Advancing Cyber Resilience Analysis with Performance-Based Metrics from Infrastructure Assessments

Cyber resilience is becoming increasingly recognized as a critical component of comprehensive cybersecurity practices. Current cyber resilience assessment approaches are primarily qualitative methods, making validation of their resilience analyses and enhancement recommendations difficult, if not impossible. The evolution of infrastructure resilience assessment methods has paralleled that of their cyber counterparts. However, the development of performance-based assessment methods has shown promise for overcoming the validation challenge for infrastructure systems. This article describes a hybrid infrastructure resilience assessment approach that combines both qualitative analysis techniques with performance-based metrics. The qualitative component enables identification of system features that limit resilience, and the quantitative metrics can be used to evaluate and confirm the effectiveness of proposed mitigation options. The authors propose adaptation of this methodology for cyber resilience analysis. A case study is presented to demonstrate how the approach could be applied to a hypothetical system. INTRODUCTION AND BACKGROUND Cybersecurity is generally acknowledged as a critical priority within the national, homeland, and business security communities. This sentiment has been echoed at the highest levels of the U.S. government, with President Obama (2009) stating that “cyber threat is one of the most serious economic and national security challenges we face as a nation.” Fortunately, the concept of cybersecurity is not new to the academic and research communities. Eric D. Vugrin Sandia National Laboratories, USA Jennifer Turgeon Sandia National Laboratories, USA