Principal Investigator: Michael Fowler

A vast amount of effort is being expended in the analysis of systems to ascertain their level of cyber risk, a process known as a cyber-risk assessment (CRA). This process is tedious and still dependent on expert knowledge and analysis. In addition, it is extremely difficult to account for unknown or zero-day cyber-attacks on the system, which is a major concern for certifying military avionic systems as compliant with the Navy’s CYBERSAFE requirements. The objective of this program is to develop a model-based approach to the analysis of a system that autonomously evaluates the cyber risk against a variety of mission objectives.

Cyber risk analysis
Visualization of a model of cyber risk analysis using Model-Based Systems Engineering