Affiliation:
1. Thales UK Research, Technology, and Innovation, UK
Abstract
Methodologically-sound security assessments are crucial for understanding a system in fulfilling the requirements, realizing its behavior, and identifying implications. A system is made resilient if and only if there is enduring confidence that it will function as expected. It is cyber secure if it displays this property in the face of an adversary. This chapter provides an explanation of various static security risk assessment methodologies (SSRAM) having long epochs for assessing and revisiting the risks and explains their strengths and weaknesses. The SSRAM will form the basis for elaborating on dynamic security risk assessment methodologies that must have very short epochs depending on the emergent threats and vulnerabilities to combat new or evolving threats. This is essential for handling cyber security of dynamic complex systems including future networks having a number of self-managing properties including self-protection for defending against malicious attacks.