STRAM: Measuring the Trustworthiness of Computer-Based Systems
作者: Jin-Hee Cho , Shouhuai Xu , Patrick M. Hurley , Matthew Mackay , Trevor Benjamin
DOI: 10.1145/3277666
关键词:
摘要: Various system metrics have been proposed for measuring the quality of computer-based systems, such as dependability and security estimating their performance characteristics. As systems grow in complexity with many subsystems or components, multiple dimensions is a challenging task. In this work, we tackle problem based on four key attributes trustworthiness developed: security, trust, resilience, agility. addition to conducting systematic survey metrics, measurements, associated ontologies, propose system-level metric framework that accommodates submetrics, called STRAM (Security, Trust, Resilience, Agility Metrics). The offers hierarchical ontology structure where each submetric defined sub-ontology. Moreover, work proposes developing incorporating describing assessment tools, including vulnerability assessment, risk red teaming, provide additional evidence measurement trustworthy systems. We further discuss how tools are related limitations state-of-the-art measurements. Finally, suggest future research directions toward fundamental improving current methodologies.
acm.org
sci-hub.se 参考文章(152)
David Martin Ward Powers, None, Evaluation: from Precision, Recall and F-measure to ROC, Informedness, Markedness and Correlation arXiv: Learning. ,vol. 2, pp. 37- 63 ,(2011)
Thorsten Weyer, Sachar Paulus, Nazila Gol Mohammadi, Klaus Pohl, Andreas Metzger, Sandro Hartenstein, Mohamed Bishr, Holger Könnecke, Trustworthiness Attributes and Metrics for Engineering Trusted Internet-Based Software Systems international conference on cloud computing and services science. pp. 19- 35 ,(2013) , 10.1007/978-3-319-11561-0_2
Aziz Mohaisen, Omar Alrawi, AV-Meter: An Evaluation of Antivirus Scans and Labels international conference on detection of intrusions and malware, and vulnerability assessment. pp. 112- 131 ,(2014) , 10.1007/978-3-319-08509-8_7
Nathaniel Boggs, Senyao Du, Salvatore J. Stolfo, Measuring Drive-by Download Defense in Depth recent advances in intrusion detection. pp. 172- 191 ,(2014) , 10.1007/978-3-319-11379-1_9
Sam L. Savage, The Flaw of Averages: Why We Underestimate Risk in the Face of Uncertainty ,(2009)
Erik Hollnagel, Nancy Leveson, David D. Woods, Resilience Engineering: Concepts and Precepts ,(2006)
Lea Viljanen, Towards an Ontology of Trust Trust, Privacy, and Security in Digital Business. pp. 175- 184 ,(2005) , 10.1007/11537878_18
Elena R. Messina, Hui-Min Huang, James S. Albus, Toward a Generic Model for Autonomy Levels for Unmanned Systems (ALFUS) Performanced Metrics for Intelligent Systems (PerMIS) Workshop. ,(2003)
Brian Chess, Jacob West, Secure Programming with Static Analysis ,(2007)