Towards mathematical modelling in security risk management in system engineering

This paper addresses the potential of mathematical modeling in support of the current security risk management approach in SESAR. One of the key challenges in large-scale system engineering for security is to provide support for system-wide implementation of security controls with limited resources. For this purpose resource-intensive security risk assessment shall only be applied to top priority concepts and technological enablers. Furthermore, robust mathematical concepts can support the refinement of security risk management decision during the engineering process through the verification of previously identified security controls and associated what-if simulations. This research developed a method based on game-theoretic concepts and graph theory. The risk mitigation decision-making problem is modeled as a multi-objective optimization problem. The goal of the research is to identify and explore the underlying mathematical concepts and apply them to a use case within the SESAR context validating the methodology and mathematical modeling approach. This paper presents the conceptual building blocks. the validation use-case, and the associated results and lessons learnt. The results from this preliminary study show that the approach can be used to complement the existing SESAR security risk assessment method. This allows for the verification of expert judgments and what-if considerations on the basis of alternating parameters or assumptions.