Analytics for Cybersecurity Policy of Cyber-Physical Systems
Guidelines, directives, and policy statements are usually presented in “linear” text form—word after word, page after page. However necessary, this practice impedes full understanding, obscures feedback dynamics, hides mutual dependencies and cascading effects and the like—even when augmented with t...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | en_US |
| Published: |
© IEEE
2022
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/1721.1/146916 |
| _version_ | 1826189363855228928 |
|---|---|
| author | Choucri, Nazli Agarwal, Gaurav |
| author_facet | Choucri, Nazli Agarwal, Gaurav |
| author_sort | Choucri, Nazli |
| collection | MIT |
| description | Guidelines, directives, and policy statements are usually presented in “linear” text form—word after word, page after page. However necessary, this practice impedes full understanding, obscures feedback dynamics, hides mutual dependencies and cascading effects and the like—even when augmented with tables and diagrams. The net result is often a checklist response as an end in itself. All this creates barriers to intended realization of guidelines and undermines potential effectiveness. We present a solution strategy using text as “data”, transforming text into a structured model, and generate network views of the text(s), that we then can use for vulnerability mapping, risk assessments, and control point analysis. For proof of concept, we draw on NIST conceptual model and analysis of guidelines for smart grid cybersecurity, more than 600 pages of text. |
| first_indexed | 2024-09-23T08:13:52Z |
| format | Article |
| id | mit-1721.1/146916 |
| institution | Massachusetts Institute of Technology |
| language | en_US |
| last_indexed | 2024-09-23T08:13:52Z |
| publishDate | 2022 |
| publisher | © IEEE |
| record_format | dspace |
| spelling | mit-1721.1/1469162022-12-22T03:47:41Z Analytics for Cybersecurity Policy of Cyber-Physical Systems Choucri, Nazli Agarwal, Gaurav Cyber-physical systems, cybersecurity, NISTIR 7628 Rev.1, smart grid, design structure matrix, network view. Guidelines, directives, and policy statements are usually presented in “linear” text form—word after word, page after page. However necessary, this practice impedes full understanding, obscures feedback dynamics, hides mutual dependencies and cascading effects and the like—even when augmented with tables and diagrams. The net result is often a checklist response as an end in itself. All this creates barriers to intended realization of guidelines and undermines potential effectiveness. We present a solution strategy using text as “data”, transforming text into a structured model, and generate network views of the text(s), that we then can use for vulnerability mapping, risk assessments, and control point analysis. For proof of concept, we draw on NIST conceptual model and analysis of guidelines for smart grid cybersecurity, more than 600 pages of text. This material is based on work supported by the U.S. Department of Defense for National Security Agency, Science of Security & Privacy Program under Grant No. H98230-18-D-00-0010. Any opinions, findings, conclusions or recommendations therein are those of the author(s) and do not necessarily reflect the views of the US Department of Defense. 2022-12-21T08:26:46Z 2022-12-21T08:26:46Z 2022-11-14 Article https://hdl.handle.net/1721.1/146916 Choucri, N., & Agarwal, G. (2022). Analytics for cybersecurity policy of cyber-physical systems. Proceedings of the 2022 IEEE International Symposium on Technologies for Homeland Security (HST). en_US application/pdf © IEEE |
| spellingShingle | Cyber-physical systems, cybersecurity, NISTIR 7628 Rev.1, smart grid, design structure matrix, network view. Choucri, Nazli Agarwal, Gaurav Analytics for Cybersecurity Policy of Cyber-Physical Systems |
| title | Analytics for Cybersecurity Policy of Cyber-Physical Systems |
| title_full | Analytics for Cybersecurity Policy of Cyber-Physical Systems |
| title_fullStr | Analytics for Cybersecurity Policy of Cyber-Physical Systems |
| title_full_unstemmed | Analytics for Cybersecurity Policy of Cyber-Physical Systems |
| title_short | Analytics for Cybersecurity Policy of Cyber-Physical Systems |
| title_sort | analytics for cybersecurity policy of cyber physical systems |
| topic | Cyber-physical systems, cybersecurity, NISTIR 7628 Rev.1, smart grid, design structure matrix, network view. |
| url | https://hdl.handle.net/1721.1/146916 |
| work_keys_str_mv | AT choucrinazli analyticsforcybersecuritypolicyofcyberphysicalsystems AT agarwalgaurav analyticsforcybersecuritypolicyofcyberphysicalsystems |