Abstract
Existing practical architectural models have been proposed with a hierarchy of layers such as Neumann's 8-layered security model. These models cannot reason about complex systems convincingly, so we need new models for systematic and faithful analysis. We have simplified Neumann's model to create a three-layer security model that can be used for understanding and reasoning about the security of complex systems and formalised to automate analysis. The three layers are the semantic (involving people and organisations), logical (computers and networks) and physical layers including the relationships and interactions between them. Our model can be used to analyse systems more systematically and holistically including human and physical factors, rather than as technical systems alone. The model is applied to examine the security of the electricity grid, which is very difficult to analyse because of its complexity. It can also model other aspects of critical infrastructure and other complex systems such as financial networks.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
