STRAM: Measuring the Trustworthiness of Computer-Based Systems

Various system metrics have been proposed for measuring the quality of computer-based systems, such as dependability and security metrics for estimating their performance and security characteristics. As computer-based systems grow in complexity with many subsystems or components, measuring their quality in multiple dimensions is a challenging task. In this work, we tackle the problem of measuring the quality of computer-based systems based on the four key attributes of trustworthiness we developed: security, trust, resilience, and agility. In addition to conducting a systematic survey on metrics, measurements, attributes of metrics, and associated ontologies, we propose a system-level trustworthiness metric framework that accommodates four submetrics, called STRAM ( S ecurity, T rust, R esilience, and A gility M etrics). The proposed STRAM framework offers a hierarchical ontology structure where each submetric is defined as a sub-ontology. Moreover, this work proposes developing and incorporating metrics describing key assessment tools, including vulnerability assessment, risk assessment, and red teaming, to provide additional evidence in the measurement and quality of trustworthy systems. We further discuss how assessment tools are related to measuring the quality of computer-based systems and the limitations of the state-of-the-art metrics and measurements. Finally, we suggest future research directions for system-level metrics research toward measuring fundamental attributes of the quality of computer-based systems and improving the current metric and measurement methodologies.

[1]  Asit P. Basu,et al.  Probabilistic Risk Analysis , 2002 .

[2]  I. Linkov,et al.  Integrating Risk and Resilience Approaches to Catastrophe Management in Engineering Systems , 2013, Risk analysis : an official publication of the Society for Risk Analysis.

[3]  Laurie A. Williams,et al.  One Technique is Not Enough: A Comparison of Vulnerability Discovery Techniques , 2011, 2011 International Symposium on Empirical Software Engineering and Measurement.

[4]  Jin-Hee Cho,et al.  PROVEST: Provenance-Based Trust Model for Delay Tolerant Networks , 2018, IEEE Transactions on Dependable and Secure Computing.

[5]  Shouhuai Xu,et al.  Correction: Spatiotemporal Patterns and Predictability of Cyberattacks , 2015, PloS one.

[6]  Shouhuai Xu,et al.  Cyber Epidemic Models with Dependences , 2015, Internet Math..

[7]  David S Alberts Agility, Focus, and Convergence: The Future of Command and Control , 2007 .

[8]  Azad M. Madni,et al.  Towards a Conceptual Framework for Resilience Engineering , 2009, IEEE Systems Journal.

[9]  Frank J. Stech,et al.  Erratum to: Integrating Cyber-D&D into Adversary Modeling for Active Cyber Defense , 2016 .

[10]  Marco Vieira,et al.  On the Metrics for Benchmarking Vulnerability Detection Tools , 2015, 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[11]  Shouhuai Xu,et al.  Characterizing the power of moving target defense via cyber epidemic dynamics , 2014, HotSoS '14.

[12]  N. Brooks Vulnerability, risk and adaptation: A conceptual framework , 2002 .

[13]  Tharam S. Dillon,et al.  Trust ontologies for e‐service environments , 2007, Int. J. Intell. Syst..

[14]  Rick Dove,et al.  Response Ability: The Language, Structure, and Culture of the Agile Enterprise , 2001 .

[15]  Hannu Vanharanta,et al.  Degree of Agility with an Ontology Based Application , 2017 .

[16]  Barton P. Miller,et al.  First principles vulnerability assessment , 2010, CCSW '10.

[17]  S. Pimm The complexity and stability of ecosystems , 1984, Nature.

[18]  Marc Donner,et al.  Toward a Security Ontology , 2003, IEEE Secur. Priv..

[19]  Robert K. Cunningham,et al.  Why Measuring Security Is Hard , 2010, IEEE Security & Privacy.

[20]  David S Alberts,et al.  The Agility Advantage: A Survival Guide for Complex Enterprises and Endeavors , 2011 .

[21]  Is There a Security Problem in Computing ? , 2002 .

[22]  Jaideep Srivastava,et al.  An Ontology-Based Integrated Assessment Framework for High-Assurance Systems , 2008, 2008 IEEE International Conference on Semantic Computing.

[23]  Shouhuai Xu,et al.  Spatiotemporal Patterns and Predictability of Cyberattacks , 2015, PloS one.

[24]  Lionel C. Briand,et al.  Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[25]  Brent A. Scott,et al.  Trust, trustworthiness, and trust propensity: a meta-analytic test of their unique relationships with risk taking and job performance. , 2007, The Journal of applied psychology.

[26]  Shouhuai Xu,et al.  A new approach to modeling and analyzing security of networked systems , 2014, HotSoS '14.

