Managing Implementation Risks through Time-Behavior Analysis

Abstract

The protection of critical infrastructure systems from outside threat depends upon an understanding of the human behaviors that act as threats and the human behaviors that build defenses against those threats. The paper presents a model and architectural approach for categorizing those behaviors, which takes into account the effects of incremental growth and propagation of behaviors across networks. The time-behavior model is applied to considerations of business architecture and implementation risks for security and other technologies.