Cyber - Transparencies, assurance and deterrence

Simon Reay Atkinson; David Walker; Kevin Beaulne; Liaquat Hossain

doi:10.1109/CyberSecurity.2012.22

Cyber - Transparencies, assurance and deterrence

Simon Reay Atkinson, David Walker, Kevin Beaulne, Liaquat Hossain

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings

Abstract

Cyber-has often been considered as a coordination and control, as opposed to collaborative influence, media. This conceptual-design paper, uniquely, builds upon a number of entangled, cross disciplinary research strands - integrating engineering and conflict studies - and a detailed literature review to propose a new paradigm of assurance and deterrence models. We consider an ontology for Cyber-sûréte, which combines both the social trusts necessary for [knowledge &amp, information] assurance such as collaboration by social influence (CSI) and the technological controls and rules for secure information management referred as coordination by rule and control (CRC). We posit Cyber-sûréte as enabling both a 'safe-to-fail' ecology (in which learning, testing and adaptation can take place) within a fail-safe supervisory control and data acquisition (SCADA type) system, e.g. in a nuclear power plant. Building upon traditional state-based threat analysis, we consider Warning Time and the Threat equation with relation to policies for managing Cyber-Deterrence. We examine how the goods of Cyber-might be galvanised so as to encourage virtuous behaviour and deter and / or dissuade ne'er-do-wells through multiple transparencies. We consider how the Deterrence-escalator may be managed by identifying both weak influence and strong control signals so as to create a more benign and responsive cyber-ecology, in which strengths can be exploited and weaknesses identified. Finally, we consider declaratory / mutual transparencies as opposed to legalistic / controlled transparency.

Original language	English
Title of host publication	Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012
Place of Publication	United States
Pages	119-126
Number of pages	8
DOIs	https://doi.org/10.1109/CyberSecurity.2012.22
Publication status	Published - 8 Aug 2013
Externally published	Yes
Event	2012 ASE International Conference on Cyber Security, CyberSecurity 2012 - Washington, D.C., United States Duration: 14 Dec 2012 → 16 Dec 2012

Conference

Conference	2012 ASE International Conference on Cyber Security, CyberSecurity 2012
Country	United States
City	Washington, D.C.
Period	14/12/12 → 16/12/12

Access to Document

10.1109/CyberSecurity.2012.22

Link to publication in Scopus

Fingerprint Dive into the research topics of 'Cyber - Transparencies, assurance and deterrence'. Together they form a unique fingerprint.

Cite this

Atkinson, S. R., Walker, D., Beaulne, K., & Hossain, L. (2013). Cyber - Transparencies, assurance and deterrence. In Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012 (pp. 119-126). [6542534]. https://doi.org/10.1109/CyberSecurity.2012.22

@inproceedings{68e01958444543d3b9fad18399788967,

title = "Cyber - Transparencies, assurance and deterrence",

abstract = "Cyber-has often been considered as a coordination and control, as opposed to collaborative influence, media. This conceptual-design paper, uniquely, builds upon a number of entangled, cross disciplinary research strands - integrating engineering and conflict studies - and a detailed literature review to propose a new paradigm of assurance and deterrence models. We consider an ontology for Cyber-s{\^u}r{\'e}te, which combines both the social trusts necessary for [knowledge &amp, information] assurance such as collaboration by social influence (CSI) and the technological controls and rules for secure information management referred as coordination by rule and control (CRC). We posit Cyber-s{\^u}r{\'e}te as enabling both a 'safe-to-fail' ecology (in which learning, testing and adaptation can take place) within a fail-safe supervisory control and data acquisition (SCADA type) system, e.g. in a nuclear power plant. Building upon traditional state-based threat analysis, we consider Warning Time and the Threat equation with relation to policies for managing Cyber-Deterrence. We examine how the goods of Cyber-might be galvanised so as to encourage virtuous behaviour and deter and / or dissuade ne'er-do-wells through multiple transparencies. We consider how the Deterrence-escalator may be managed by identifying both weak influence and strong control signals so as to create a more benign and responsive cyber-ecology, in which strengths can be exploited and weaknesses identified. Finally, we consider declaratory / mutual transparencies as opposed to legalistic / controlled transparency.",

keywords = "control, cyber-deterrence, cyber-scape, cyber-s{\^u}r{\'e}te, ecology, influence, socio-info-techno, transparencies, trusts",

author = "Atkinson, {Simon Reay} and David Walker and Kevin Beaulne and Liaquat Hossain",

year = "2013",

month = aug

day = "8",

doi = "10.1109/CyberSecurity.2012.22",

language = "English",

isbn = "9780769550145",

pages = "119--126",

booktitle = "Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012",

note = "2012 ASE International Conference on Cyber Security, CyberSecurity 2012 ; Conference date: 14-12-2012 Through 16-12-2012",

