Risk assessment methodology based on the NISTIR 7628 guidelines

Robert K. Abercrombie; Frederick T. Sheldon; Katie R. Hauser; Margaret W. Lantz; Ali Mili

doi:10.1109/HICSS.2013.466

Risk assessment methodology based on the NISTIR 7628 guidelines

Robert K. Abercrombie, Frederick T. Sheldon, Katie R. Hauser, Margaret W. Lantz, Ali Mili

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

22 Scopus citations

Abstract

Earlier work describes computational models of critical infrastructure that allow an analyst to estimate the security of a system in terms of the impact of loss per stakeholder resulting from security breakdowns. Here, we consider how to identify, monitor and estimate risk impact and probability for different smart grid stakeholders. Our constructive method leverages currently available standards and defined failure scenarios. We utilize the National Institute of Standards and Technology (NIST) Interagency or Internal Reports (NISTIR) 7628 as a basis to apply Cyberspace Security Econometrics system (CSES) for comparing design principles and courses of action in making security-related decisions.

Original language	English (US)
Title of host publication	Proceedings of the 46th Annual Hawaii International Conference on System Sciences, HICSS 2013
Pages	1802-1811
Number of pages	10
DOIs	https://doi.org/10.1109/HICSS.2013.466
State	Published - 2013
Externally published	Yes
Event	46th Annual Hawaii International Conference on System Sciences, HICSS 2013 - Wailea, Maui, HI, United States Duration: Jan 7 2013 → Jan 10 2013

Publication series

Name	Proceedings of the Annual Hawaii International Conference on System Sciences
ISSN (Print)	1530-1605

Other

Other	46th Annual Hawaii International Conference on System Sciences, HICSS 2013
Country/Territory	United States
City	Wailea, Maui, HI
Period	1/7/13 → 1/10/13

All Science Journal Classification (ASJC) codes

General Engineering

Access to Document

10.1109/HICSS.2013.466

Cite this

Abercrombie, R. K., Sheldon, F. T., Hauser, K. R., Lantz, M. W., & Mili, A. (2013). Risk assessment methodology based on the NISTIR 7628 guidelines. In Proceedings of the 46th Annual Hawaii International Conference on System Sciences, HICSS 2013 (pp. 1802-1811). Article 6480058 (Proceedings of the Annual Hawaii International Conference on System Sciences). https://doi.org/10.1109/HICSS.2013.466

@inproceedings{ecfbec37c3ee4e3c8e5042e059cab1bf,

title = "Risk assessment methodology based on the NISTIR 7628 guidelines",

abstract = "Earlier work describes computational models of critical infrastructure that allow an analyst to estimate the security of a system in terms of the impact of loss per stakeholder resulting from security breakdowns. Here, we consider how to identify, monitor and estimate risk impact and probability for different smart grid stakeholders. Our constructive method leverages currently available standards and defined failure scenarios. We utilize the National Institute of Standards and Technology (NIST) Interagency or Internal Reports (NISTIR) 7628 as a basis to apply Cyberspace Security Econometrics system (CSES) for comparing design principles and courses of action in making security-related decisions.",

author = "Abercrombie, {Robert K.} and Sheldon, {Frederick T.} and Hauser, {Katie R.} and Lantz, {Margaret W.} and Ali Mili",

year = "2013",

doi = "10.1109/HICSS.2013.466",

language = "English (US)",

isbn = "9780769548920",

series = "Proceedings of the Annual Hawaii International Conference on System Sciences",

pages = "1802--1811",

booktitle = "Proceedings of the 46th Annual Hawaii International Conference on System Sciences, HICSS 2013",

note = "46th Annual Hawaii International Conference on System Sciences, HICSS 2013 ; Conference date: 07-01-2013 Through 10-01-2013",

}

Abercrombie, RK, Sheldon, FT, Hauser, KR, Lantz, MW & Mili, A 2013, Risk assessment methodology based on the NISTIR 7628 guidelines. in Proceedings of the 46th Annual Hawaii International Conference on System Sciences, HICSS 2013., 6480058, Proceedings of the Annual Hawaii International Conference on System Sciences, pp. 1802-1811, 46th Annual Hawaii International Conference on System Sciences, HICSS 2013, Wailea, Maui, HI, United States, 1/7/13. https://doi.org/10.1109/HICSS.2013.466

Risk assessment methodology based on the NISTIR 7628 guidelines. / Abercrombie, Robert K.; Sheldon, Frederick T.; Hauser, Katie R. et al.
Proceedings of the 46th Annual Hawaii International Conference on System Sciences, HICSS 2013. 2013. p. 1802-1811 6480058 (Proceedings of the Annual Hawaii International Conference on System Sciences).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Risk assessment methodology based on the NISTIR 7628 guidelines

AU - Abercrombie, Robert K.

AU - Sheldon, Frederick T.

AU - Hauser, Katie R.

AU - Lantz, Margaret W.

AU - Mili, Ali

PY - 2013

Y1 - 2013

N2 - Earlier work describes computational models of critical infrastructure that allow an analyst to estimate the security of a system in terms of the impact of loss per stakeholder resulting from security breakdowns. Here, we consider how to identify, monitor and estimate risk impact and probability for different smart grid stakeholders. Our constructive method leverages currently available standards and defined failure scenarios. We utilize the National Institute of Standards and Technology (NIST) Interagency or Internal Reports (NISTIR) 7628 as a basis to apply Cyberspace Security Econometrics system (CSES) for comparing design principles and courses of action in making security-related decisions.

AB - Earlier work describes computational models of critical infrastructure that allow an analyst to estimate the security of a system in terms of the impact of loss per stakeholder resulting from security breakdowns. Here, we consider how to identify, monitor and estimate risk impact and probability for different smart grid stakeholders. Our constructive method leverages currently available standards and defined failure scenarios. We utilize the National Institute of Standards and Technology (NIST) Interagency or Internal Reports (NISTIR) 7628 as a basis to apply Cyberspace Security Econometrics system (CSES) for comparing design principles and courses of action in making security-related decisions.

UR - http://www.scopus.com/inward/record.url?scp=84875503340&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84875503340&partnerID=8YFLogxK

U2 - 10.1109/HICSS.2013.466

DO - 10.1109/HICSS.2013.466

M3 - Conference contribution

AN - SCOPUS:84875503340

SN - 9780769548920

T3 - Proceedings of the Annual Hawaii International Conference on System Sciences

SP - 1802

EP - 1811

BT - Proceedings of the 46th Annual Hawaii International Conference on System Sciences, HICSS 2013

T2 - 46th Annual Hawaii International Conference on System Sciences, HICSS 2013

Y2 - 7 January 2013 through 10 January 2013

ER -

Risk assessment methodology based on the NISTIR 7628 guidelines

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this