to verify the practical value of the model. The paper discusses the evaluation methodology and evaluation results.

Research paper thumbnail of Forensic Readiness for SCADA/ICS Incident Response

Electronic Workshops in Computing, 2016

The actions carried out following any cyber-attack are vital in limiting damage, regaining contro... more The actions carried out following any cyber-attack are vital in limiting damage, regaining control and determining the cause and those responsible. Within SCADA and ICS environments there is certainly no exception. Critical National Infrastructure (CNI) relies heavily on SCADA systems to monitor and control critical processes. Many of these systems span huge geographical areas and contain thousands of individual devices, across an array of asset types. When an incident occurs, those assets contain forensic artefacts, which can be thought of as any data that provides explanation to the current state of the SCADA system. Knowing what devices exist within the network and the tools and methods to retrieve data from them are some of the biggest challenges for incident response within CNI. This paper aims to identify those assets and their forensic value whilst providing the tools needed to perform data acquisition in a forensically sound manner. It will also discuss the key stages in which the incident response process can be managed.

Research paper thumbnail of Secure*BPMN : a graphical extension for BPMN 2.0 based on a reference model of information assurance & security

The main contribution of this thesis is Secure*BPMN, a graphical security modelling extension for... more The main contribution of this thesis is Secure*BPMN, a graphical security modelling extension for the de-facto industry standard business process modelling language BPMN 2.0.1. Secure*BPMN enables a cognitively effective representation of security concerns in business process models. It facilitates the engagement of experts with different backgrounds, including non-security and nontechnical experts, in the discussion of security concerns and in security decision-making. The strength and novelty of Secure*BPMN lie in its comprehensive semantics based on a Reference Model of Information Assurance & Security (RMIAS) and in its cognitively effective syntax. The RMIAS, which was developed in this project, is a synthesis of the existing knowledge of the Information Assurance & Security domain. The RMIAS helps to build an agreed-upon understanding of Information Assurance & Security, which experts with different backgrounds require before they may proceed with the discussion of security is...

Research paper thumbnail of Information Security and Information Assurance

Research paper thumbnail of Towards SecureBPMN - Aligning BPMN with the Information Assurance and Security Domain

Lecture Notes in Business Information Processing, 2012

The participation of business experts in the elicitation and formulation of Information Assurance... more The participation of business experts in the elicitation and formulation of Information Assurance & Security (IAS) requirements is crucial. Although business experts have security-related knowledge, there is still no formalised business process modelling notation allowing them to express this knowledge in a clear, unambiguous manner. In this paper we outline the foundational basis for SecureBPMN -a graphical security modelling extension for the BPMN 2.0. We also align the BPMN with the IAS domain in order to identify points for the extension. Se-cureBPMN adopts a holistic approach to IAS and is designed to serve as a "communication bridge" between business and security experts. 1

Research paper thumbnail of Security Architecture in a Collaborative De-Perimeterised Environment: Factors of Success

ISSE 2011 Securing Electronic Business Processes, 2011

Abstract Security Architecture (SA) is concerned with such tasks as design, development and manag... more Abstract Security Architecture (SA) is concerned with such tasks as design, development and management of secure business information systems. These tasks are inherently complex and become several orders of magnitude more sophisticated in a Collaborative De-Perimeterised Environment (CDePE). Although significant research exists about the technical solutions that may be used in a CDePE, we believe there is an important gap in current literature in addressing the specifics of collaboration and deperimeterisation at the ...

Research paper thumbnail of SecureBPMN-Aligning BPMN with the Information Assurance & Security Domain

Research paper thumbnail of Mind Map of a SCADA system - INVITATION TO PARTICIPATE

In April 2014, the Welsh Government and the EADS Foundation Wales invested in a new research pro... more In April 2014, the Welsh Government and the EADS Foundation Wales invested in a new research project titled “SCADA Cyber Security Lifecycle".

As a part of this project, we are conducting a SCADA mind mapping exercise.

We would like to invite all academics and practitioners who deal with SCADA systems to participate in this exercise.

You are asked only to draw YOUR MIND MAP of a SCADA system. It typically takes between 15-30 minutes.

Research paper thumbnail of Cherdantseva, Y., Burnap P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: "A Review of cyber security risk assessment methods for SCADA systems" . Computers & Security. Volume 56, February 2016, pp. 1-27.

Cherdantseva, Y., Burnap P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: "A Review of cyber security risk assessment methods for SCADA systems" . Computers & Security. Volume 56, February 2016, pp. 1-27.

This paper reviews the state of the art in cyber security risk assessment of Supervisory Control ... more This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods and then analyse them in terms of aim; application domain; the stages of risk management addressed; key risk management concepts covered; impact measurement; sources of probabilistic data; evaluation and tool support. Based on the analysis, we suggest an intuitive scheme for the categorisation of cyber security risk assessment methods for SCADA systems. We also outline five research challenges facing the domain and point out the approaches that might be taken.

Research paper thumbnail of Cherdantseva, Y.; Hilton, J., "A Reference Model of Information Assurance & Security," Availability, Reliability and Security (ARES), 2013 Eighth International Conference on, pp.546-555, 2-6 Sept. 2013

Accepted to SecOnt 2013 workshop which will be held in conjunction with the 8th International Conference on Availability, Reliability and Security (ARES) 2013, University of Regensburg, Germany. September 2nd - 6th, 2013

Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response... more Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response to the evolution of society, business needs and technology. This paper proposes a Reference Model of Information Assurance & Security (RMIAS), which endeavours to address the recent trends in the IAS evolution, namely diversification and deperimetrisation. The model incorporates four dimensions: Information System Security Life Cycle, Information Taxonomy, Security Goals and Security Countermeasures. In addition to the descriptive knowledge, the RMIAS embeds the methodological knowledge. A case study demonstrates how the RMIAS assists with the development and revision of an Information Security Policy Document. 1