June 25 - June 28, 2007
Edinburgh International Conference Centre, Edinburgh, UK
Workshop on Assurance Cases for Security - The Metrics Challenge
Motivation and Theme
For critical systems it is important to know whether the system is trustworthy and to be able to communicate, review and debate the level of trust achieved. In the safety domain, explicit Safety Cases are increasingly required by law, regulations and standards. It has become common for the case to be made using a goal-based approach, where claims (or goals) are made about the system and arguments and evidence are presented to support those claims.
The need to understand risks is not just a safety issue: more and more organizations need to know their risks and to be able to communicate and address them to multiple stakeholders. The type of argumentation used for safety cases is not specific to safety alone, but it can be used to justify the adequacy of systems with respect to other attributes of interest including security, reliability, etc.
An international community has begun to form around this issue of generalized assurance cases and the challenge of moving from the rhetoric to the reality of being able to implement convincing and valid cases. In a recent article in IEEE Security and Privacy (http://www.computer.org/portal/pages/security/2006/v4n3/oth.xml) we outline what we have been doing so far in the security area, what we hope to achieve and where we go next.
Prior workshops, beginning with one held at DSN 2004, have identified a number of technical, policy and research challenges. This workshop will focus on one of these challenges: metrics for assurance cases for security. Such metrics can be essential for supporting decisions regarding the resources provided to develop the assurance case, and the efficacy of the resulting case. However, there is no commonly accepted approach to this topic. We would like to be able to answer questions (in the context of security) such as:
The purpose of the workshop is to understand these and other questions in the context of assurance cases for security and to identify viable technical approaches.
The workshop will be held on day two, June 27, of DSN 2007. It will consist of:
Objectives and Topics
The workshop will identify state of the practice in metrics for assurance cases in the context of security, identify promising ways forward and research directions. The workshop will produce the following outputs:
Participation, Submission and Selection Process
Attendance at the workshop will be open to all interested parties. For active participation submission of a position paper of no more than six pages is required. The submission should conform to the proceedings publication format for IEEE Conferences and should be submitted electronically in PDF format via e-mail to weinstock[at]sei.cmu.edu. Please use the subject "DSN AC Workshop Submission" so that your submission is not overlooked. Submissions will be reviewed by the organizers and those accepted will be published in the DSN Proceedings supplemental volume.
Robin Bloomfield, Center for Software Reliability (UK)
March 9, 2007
April 13, 2007
Camera ready copy:
May 4, 2007