On the cost of cyber security in smart business

Ivkic, Igor; Wolfauer, Stephan; Oberhofer, Thomas; Tauber, Markus

doi:10.23919/icitst.2017.8356395

Cited by 4 publications

(3 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In other words, these solutions focus on evaluating whether a security control has been implemented or not and how much effort it takes (or how much it costs) to do so. This approach of measuring the costs of implementing security controls using money as a metric is similar to our first publication in [29]. The work of Naylor et al [41] comes closest to our presented approach in this article, where they used different metrics to measure the Security Costs of the Hypertext Transfer Protocol Secure (HTTPS).…”

Section: Measuring Cyber Security Without Security Costs-relatednessmentioning

confidence: 83%

“…This article builds on three publications from our previous work that lay the foundation towards developing the SCMF. The initial idea regarding measuring Security Costs was presented in [29], where we argued that providing security always produces an additional overhead that could be measured and analysed. However, this first publication mainly focused on how much money and time has to be spent to buy and implement security controls to design secure applications.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Security Cost Modelling Framework for Cyber-Physical Systems

Ivkic

Sailer

Gouglidis

et al. 2022

ACM Trans. Internet Technol.

View full text Add to dashboard Cite

Cyber-Physical Systems (CPS) are formed through interconnected components capable of computation, communication, sensing and changing the physical world. The development of these systems poses a significant challenge, since they have to be designed in a way to ensure cyber-security without impacting their performance. This article presents the Security Cost Modelling Framework (SCMF) and shows supported by an experimental study how it can be used to measure, normalise, and aggregate the overall performance of a CPS. Unlike previous studies, our approach uses different metrics to measure the overall performance of a CPS and provides a methodology for normalising the measurement results of different units to a common Cost Unit . Moreover, we show how the Security Costs can be extracted from the overall performance measurements, which allows us to quantify the overhead imposed by performing security-related tasks. Furthermore, we describe the architecture of our experimental testbed and demonstrate the applicability of SCMF in an experimental study. Our results show that measuring the overall performance and extracting the security costs using SCMF can serve as basis to redesign interactions to achieve the same overall goal at less costs.

show abstract

Section: Measuring Cyber Security Without Security Costs-relatednessmentioning

confidence: 83%

Section: Introductionmentioning

confidence: 99%

A Security Cost Modelling Framework for Cyber-Physical Systems

Ivkic

Sailer

Gouglidis

et al. 2022

ACM Trans. Internet Technol.

View full text Add to dashboard Cite

show abstract

“…Nevertheless, in comparison to the identified related work, this paper provides a more general, interaction-based approach for evaluating security costs in CPS. This paper is a continuation of [26] where we introduced a high-level process flow based on Six Sigma for identifying, categorizing, analysing and eliminating security risks and measuring the resulting costs. This initial investigation included the evaluation of (i) how security risks of a smart business use case can be eliminated by implementing security controls, and (ii) how the resulting costs could be measured using a monetary cost metric (Euro).…”

Section: Related Work and Backgroundmentioning

confidence: 99%

Towards a Security Cost Model for Cyber-Physical Systems

Ivkic

Mauthe

Tauber

2019

2019 16th IEEE Annual Consumer Communications &Amp; Networking Conference (CCNC)

Self Cite

View full text Add to dashboard Cite

In times of Industry 4.0 and cyber-physical systems (CPS) providing security is one of the biggest challenges. A cyber attack launched at a CPS poses a huge threat, since a security incident may affect both the cyber and the physical world. Since CPS are very flexible systems, which are capable of adapting to environmental changes, it is important to keep an overview of the resulting costs of providing security. However, research regarding CPS currently focuses more on engineering secure systems and does not satisfactorily provide approaches for evaluating the resulting costs. This paper presents an interaction-based model for evaluating security costs in a CPS. Furthermore, the paper demonstrates in a use case driven study, how this approach could be used to model the resulting costs for guaranteeing security.

show abstract

Computational Intelligence Enabled Cybersecurity for the Internet of Things

Zhao

et al. 2020

IEEE Trans. Emerg. Top. Comput. Intell.

View full text Add to dashboard Cite

On the cost of cyber security in smart business

Cited by 4 publications

References 8 publications

A Security Cost Modelling Framework for Cyber-Physical Systems

A Security Cost Modelling Framework for Cyber-Physical Systems

Towards a Security Cost Model for Cyber-Physical Systems

Computational Intelligence Enabled Cybersecurity for the Internet of Things

Contact Info

Product

Resources

About