ISSN : 1796-2056
Volume : 1    Issue : 5    Date : September/October 2006

On Stochastic Modeling for Integrated Security and Dependability Evaluation
Karin Sallhammar, Bjarne E. Helvik, and Svein J. Knapskog
Page(s): 31-42
Full Text:
PDF (650 KB)

This paper presents a new approach to integrated security and dependability evaluation, which is
based on stochastic modeling techniques. Our proposal aims to provide operational measures of
the trustworthiness of a system, regardless if the underlying failure cause is intentional or not. By
viewing system states as elements in a stochastic game, we can compute the probabilities of
expected attacker behavior, and thereby be able to model attacks as transitions between system
states. The proposed game model is based on a reward- and cost concept. A section of the paper is
devoted to the demonstration of how the expected attacker behavior is affected by the parameters of
the game. Our model opens up for use of traditional Markov analysis to make new types of
probabilistic predictions for a system, such as its expected time to security failure.

Index Terms
stochastic models, integrating security and dependability, security measures, game theory