Towards the Definition of a Security Incident Response Modelling Language

Athinaiou, Myrsini; Mouratidis, Haralambos; Fotis, Theofanis; Pavlidis, Michalis; Panaousis, Emmanouil

doi:10.1007/978-3-319-98385-1_14

Cited by 5 publications

(4 citation statements)

References 20 publications

(16 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The approach integrates active incident handling with a reactive approach in order to provide a real-time insight into attacks and alerts related to cyber events using multiple subcomponents. Athinaiou et al (2018) developed a security incident response modelling language by integrating a cyber-physical system with incident response considered for health-based critical infrastructures . Incidents are specifically modelled by means of reflexive associations that cascade the influence from one incident to another incident.…”

Section: Related Work and Backgroundmentioning

confidence: 99%

“…Other research is oriented towards the construction of a modelling language for security incident response ( Athinaiou et al, 2018 ). The creation of a system that can support security managers in incident management in CIIs is also dealt with ( Papastergiou et al, 2019 ), as is incident handling, targeting critical sectors such as energy and transport ( Papastergiou et al, 2021 ).…”

Section: Related Work and Backgroundmentioning

confidence: 99%

See 1 more Smart Citation

Modelling language for cyber security incident handling for critical infrastructures

Mouratidis¹,

Islam²,

Santos-Olmo³

et al. 2023

Computers & Security

View full text Add to dashboard Cite

Section: Related Work and Backgroundmentioning

confidence: 99%

Section: Related Work and Backgroundmentioning

confidence: 99%

Modelling language for cyber security incident handling for critical infrastructures

Mouratidis¹,

Islam²,

Santos-Olmo³

et al. 2023

Computers & Security

View full text Add to dashboard Cite

“…The Secure Tropos metamodel inspired the first design attempt of a cyber resiliency modelling language for healthcare [34]. The initial design of the metamodel can be found in [6]. The decision of a redesign stemmed from interviews with experts from the Brighton and Sussex University Hospitals and MedStar Health as well as the application of small case studies.…”

Section: Redesign Decisions and Challengesmentioning

confidence: 99%

A Conceptual Redesign of a Modelling Language for Cyber Resiliency of Healthcare Systems

et al. 2020

Self Cite

View full text Add to dashboard Cite

Security constraints that enforce security requirements characterize healthcare systems. These constraints have a substantial impact on the resiliency of the final system. Security requirements modelling approaches allow the prevention of cyber incidents; however, the focus to date has been on prevention rather than resiliency. Resiliency extends into the detection, mitigation and recovery after security violations. In this paper, we propose an enhanced at a conceptual level that attempts to align cybersecurity with resiliency. It does so by extending the Secure Tropos cybersecurity modelling language to include resiliency. The proposed conceptual model examines resiliency from three viewpoints, namely the security requirements, the healthcare context and its implementational capability. We present an overview of our conceptual model of a cyber resiliency language and discuss a case study to attest the healthcare context in our approach.

show abstract

“…Such language should enable identification and modelling of cyber security resilience at different organizational and technical levels and based on concepts that are easily understood across those levels, such as "organization", "goal", "process", "security incident", "security threat" and "security control". One such language from the cyber resilience literature is the Security Incident Response Modelling Language (SIRML) [25], which has been developed to capture incident response (IR) concepts. The language builds upon the Secure Tropos [17] modelling language and extends concepts, attributes and relationships to allow the cyber-physical aspect to be represented along with the view of IR as integral part of security.…”

Section: Security Resilience Conceptual Modelling) and Levels (Eg Ana...mentioning

confidence: 99%

Cyber Security Resilience in Business Informatics: An Exploratory Paper

Mouratidis

Zdravković

Stirna

2020

Lecture Notes in Business Information Processing

Self Cite

View full text Add to dashboard Cite

Although considerable effort is made to secure organisational infrastructures and to protect organizational assets, it is widely acknowledged that it is equally important to ensure that organisations need to define appropriate ways to harden their overall resilience including recovery from security incidents. In this exploratory paper we outline research challenges and we present the motivation and the foundations of a novel framework that is based on security resilience and capability modelling theory.

show abstract

Towards the Definition of a Security Incident Response Modelling Language

Cited by 5 publications

References 20 publications

Modelling language for cyber security incident handling for critical infrastructures

Modelling language for cyber security incident handling for critical infrastructures

A Conceptual Redesign of a Modelling Language for Cyber Resiliency of Healthcare Systems

Cyber Security Resilience in Business Informatics: An Exploratory Paper

Contact Info

Product

Resources

About