[27]  Michael K. Reiter,et al.  On User Choice in Graphical Password Schemes , 2004, USENIX Security Symposium.

[28]  Amit Acharya,et al.  Metrics and Measurements , 2012, Integration of Medical and Dental Care and Patient Data.

[29]  Lea Viljanen,et al.  Towards an Ontology of Trust , 2005, TrustBus.

[30]  Shouhuai Xu,et al.  VulPecker: an automated vulnerability detection system based on code similarity analysis , 2016, ACSAC.

[31]  Dimitris Gritzalis,et al.  Towards an Ontology-based Security Management , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[32]  Shouhuai Xu,et al.  Enhancing Data Trustworthiness via Assured Digital Signing , 2012, IEEE Transactions on Dependable and Secure Computing.

[33]  Kieran Conboy,et al.  Agility from First Principles: Reconstructing the Concept of Agility in Information Systems Development , 2009, Inf. Syst. Res..

[34]  Frank J. Stech,et al.  Integrating Cyber-D&D into Adversary Modeling for Active Cyber Defense , 2016, Cyber Deception.

[35]  Babu M. Mehtre,et al.  Vulnerability Assessment & Penetration Testing as a Cyber Defence Technology , 2015 .

[36]  Shouhuai Xu,et al.  Cybersecurity dynamics , 2014, HotSoS '14.

[37]  C. L. Philip Chen,et al.  Adaptive least squares support vector machines filter for hand tremor canceling in microsurgery , 2011, Int. J. Mach. Learn. Cybern..

[38]  Marco Vieira,et al.  Assessing and Comparing Vulnerability Detection Tools for Web Services: Benchmarking Approach and Examples , 2015, IEEE Transactions on Services Computing.

[39]  A. Gunasekaran,et al.  Agile manufacturing: The drivers, concepts and attributes , 1999 .

[40]  Stefan Axelsson,et al.  The base-rate fallacy and its implications for the difficulty of intrusion detection , 1999, CCS '99.

[41]  Yacov Y Haimes,et al.  On the Definition of Resilience in Systems , 2009, Risk analysis : an official publication of the Society for Risk Analysis.

[42]  Ricardo Valerdi,et al.  Practical Software and Systems Measurement , 2010 .

[43]  David Woods,et al.  Resilience Engineering: Concepts and Precepts , 2006 .

[44]  Jacob West,et al.  Secure Programming with Static Analysis , 2007 .

[45]  M. Vangel System Reliability Theory: Models and Statistical Methods , 1996 .

[46]  John Ladley Definitions and concepts , 2012 .

[47]  M. Matskin,et al.  Structural Determination of Ontology-Driven Trust Networks in Semantic Social Institutions and Ecosystems , 2007, International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies (UBICOMM'07).

[48]  Ananthram Swami,et al.  Security and Science of Agility , 2014, MTD '14.

[49]  Elisa Bertino,et al.  Achieving privacy in trust negotiations with an ontology-based approach , 2006, IEEE Transactions on Dependable and Secure Computing.

[50]  Shouhuai Xu,et al.  A Vine Copula Model for Predicting the Effectiveness of Cyber Defense Early-Warning , 2017, Technometrics.

[51]  Jing Wang,et al.  Protecting Private Keys against Memory Disclosure Attacks Using Hardware Transactional Memory , 2015, 2015 IEEE Symposium on Security and Privacy.

[52]  Shouhuai Xu,et al.  Active cyber defense dynamics exhibiting rich phenomena , 2015, HotSoS.

[53]  Shouhuai Xu,et al.  A Stochastic Model of Multivirus Dynamics , 2012, IEEE Transactions on Dependable and Secure Computing.

[54]  Shouhuai Xu,et al.  Preventive and Reactive Cyber Defense Dynamics Is Globally Stable , 2016, IEEE Transactions on Network Science and Engineering.

[55]  Jakob Nielsen,et al.  Chapter 4 – The Usability Engineering Lifecycle , 1993 .

[56]  William J. Haga,et al.  Question-and-answer passwords: an empirical evaluation , 1991, Information Systems.

[57]  Joost R. Santos,et al.  A Framework for Linking Cybersecurity Metrics to the Modeling of Macroeconomic Interdependencies , 2007, Risk analysis : an official publication of the Society for Risk Analysis.

[58]  James S. Albus,et al.  Toward a Generic Model for Autonomy Levels for Unmanned Systems (ALFUS) , 2003 .

[59]  M. Deutsch,et al.  Trust, trustworthiness, and the F scale. , 1960, Journal of abnormal and social psychology.

