A Meta-heuristically Optimized Fuzzy Approach towards Multi-metric Security Risk Assessment in Heterogeneous System of Systems

Abstract

Security measurement of complex systems is a challenging task since devices deployed over the so-called System of Systems (SoS) are extremely heterogeneous and hence imply an interoperability effort in order to enable a common resilient security measurement language. Moreover, systems demand more features beyond security concept, require to preserve privacy and claim for dependable structures in order to seek a holistic and aggregated security and safety view. This paper addresses this need by capitalizing the availability of multiple security metrics through an hybrid meta-heuristic fuzzy aggregation and composition approach that takes into account the expertise compiled by the security manager, towards the generation of visual dashboards reflecting the SPD (Security, Privacy and Dependability) risk status of the system at hand.