Towards Metrics for Cyber Security
Citation
R. Ford, M. Carvalho, L. Mayron, and M. Bishop, “Towards Metrics for Cyber Security,” 21st EICAR Annual Conference Proceedings pp. 151–159 (May 2012).
Paper
- Authors’ final version:
- Local: [PDF] [PS]
- UC Repository: [eScholarship]
Abstract
There is great interest in the topic of resilient cyber systems. However, much of the accompanying research is clouded by a lack of an appropriate definition of the term “resilience” and the challenges of measuring the actual resilience of a system. In this paper, we examine some of the lessons learned in defining resilience metrics and argue that such metrics are highly contextual, and that a general, quantitative set of metrics for resilience of cyber systems is impractical. Instead, we provide a set of considerations and guidelines for building metrics that are helpful for a particular system.
