Quantitative Security Metrics for Cyber-Human Systems

Investigators:  William Sanders and David Nicol

This project looks at how security metrics that take into account user behavior can be used in the design process. We propose both fundamental work in modeling methodology, formalisms, and solution methods, and practical implementation in software form. When completed, this modeling approach will provide a structured and quantitative means of analyzing cyber security problems whose outcomes are influenced by user, attacker, and system, interactions.  This capability is a key element in creating a true science of security.

Hard Problem Addressed