Visible to the public Data-Driven Model-Based Decision-Making - April 2016Conflict Detection Enabled

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PIs: William Sanders, Masooda Bashir, David Nicol, and Aad Van Moorsel*

Researchers: Ken Keefe, Mohamad Noureddine, Charles Morriset* and Rob Cain* (*Newcastle Univ., UK)

This refers to Hard Problems, released November 2012.

  • Predictive Security Metrics - System security analysis requires a holistic approach that considers the behavior of non-human subsystem, bad actors or adversaries, and expected human participants such as users and system administrators. We are developing the HITOP modeling formalism to formally describe the behavior of human participants and how their decisions affect overall system performance and security. With this modeling methodology and the tool support we are developing, we will produce quantitative security metrics for cyber-human systems.
  • Human Behavior - Modeling and evaluating human behavior is challenging, but it is an imperative component in security analysis. Stochastic modeling serves as a good approximation of human behavior, but we intend to do more with the HITOP method, which considers a task based process modeling language that evaluates a human's opportunity, willingness, and capability to perform individual tasks in their daily behavior. Partnered with an effective data collection strategy to validate model parameters, we are working to provide a sound model of human behavior.

Papers published in this quarter as a result of this research. Include title, author(s), venue published/presented, and a short description or abstract. Identify which hard problem(s) the publication addressed. Papers that have not yet been published should be reported in region 2 below.

Nothing to report this quater.


We continue work on a simple prototype of a data collection strategy support tool for the probabilistic model checker PRISM, a tool used at Newcastle. The aim of the prototype is twofold. First is to demonstrate in a real tool the approach suggested in Rob Cain's paper "Optimization of data collection strategies for model-based evaluation and decision-making." Second is to inform the implementation of a similar support tool for the Mobius toolkit.

We also continue extending the work submitted in John Mace's PhD thesis looked at providing tools and techniques to analyze the impact of information security policies. Of particular interest is the impact on workflow resiliency, the likelihood of a workflow executed by users with probabilistic availability being completed whilst satisfying all security constraints. We investigate the notion of power that users hold over the completion of a workflow in terms of expected power and actual power and show that the latter may be greater in some cases. This work incorporates parameterized models and would provide a useful case study for our data collection support tool prototype.