Comparing Electronic Battlefields: Using Mean Time-To-Compromise as a Comparative Security Metric

  • David John Leversage
  • Eric James Byres
Part of the Communications in Computer and Information Science book series (CCIS, volume 1)


The ability to efficiently compare differing, security solutions for effectiveness is often considered lacking from a management perspective. To address this we propose a methodology for estimating the mean time-to-compromise (MTTC) of a target device or network as a comparative metric. A topological map of the target system is divided into attack zones, allowing each zone to be described with its own state-space model (SSM). We then employ a SSM based on models used in the biological sciences to predict animal behavior in the context of predator prey relationships. Markov chains identify predominant attacker strategies which are used to build the MTTC intervals which can be compared for a broad range of mitigating actions. This allows security architects and managers to intelligently select the most effective solution, based on the lowest cost/MTTC ratio that still exceeds a benchmark level.


Network Security SCADA Security Time-to-Compromise Markov Chains Predator Model Attack Paths Attack Zones Attack Trees 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Desborough, L., Miller, R.: Increasing Customer Value of Industrial Control Performance Monitoring — Honeywell’s Experience. In: Proc. 6th Int. Conf. on Chemical Process Control (CPC VI), pp. 172–192 (2001)Google Scholar
  2. 2.
    Jonsson, E., Olovsson, T.: A Quantitative Model of the Security Intrusion Process Based on Attacker Behaviour. IEEE Transactions on Software Engineering 23(4) (1997)Google Scholar
  3. 3.
  4. 4.
    McQueen, M., Boyer, W., Flynn, M., Beitel, G.: Time-to-Compromise Model for Cyber Risk Reduction Estimation. In: First Workshop on Quality of Protection (2005)Google Scholar
  5. 5.
    McQueen, M., Boyer, W., Flynn, M., Beitel, G.: Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System. In: Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS) (2006)Google Scholar
  6. 6.
    IEC TR 62210: Power System Control and Associated Communications — Data and Communication Security. International Electrotechnical Commission (2003)Google Scholar
  7. 7.
    ISA-99.00.01: Security for Industrial Automation and Control Systems Part 1: Concepts, Terminology and Models (Draft). International Society for Measurement and Control (ISA) (2006)Google Scholar
  8. 8.
    ISA-99.00.02: Security for Industrial Automation and Control Systems Part 2: Establishing an Industrial Automation and Control System Security Program (Draft). International Society for Measurement and Control (ISA) (2006)Google Scholar
  9. 9.
    UL 687: Standard for Safety Burglary-Resistant Safes. Underwriters Laboratories Inc. (2005)Google Scholar
  10. 10.
    Gorman, S., Kulkarni, R., Schintler, L., Stough, R.: A Predator Prey Approach to the Network Structure of Cyberspace. In: ACM International Conference Proceeding Series, vol. 58 (2004)Google Scholar
  11. 11.
  12. 12.
    Rescorla, E.: Is Finding Security Holes a Good Idea. IEEE Security & Privacy (2005)Google Scholar
  13. 13.
    Manadhata, P., Wing, J.: Measuring A System’s Attack Surface. Technical Report CMU-CS-04-102, School of Computer Science, Carnegie Mellon University (2004)Google Scholar
  14. 14.
    Wool, A., A quantitative study of firewall configuration errors. IEEE Computer Magazine, IEEE Computer Society, 62–67 (2004)Google Scholar
  15. 15.
    Byres, E., Franz, M., Miller, D. The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems. In: International Infrastructure Survivability Workshop (IISW), IEEE, Los Alamitos (2004)Google Scholar
  16. 16.
    RFC 3552: Security Considerations Guidelines. Internet Engineering Task Force (2003)Google Scholar
  17. 17.
  18. 18.
    DNP3 Documentation Library,
  19. 19.

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • David John Leversage
    • 1
  • Eric James Byres
    • 2
  1. 1.British Columbia Institute of TechnologyBurnabyCanada
  2. 2.Byres Security Inc.LantzvilleCanada

Personalised recommendations