A Simulation Model for Managing Survivability of Networked Information Systems
• Technical Report
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-2000-TR-020Abstract
In this paper, we develop a model to evaluate the tradeoffs between the cost of defense mechanisms for networked systems and the resulting expected survivability after a network attack. The model consists of three submodels. The first submodel simulates the occurrence of attacks or incidents. The second submodel simulates the impact of an attack on the system based on the type of attack and the defense mechanism installed in the system. The third submodel assesses the survivability of the system which depends on the degree of its degradation after the attack. By varying the level of defense in the simulation, we examine how this expected survivability changes with the defense level. Since costs are assumed to increase with the strength of the defense system, we can derive a cost/survivability curve that managers can use to decide on the appropriate level of security for their organizations. We have also explored the sensitivity of expected survivability to various parameters of the model, such as the mix of attack types and the rate of occurrence of incidents.
Cite This Technical Report
Moitra, S., & Konda, S. (2000, December 1). A Simulation Model for Managing Survivability of Networked Information Systems. (Technical Report CMU/SEI-2000-TR-020). Retrieved April 23, 2024, from https://insights.sei.cmu.edu/library/a-simulation-model-for-managing-survivability-of-networked-information-systems/.
@techreport{moitra_2000,
author={Moitra, Soumyo and Konda, Suresh},
title={A Simulation Model for Managing Survivability of Networked Information Systems},
month={Dec},
year={2000},
number={CMU/SEI-2000-TR-020},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://insights.sei.cmu.edu/library/a-simulation-model-for-managing-survivability-of-networked-information-systems/},
note={Accessed: 2024-Apr-23}
}
Moitra, Soumyo, and Suresh Konda. "A Simulation Model for Managing Survivability of Networked Information Systems." (CMU/SEI-2000-TR-020). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, December 1, 2000. https://insights.sei.cmu.edu/library/a-simulation-model-for-managing-survivability-of-networked-information-systems/.
S. Moitra, and S. Konda, "A Simulation Model for Managing Survivability of Networked Information Systems," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2000-TR-020, 1-Dec-2000 [Online]. Available: https://insights.sei.cmu.edu/library/a-simulation-model-for-managing-survivability-of-networked-information-systems/. [Accessed: 23-Apr-2024].
Moitra, Soumyo, and Suresh Konda. "A Simulation Model for Managing Survivability of Networked Information Systems." (Technical Report CMU/SEI-2000-TR-020). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Dec. 2000. https://insights.sei.cmu.edu/library/a-simulation-model-for-managing-survivability-of-networked-information-systems/. Accessed 23 Apr. 2024.
Moitra, Soumyo; & Konda, Suresh. A Simulation Model for Managing Survivability of Networked Information Systems. CMU/SEI-2000-TR-020. Software Engineering Institute. 2000. https://insights.sei.cmu.edu/library/a-simulation-model-for-managing-survivability-of-networked-information-systems/