Security Assurance Levels: A Vector Approach to Describing Security Requirements
James D. Gilsinn, Ragnar Schierholz
Safety systems have used the concept of safety integrity levels (SILs) for almost two decades. This allows the safety of a component or system to be represented by a single number that defines a protection factor required to ensure the health and safety of people or the environment based on the probability of failure of that component or system. The overall risk can be calculated based on the consequences that those failures could potentially have. Security systems have much broader application, a much broader set of consequences, and a much broader set of possible circumstances leading up to a possible event. The increased complexity of security systems makes compressing the protection factor down to a single number much more difficult. The concept of a vector of Security Assurance Levels (SALs) to describe the protection factor needed to ensure the security of a system is introduced in this paper.
and , R.
Security Assurance Levels: A Vector Approach to Describing Security Requirements, Other, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=906330
(Accessed September 24, 2023)