Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture
First Claim
1. A computer-implemented security evaluation method comprising:
- accessing information regarding a physical architecture and a cyber architecture of a facility;
building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas;
identifying a target within the facility;
executing the model a plurality of times to simulate a plurality of attacks against the target by at least one adversary traversing at least one of the physical areas and at least one of the cyber areas;
using results of the executing, providing information regarding a security risk of the facility with respect to the target;
wherein individual executions of the model comprise initiating counting of a timer once the at least one adversary is detected; and
wherein the providing comprises providing information indicating whether the at least one adversary reached the target during the executions of the model using information of the timer.
2 Assignments
0 Petitions
Accused Products
Abstract
Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.
20 Citations
21 Claims
-
1. A computer-implemented security evaluation method comprising:
-
accessing information regarding a physical architecture and a cyber architecture of a facility; building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas; identifying a target within the facility; executing the model a plurality of times to simulate a plurality of attacks against the target by at least one adversary traversing at least one of the physical areas and at least one of the cyber areas; using results of the executing, providing information regarding a security risk of the facility with respect to the target; wherein individual executions of the model comprise initiating counting of a timer once the at least one adversary is detected; and wherein the providing comprises providing information indicating whether the at least one adversary reached the target during the executions of the model using information of the timer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A security evaluation system comprising:
-
an interface configured to receive information regarding a physical architecture and a cyber architecture of a facility; and processing circuitry coupled with the interface and configured to; build a model of the facility comprising a plurality of physical areas of the physical architecture and a plurality of cyber areas of the cyber architecture; execute the model a plurality of times to simulate a plurality of attacks against the facility by at least one adversary traversing at least one of the physical areas and at least one of the cyber areas; after the execution, revise the model a plurality of times generating a plurality of revised versions of the model; and after the revision, execute each of the revised versions of the model a plurality of additional times to simulate a plurality of additional attacks against the facility by at least one adversary traversing at least one of the physical areas and at least one of the cyber areas. - View Dependent Claims (16, 17, 18)
-
-
19. An article of manufacture comprising:
non-transitory computer-readable storage medium comprising programming which causes processing circuitry to perform processing comprising; accessing information regarding a physical architecture and a cyber architecture of a facility; building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas; executing the model comprising; identifying a target within the facility; defining a route of attack by an adversary traversing at least one of the physical areas and at least one of the cyber areas to the target; detecting the adversary on the route of attack; as a result of the detecting, initiating a timer which counts a predetermined length of time; and determining whether the at least one adversary reached the target before the predetermined length of time has been counted. - View Dependent Claims (20, 21)
Specification