Found in Translation: Co-design for Security Modelling

Background. In increasingly complex and dynamic environments, it is difficult to predict potential outcomes of security policies. Therefore, security managers (or other stakeholders) are often challenged with designing and implementing security policies without knowing the consequences for the organization. Aim. Modelling, as a tool for thinking, can help identify those consequences in advance as a way of managing decision-making risks and uncertainties. Our co-design approach aims to tackle the challenges of problem definition, data availability, and data collection associated with modelling behavioural and cultural aspects of security. Method. Our process of modelling co-design is a proposed solution to these challenges, in particular for models aiming to incorporate organizational security culture. We present a case study of a long-term study at Company A, where using the methods of participatory action research, humble inquiry, and thematic analysis, largely shaped our understanding of co-design. We reflect on the methodological advantages of co-design, as well as shortcomings. Result. Our methodology engages modellers and system stakeholders through a four-stage co-design process consisting of (1) observation and candidate data availability, (2) candidate model design, (3) interpretation of model consequences, and (4) interpretation of domain consequences. Conclusion. We have proposed a new methodology by integrating the concept of co-design into the classical modelling cycle and providing a rigorous methodology for the construction of models that captures the system and its behaviours accurately. We have also demonstrated what an attempt at co-design looks like in the real-world, and reflected upon necessary improvements

Engineering Ecosystem Models: Semantics and Pragmatics

In a world of ever-increasing complexity, the smooth functioning of society is critically dependent on our ability to understand and manage both individual systems and complex ecosystems of systems. Models, combined with tools to reason about them, can provide a way to do this. In order for rigorous reasoning about models to be possible, they must have a robust mathematical foundation, which must also support tools for the engineering principles—compositionality, interfaces, and local reasoning—that are required to enable the practical construction of models of ecosystems. In this paper, we present a vision for a system of modelling, based on the concept of distributed systems as a metaphor for ecosystems of systems, that captures these requirements. We describe a mathematical foundation, identify the engineering principles needed, and show how they can be built in a rigorous way that preserves the ability to reason when dealing with complex, large-scale ecosystem models. We illustrate our ideas with examples and briefly explain how they apply in a practical modelling project

Modelling Organizational Recovery

Organizations today face a significant set of sophisticated information security threats, including rapidly spreading malware that can affect many devices across the organization. The impacts of such attacks are amplified by customers’ rising expectations of high-quality and rapid delivery of products and services, as well as by organizational attempts to increase demand artificially. This leads to the development of defence mechanisms that prioritize availability and integrity for the sake of reducing the overall time of organizational recovery. However, such mechanisms and strategies around recovery must suit the organization that deploys them. Each organization will have different priorities in terms of budget, speed of recovery, and priority of services or devices, and all of these will be impacted by the architecture of the organization and its networks. In this paper, we show how modelling can play a role in helping organizations understand the consequences of the different recovery mechanisms and strategies available to them. We describe a rigorous modelling framework and methodology grounded in mathematical systems modelling and simulation, and present as an example a comparative analysis of recovery strategies and mechanisms on a medium-scale organization