Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||James D. Gilsinn; Ragnar Schierholz;|
|Title:||Security Assurance Levels: A Vector Approach to Describing Security Requirements|
|Published:||October 20, 2010|
|Abstract:||Safety systems have used the concept of safety integrity levels (SILs) for almost two decades. This allows the safety of a component or system to be represented by a single number that defines a protection factor required to ensure the health and safety of people or the environment based on the probability of failure of that component or system. The overall risk can be calculated based on the consequences that those failures could potentially have. Security systems have much broader application, a much broader set of consequences, and a much broader set of possible circumstances leading up to a possible event. The increased complexity of security systems makes compressing the protection factor down to a single number much more difficult. The concept of a vector of Security Assurance Levels (SALs) to describe the protection factor needed to ensure the security of a system is introduced in this paper.|
|Keywords:||security, assurance, level, sal, vector, requirement, isa, isa99, industrial, automation, control, system, iacs|
|Research Areas:||Computer Security, Cybersecurity, Cybersecurity, Collaborations, Standards Development Organizations (SDO), Threats & Vulnerabilities, Networking, International Standards, Homeland Security, Critical Infrastructure Protection (CIP), Documentary Standards, Industry, Standards, Information Technology, Public Safety/Security|
|PDF version:||Click here to retrieve PDF version of paper (662KB)|