}

Atkinson, SR, Walker, D, Beaulne, K & Hossain, L 2013, Cyber - Transparencies, assurance and deterrence. in Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012., 6542534, United States, pp. 119-126, 2012 ASE International Conference on Cyber Security, CyberSecurity 2012, Washington, D.C., United States, 14/12/12. https://doi.org/10.1109/CyberSecurity.2012.22

TY - GEN

T1 - Cyber - Transparencies, assurance and deterrence

AU - Atkinson, Simon Reay

AU - Walker, David

AU - Beaulne, Kevin

AU - Hossain, Liaquat

PY - 2013/8/8

Y1 - 2013/8/8

N2 - Cyber-has often been considered as a coordination and control, as opposed to collaborative influence, media. This conceptual-design paper, uniquely, builds upon a number of entangled, cross disciplinary research strands - integrating engineering and conflict studies - and a detailed literature review to propose a new paradigm of assurance and deterrence models. We consider an ontology for Cyber-sûréte, which combines both the social trusts necessary for [knowledge &amp, information] assurance such as collaboration by social influence (CSI) and the technological controls and rules for secure information management referred as coordination by rule and control (CRC). We posit Cyber-sûréte as enabling both a 'safe-to-fail' ecology (in which learning, testing and adaptation can take place) within a fail-safe supervisory control and data acquisition (SCADA type) system, e.g. in a nuclear power plant. Building upon traditional state-based threat analysis, we consider Warning Time and the Threat equation with relation to policies for managing Cyber-Deterrence. We examine how the goods of Cyber-might be galvanised so as to encourage virtuous behaviour and deter and / or dissuade ne'er-do-wells through multiple transparencies. We consider how the Deterrence-escalator may be managed by identifying both weak influence and strong control signals so as to create a more benign and responsive cyber-ecology, in which strengths can be exploited and weaknesses identified. Finally, we consider declaratory / mutual transparencies as opposed to legalistic / controlled transparency.

AB - Cyber-has often been considered as a coordination and control, as opposed to collaborative influence, media. This conceptual-design paper, uniquely, builds upon a number of entangled, cross disciplinary research strands - integrating engineering and conflict studies - and a detailed literature review to propose a new paradigm of assurance and deterrence models. We consider an ontology for Cyber-sûréte, which combines both the social trusts necessary for [knowledge &amp, information] assurance such as collaboration by social influence (CSI) and the technological controls and rules for secure information management referred as coordination by rule and control (CRC). We posit Cyber-sûréte as enabling both a 'safe-to-fail' ecology (in which learning, testing and adaptation can take place) within a fail-safe supervisory control and data acquisition (SCADA type) system, e.g. in a nuclear power plant. Building upon traditional state-based threat analysis, we consider Warning Time and the Threat equation with relation to policies for managing Cyber-Deterrence. We examine how the goods of Cyber-might be galvanised so as to encourage virtuous behaviour and deter and / or dissuade ne'er-do-wells through multiple transparencies. We consider how the Deterrence-escalator may be managed by identifying both weak influence and strong control signals so as to create a more benign and responsive cyber-ecology, in which strengths can be exploited and weaknesses identified. Finally, we consider declaratory / mutual transparencies as opposed to legalistic / controlled transparency.

KW - control

KW - cyber-deterrence

KW - cyber-scape

KW - cyber-sûréte

KW - ecology

KW - influence

KW - socio-info-techno

KW - transparencies

KW - trusts

UR - http://www.scopus.com/inward/record.url?scp=84881048825&partnerID=8YFLogxK

U2 - 10.1109/CyberSecurity.2012.22

DO - 10.1109/CyberSecurity.2012.22

M3 - Conference Paper published in Proceedings

SN - 9780769550145

SP - 119

EP - 126

BT - Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012

CY - United States

T2 - 2012 ASE International Conference on Cyber Security, CyberSecurity 2012

Y2 - 14 December 2012 through 16 December 2012

ER -