[60]  Simon Edward Parkin,et al.  An information security ontology incorporating human-behavioural implications , 2009, SIN '09.

[61]  Gary McGraw,et al.  Software Security: Building Security In , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[62]  Rayford B. Vaughn,et al.  Information assurance measures and metrics - state of practice and proposed taxonomy , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[63]  XuLi,et al.  Adaptive Epidemic Dynamics in Networks , 2014 .

[64]  H. Hundley,et al.  Emerging challenge: security and safety in cyberspace , 1995 .

[65]  Marcus Pendleton,et al.  A Survey on Systems Security Metrics , 2016, ACM Comput. Surv..

[66]  Shouhuai Xu,et al.  TIUPAM: A Framework for Trustworthiness-Centric Information Sharing , 2009, IFIPTM.

[67]  Shouhuai Xu,et al.  Extracting attack narratives from traffic datasets , 2016, 2016 International Conference on Cyber Conflict (CyCon U.S.).

[68]  Marten Scheffer,et al.  Resilience thinking: integrating resilience, adaptability and transformability , 2010 .

[69]  John C. Cherniavsky,et al.  Validation, Verification, and Testing of Computer Software , 1982, CSUR.

[70]  Gerald G. Brown,et al.  Defending Critical Infrastructure , 2006, Interfaces.

[71]  Felix C. Freiling,et al.  On Metrics and Measurements , 2005, Dependability Metrics.

[72]  Shouhuai Xu,et al.  Adaptive Epidemic Dynamics in Networks , 2013, ACM Trans. Auton. Adapt. Syst..

[73]  Ahmad-Reza Sadeghi,et al.  Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications , 2015, 2015 IEEE Symposium on Security and Privacy.

[74]  Gerald G. Brown,et al.  How Probabilistic Risk Assessment Can Mislead Terrorism Risk Analysts , 2011, Risk analysis : an official publication of the Society for Risk Analysis.

[75]  Klaus Pohl,et al.  Trustworthiness Attributes and Metrics for Engineering Trusted Internet-Based Software Systems , 2013, CLOSER.

[76]  Jin B. Hong,et al.  Assessing the Effectiveness of Moving Target Defenses Using Security Models , 2016, IEEE Transactions on Dependable and Secure Computing.

[77]  Paul T. Kidd,et al.  Agile Manufacturing: Forging New Frontiers , 1994 .

[78]  Marco Vieira,et al.  Comparing the Effectiveness of Penetration Testing and Static Code Analysis on the Detection of SQL Injection Vulnerabilities in Web Services , 2009, 2009 15th IEEE Pacific Rim International Symposium on Dependable Computing.

[79]  Waldemar Karwowski,et al.  A review of enterprise agility: Concepts, frameworks, and attributes , 2007 .

[80]  Jakob Nielsen,et al.  Usability engineering , 1997, The Computer Science and Engineering Handbook.

[81]  Wouter Joosen,et al.  Static analysis versus penetration testing: A controlled experiment , 2013, 2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE).

[82]  B. P. Zeigler,et al.  High autonomy systems: concepts and models , 1990, Proceedings [1990]. AI, Simulation and Planning in High Autonomy Systems.

[83]  P. Vlacheas,et al.  Ontology and taxonomies of resilience , 2011 .

[84]  Shouhuai Xu,et al.  Expecting the Unexpected: Towards Robust Credential Infrastructure , 2009, Financial Cryptography.

[85]  Shouhuai Xu,et al.  A Characterization of Cybersecurity Posture from Network Telescope Data , 2014, INTRUST.

[86]  S. Radack The Common Vulnerability Scoring System (CVSS) , 2007 .

[87]  Hasan Cam,et al.  Risk assessment by dynamic representation of vulnerability, exploitation, and impact , 2015, Defense + Security Symposium.

[88]  W. Adger Social and ecological resilience: are they related? , 2000 .

[89]  C. Perrings Resilience and sustainable development , 2006, Environment and Development Economics.

[90]  Morteza Amini,et al.  PTO: A Trust Ontology for Pervasive Environments , 2008, 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008).

[91]  Hung-Pin Shih,et al.  An empirical study on predicting user acceptance of e-shopping on the Web , 2004, Inf. Manag..

[92]  Dafydd Stuttard,et al.  The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws , 2007 .

[93]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences , 2000, CHES.

[94]  Jin-Hee Cho,et al.  Effect of personality traits on trust and risk to phishing vulnerability: Modeling and analysis , 2016, 2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA).

[95]  David S Alberts Agility Quotient (AQ) , 2014 .

