Assessing System Performance Impact of Security Attacks

US 20120174231A1
Filed: 07/08/2011
Published: 07/05/2012
Est. Priority Date: 01/04/2011
Status: Active Grant

First Claim

Patent Images

1. A method for assessing an impact of a security attack on a system comprises:

defining a system affecting metric for an observation period as a fraction of time the system satisfies a defined specification;

defining a resource failure based model and a resource usage based model for the system;

obtaining results for each of a plurality of states of the resource failure based model and the resource usage based model;

solving the resource failure based model and the resource usage based model and obtaining a term fraction of time each model spends on each of the plurality of states;

obtaining a state probability according to the term fraction; and

obtaining a measure of the system affecting metric according to the state probability.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for assessing an impact of a security attack on a system includes defining a system affecting metric for an observation period as a fraction of time the system satisfies a defined specification, defining a resource failure based model and a resource usage based model for the system, obtaining results for each of a plurality of states of the resource failure based model and the resource usage based model, solving the resource failure based model and the resource usage based model and obtaining a term fraction of time each model spends on each of the plurality of states, obtaining a state probability according to the term fraction, and obtaining a measure of the system affecting metric according to the state probability.

28 Citations

View as Search Results

21 Claims

1. A method for assessing an impact of a security attack on a system comprises:
- defining a system affecting metric for an observation period as a fraction of time the system satisfies a defined specification;
  
  defining a resource failure based model and a resource usage based model for the system;
  
  obtaining results for each of a plurality of states of the resource failure based model and the resource usage based model;
  
  solving the resource failure based model and the resource usage based model and obtaining a term fraction of time each model spends on each of the plurality of states;
  
  obtaining a state probability according to the term fraction; and
  
  obtaining a measure of the system affecting metric according to the state probability.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claims 1, wherein the system reliability metric is conditioned on an occurrence of the security attack on the system.
  - 3. The method of claims 1, wherein the results convey a number of resources used in the resource usage based model.
  - 4. The method of claims 1, wherein the results convey a number of resources failed in the resource failure based model.
  - 5. The method of claims 1, further comprising a plurality of resource failure based models, wherein each model is associated with a corresponding resource configuration.
  - 6. The method of claims 1, wherein obtaining the system reliability metric further comprises summing the states for a plurality of system performance requirements.
  - 7. The method of claim 1, wherein the system reliability metric measures performance as accuracy.
  - 8. The method of claim 7, wherein the accuracy is a measure of pass/fail criteria determined for each state of the resource usage models for a defined failure configuration.
  - 9. The method of claim 1, wherein the system reliability metric measures performance as efficiency.
  - 10. The method of claim 9, wherein the efficiency is a measure of a derivation of a security test suite including the security attack.

11. A system for assessing an impact of a security attack comprising:
- a processor configured to obtain a measure of a system affecting metric for an observation period as a fraction of time the system satisfies a defined specification according to a state probability by defining a resource failure based Markov chain and a resource usage based Markov chain for the system, obtaining results for each of a plurality of states of the resource failure based Markov chain and the resource usage based Markov chain, solving the resource failure based Markov chain and the resource usage based Markov chain and obtaining a term fraction of time each Markov chain spends on each state, obtaining a Markov state probability; and
  
  obtaining a measure of the system affecting metric according to the state probability; and
  
  a memory configured to store the measure of a system affecting metric.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claims 11, wherein the system reliability metric is conditioned on an occurrence of the security attack on the system.
  - 13. The system of claims 11, wherein the results convey a number of resources used in the resource usage based model.
  - 14. The system of claims 11, wherein the results convey a number of resources failed in the resource failure based model.
  - 15. The system of claims 11, further comprising a plurality of resource failure based models, wherein each model is associated with a corresponding resource configuration.
  - 16. The system of claims 11, wherein obtaining the system reliability metric further comprises summing the states for a plurality of system performance requirements.
  - 17. The system of claim 11, wherein the system reliability metric measures performance as accuracy.
  - 18. The system of claim 17, wherein the accuracy is a measure of pass/fail criteria determined for each state of the resource usage models for a defined failure configuration.
  - 19. The system of claim 11, wherein the system reliability metric measures performance as efficiency.
  - 20. The system of claim 19, wherein the efficiency is a measure of a derivation of a security test suite including the security attack.

21. A non-transitory computer readable medium storing instructions executable by a processor to performed method for assessing an impact of a security attack on a system, the method comprising:
- defining a system affecting metric for an observation period as a fraction of time the system satisfies a defined specification;
  
  defining a resource failure based model and a resource usage based model for the system;
  
  obtaining results for each of a plurality of states of the resource failure based model and the resource usage based model;
  
  solving the resource failure based model and the resource usage based model and obtaining a term fraction of time each model spends on each of the plurality of states;
  
  obtaining a state probability according to the term fraction; and
  
  obtaining a measure of the system affecting metric according to the state probability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Siemens AG
Original Assignee
Siemens Corp. (Siemens AG)
Inventors
Avritzer, Alberto

Granted Patent

US 8,832,839 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 11/00   Error detection; Error corr...

G06F 11/3409   for performance assessment

G06F 21/00   Security arrangements for p...

G06F 2201/81   Threshold

G06Q 10/00   Administration; Management

Assessing System Performance Impact of Security Attacks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Assessing System Performance Impact of Security Attacks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links