[96]  Kevin S. Chan,et al.  trustd: Trust daemon experimental testbed for network emulation , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[97]  S. Hussein,et al.  Towards a Standardized Terminology for Network Performance , 2008, IEEE Transactions on Reliability.

[98]  David D. Woods,et al.  Decomposing Automation : Apparent Simplicity , Real Complexity , 2003 .

[99]  Shouhuai Xu,et al.  Modeling and predicting extreme cyber attack rates via marked point processes , 2017 .

[100]  Shouhuai Xu,et al.  On the security of group communication schemes , 2020, J. Comput. Secur..

[101]  Laurie A. Williams,et al.  An empirical model to predict security vulnerabilities using code complexity metrics , 2008, ESEM '08.

[102]  Wilhelm Hasselbring,et al.  Toward trustworthy software systems , 2006, Computer.

[103]  Shouhuai Xu,et al.  Characterizing Honeypot-Captured Cyber Attacks: Statistical Framework and Case Study , 2013, IEEE Transactions on Information Forensics and Security.

[104]  David J. Sherwin,et al.  System Reliability Theory—Models and Statistical Methods , 1995 .

[105]  Robert L. Wears,et al.  Resilience Engineering: Concepts and Precepts , 2006, Quality and Safety in Health Care.

[106]  Huashan Chen,et al.  Quantifying the security effectiveness of firewalls and DMZs , 2018, HotSoS.

[107]  Louis Anthony Cox,et al.  Making Terrorism Risk Analysis Less Harmful and More Useful: Another Try , 2011 .

[108]  William H. Sanders,et al.  Model-based evaluation: from dependability to security , 2004, IEEE Transactions on Dependable and Secure Computing.

[109]  Hans J. Herrmann,et al.  Mitigation of malicious attacks on networks , 2011, Proceedings of the National Academy of Sciences.

[110]  Carola Eschenbach,et al.  Formal Ontology in Information Systems , 2008 .

[111]  T. Bedford,et al.  Probabilistic Risk Analysis: Foundations and Methods , 2001 .

[112]  Shouhuai Xu,et al.  Optimizing Active Cyber Defense , 2013, GameSec.

[113]  Rebecca Slayton,et al.  Measuring Risk: Computer Security Metrics, Automation, and Learning , 2015, IEEE Annals of the History of Computing.

[114]  Shouhuai Xu,et al.  An Extended Stochastic Model for Quantitative Security Analysis of Networked Systems , 2012, Internet Math..

[115]  Shouhuai Xu,et al.  Protecting Cryptographic Keys from Memory Disclosure Attacks , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).

[116]  Dianxiang Xu,et al.  Privacy and Social Capital in Online Social Networks , 2016, 2016 IEEE Global Communications Conference (GLOBECOM).

[117]  Tibor Cinkler,et al.  Quality of resilience as a network reliability characterization tool , 2009, IEEE Network.

[118]  Giovanni Vigna,et al.  Why Johnny Can't Pentest: An Analysis of Black-Box Web Vulnerability Scanners , 2010, DIMVA.

[119]  John Mylopoulos,et al.  Holistic security requirements analysis for socio-technical systems , 2016, Software & Systems Modeling.

[120]  Shouhuai Xu,et al.  Emergent behavior in cybersecurity , 2014, HotSoS '14.

[121]  David M. W. Powers,et al.  Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation , 2011, ArXiv.

[122]  F. Schneider Trust in Cyberspace , 1998 .

[123]  Shouhuai Xu,et al.  A Stochastic Model for Quantitative Security Analyses of Networked Systems , 2016, IEEE Transactions on Dependable and Secure Computing.

[124]  Shouhuai Xu,et al.  Push- and pull-based epidemic spreading in networks: Thresholds and deeper insights , 2012, TAAS.

[125]  Andreas Reuter,et al.  Principles of transaction-oriented database recovery , 1983, CSUR.

[126]  Manuel Suter,et al.  The Forum of Incident Response and Security Teams (FIRST) , 2008 .

[127]  Louis Anthony (Tony) Cox,et al.  Some Limitations of Qualitative Risk Rating Systems , 2005, Risk analysis : an official publication of the Society for Risk Analysis.

[128]  Bijan Parsia,et al.  Trust network-based filtering of aggregated claims , 2006, Int. J. Metadata Semant. Ontologies.

[129]  Harry Eugene Stanley,et al.  Catastrophic cascade of failures in interdependent networks , 2009, Nature.

[130]  Jin-Hee Cho,et al.  Tradeoffs Between Trust and Survivability for Mission Effectiveness in Tactical Networks , 2015, IEEE Transactions on Cybernetics.

[131]  Shouhuai Xu,et al.  Toward a theoretical framework for trustworthy cyber sensing , 2010, Defense + Commercial Sensing.

[132]  Alan Burns,et al.  On the Meaning of Safety and Security , 1992, Comput. J..

[133]  Mario Piattini,et al.  A common criteria based security requirements engineering process for the development of secure information systems , 2007, Comput. Stand. Interfaces.

[134]  C. S. Holling Resilience and Stability of Ecological Systems , 1973 .

[135]  Sam Savage The Flaw of Averages: Why We Underestimate Risk in the Face of Uncertainty , 2009 .

[136]  Ananthram Swami,et al.  Trust and independence aware decision fusion in distributed networks , 2013, 2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[137]  Shouhuai Xu,et al.  Predicting Cyber Attack Rates With Extreme Values , 2015, IEEE Transactions on Information Forensics and Security.

[138]  Erez Zadok,et al.  Ensuring data integrity in storage: techniques and applications , 2005, StorageSS '05.

[139]  Panos J. Antsaklis,et al.  Towards intelligent autonomous control systems: Architecture and fundamental issues , 1989, J. Intell. Robotic Syst..

[140]  Aziz Mohaisen,et al.  AV-Meter: An Evaluation of Antivirus Scans and Labels , 2014, DIMVA.

[141]  G. Pulla,et al.  A SURVEY ON TRUST MANAGEMENT FOR MOBILE AD HOC NETWORKS , 2010 .

[142]  Myong H. Kang,et al.  Security Ontology for Annotating Resources , 2005, OTM Conferences.

[143]  PiattiniMario,et al.  A common criteria based security requirements engineering process for the development of secure information systems , 2007 .

[144]  Richard Y. Wang,et al.  Data Quality Assessment , 2002 .

[145]  D Boisson,et al.  Numerical Study of the Heat Exchanges Occurring in a 120-mm Chromium-coated Gun Barrel and Comparison with Experimental Results , 2006 .

[146]  Anthony H. Dekker,et al.  MEASURING THE AGILITY OF NETWORKED MILITARY FORCES , 2006 .

[147]  B.J. Wood,et al.  Red Teaming of advanced information assurance concepts , 1999, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[148]  Gerald G. Brown,et al.  "Sometimes There is No Most-Vital" Arc: Assessing and Improving the Operational Resilience of Systems , 2013 .

[149]  Rick Dove Fundamental Principles for Agile Systems Engineering , 2005 .

[150]  Erik Blasch,et al.  Trust metrics in information fusion , 2014, Sensing Technologies + Applications.

[151]  T. H. Bryant,et al.  SOCIETIES AND ACADEMIES. , 1895 .

[152]  Shouhuai Xu Analyzing Malware Detection Efficiency with Multiple Anti-Malware Programs , 2012 .

[153]  Louis Anthony Tony Cox What's wrong with hazard-ranking systems? An expository note. , 2009, Risk analysis : an official publication of the Society for Risk Analysis.

[154]  J. R. Griffin,et al.  The Closed World: Computers and the Politics of Discourse in Cold War America , 2000 .

[155]  C. S. Holling,et al.  Resilience, Adaptability and Transformability in Social–ecological Systems , 2004 .

[156]  Jiang Wang,et al.  Autonomic Recovery: HyperCheck: A Hardware-Assisted Integrity Monitor , 2013 .

[157]  Salvatore J. Stolfo,et al.  ALDR: A New Metric for Measuring Effective Layering of Defenses , 2011 .

[158]  Routledge,et al.  Routledge Encyclopedia of Philosophy , 1998 .

[159]  Rafael Valencia-García,et al.  Basis for an integrated security ontology according to a systematic review of existing proposals , 2011, Comput. Stand. Interfaces.

[160]  Raimir Holanda Filho,et al.  Model-Based Quantitative Network Security Metrics: A Survey , 2017, IEEE Communications Surveys & Tutorials.

[161]  Marco Vieira,et al.  Using web security scanners to detect vulnerabilities in web services , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[162]  Shouhuai Xu,et al.  A Stochastic Model of Active Cyber Defense Dynamics , 2015, Internet Math..

[163]  Lei Zhou,et al.  The Economic Cost of Publicly Announced Information Security Breaches: Empirical Evidence from the Stock Market , 2003, J. Comput. Secur..

[164]  B. J. Fogg,et al.  What makes Web sites credible?: a report on a large quantitative study , 2001, CHI.

[165]  Shouhuai Xu,et al.  Trustworthy Information: Concepts and Mechanisms , 2010, WAIM.

[166]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[167]  Salvatore J. Stolfo,et al.  Measuring Drive-by Download Defense in Depth , 2014, RAID.