{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,13]],"date-time":"2026-06-13T05:39:53Z","timestamp":1781329193262,"version":"3.54.1"},"publisher-location":"Cham","reference-count":48,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319113906","type":"print"},{"value":"9783319113913","type":"electronic"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-11391-3_13","type":"book-chapter","created":{"date-parts":[[2015,1,5]],"date-time":"2015-01-05T09:22:10Z","timestamp":1420449730000},"page":"263-295","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":47,"title":["Metrics of Security"],"prefix":"10.1007","author":[{"given":"Yi","family":"Cheng","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Julia","family":"Deng","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jason","family":"Li","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Scott A.","family":"DeLoach","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Anoop","family":"Singhal","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xinming","family":"Ou","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2014,10,3]]},"reference":[{"key":"13_CR1","doi-asserted-by":"crossref","DOI":"10.21236\/ADA441906","volume-title":"Mission Assurance Analysis Protocol (MAAP): Assessing Risk in Complex Environments. CMU\/SEI-2005-TN-032","author":"C Alberts","year":"2005","unstructured":"Alberts C., et al. (2005). Mission Assurance Analysis Protocol (MAAP): Assessing Risk in Complex Environments. CMU\/SEI-2005-TN-032. Pittsburgh, PA: Carnegie Mellon University."},{"key":"13_CR2","doi-asserted-by":"crossref","unstructured":"Ammann P., et al. (2002). Scalable, Graph-based Network Vulnerability Analysis. the 9th ACM Conference on Computer and Communications Security.","DOI":"10.1145\/586110.586140"},{"key":"13_CR3","first-page":"240","volume":"31","author":"C Bolstad","year":"2010","unstructured":"Bolstad C. and Cuevas H. (2010). Integrating Situation Awareness Assessment into Test and Evaluation. The International Test and Evaluation Association (ITEA), 31: 240\u2013246.","journal-title":"The International Test and Evaluation Association (ITEA)"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"Cheung S., et al. (2003). Modeling Multi-Step Cyber Attacks for Scenario Recognition. the 3rd DARPA Information Survivability Conference and Exhibition. Washington D. C.","DOI":"10.1109\/DISCEX.2003.1194892"},{"key":"13_CR5","unstructured":"Dahl, O. (2005). Using colored petri nets in penetration testing. Master\u2019s thesis. Gj\u00f8vik, Norway: Gj\u00f8vik University College."},{"key":"13_CR6","unstructured":"Durso F., et al. (1995). Expertise and chess: A pilot study comparing situation awareness methodologies. In experimental analysis and measurement of situation awareness, (pp. 295\u2013303)."},{"key":"13_CR7","doi-asserted-by":"crossref","unstructured":"Endsley, M. R. (1988). Situation awareness global assessment technique (SAGAT). the National Aerospace and Electronics Conference (NAECON).","DOI":"10.1109\/NAECON.1988.195097"},{"key":"13_CR8","doi-asserted-by":"crossref","unstructured":"Endsley, M. R. (1990). Predictive utility of an objective measure of situation awareness. the Human Factors Society 34th Annual Meeting, (pp. 41\u201345).","DOI":"10.1177\/154193129003400110"},{"issue":"1","key":"13_CR9","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1518\/001872095779049499","volume":"37","author":"MR Endsley","year":"1995","unstructured":"Endsley, M. R. (1995). Measurement of situation awareness in dynamic systems. Human Factors, 37(1), 65\u201384.","journal-title":"Human Factors"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"Endsley, M. R., et al. (1998). A comparative evaluation of SAGAT and SART for evaluations of situation awareness. the Human Factors and Ergonomics Society Annual Meeting, (pp. 82\u201386).","DOI":"10.1177\/154193129804200119"},{"key":"13_CR11","volume-title":"Measures of situation awareness: Review and future directions (Report No. AL-TR-1991-0128)","author":"M Fracker","year":"1991","unstructured":"Fracker, M. (1991a). Measures of situation awareness: Review and future directions (Report No. AL-TR-1991-0128). Wright-Patterson Air Force Base, OH: Armstrong Laboratories."},{"key":"13_CR12","volume-title":"Measures of situation awareness: An experimental evaluation (Report No. AL-TR-1991-0127)","author":"M Fracker","year":"1991","unstructured":"Fracker, M. (1991b). Measures of situation awareness: An experimental evaluation (Report No. AL-TR-1991-0127). Wright-Patterson Air Force Base, OH: Armstrong Laboratories."},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"Gomez M., et al. (2008). An Ontology-Centric Approach to Sensor-Mission Assignment. Springer.","DOI":"10.1007\/978-3-540-87696-0_30"},{"key":"13_CR14","doi-asserted-by":"crossref","unstructured":"Goodall J., et al. (2009). Camus: Automatically Mapping Cyber Assets to Missions and Users. IEEE Military Communications Conference. Boston MA.","DOI":"10.1109\/MILCOM.2009.5380096"},{"key":"13_CR15","doi-asserted-by":"crossref","unstructured":"Grimaila M., et al. (2008). Improving the Cyber Incident Mission Impact Assessment Processes. the 4th Annual Workshop on Cyber Security and Information Intelligence Research.","DOI":"10.1145\/1413140.1413177"},{"key":"13_CR16","doi-asserted-by":"crossref","unstructured":"Grimaila M., et al. (2009). Design Considerations for a Cyber Incident Mission Impact Assessment (CIMIA) Process. the 2009 International Conference on Security and Management (SAM09). Las Vegas, Nevada.","DOI":"10.1145\/1413140.1413177"},{"key":"13_CR17","unstructured":"Harwood K., et al. (1988). Situational awareness: A conceptual and methodological framework. the 11th Biennial Psychology in the Department of Defense Symposium, (pp. pp. 23\u201327)."},{"key":"13_CR18","doi-asserted-by":"crossref","unstructured":"Hecker, A. (2008). On System Security Metrics and the Definition Approaches. the 2nd International Conference on Emerging Security Information, Systems and Technologies.","DOI":"10.1109\/SECURWARE.2008.37"},{"key":"13_CR19","doi-asserted-by":"crossref","unstructured":"Heyman T., et al. (2008). Using security patterns to combine security metrics. the 3rd International Conference on Availability, Reliability and Security.","DOI":"10.1109\/ARES.2008.54"},{"key":"13_CR20","unstructured":"Holsopple J., et al. (2008). FuSIA: Future Situation and Impact Awareness. Information Fusion."},{"key":"13_CR21","unstructured":"Jakobson G. (2011). Mission Cyber Security Situation Assessment Using Impact Dependency Graphs. the 14th International Conference on Information Fusion (FUSION) (pp. 1\u20138). Chicago, IL: IEEE."},{"key":"13_CR22","doi-asserted-by":"crossref","unstructured":"Jansen, W. (2009). Directions in Security Metrics Research. National Institute of Standards and Technology, Computer Security Division.","DOI":"10.6028\/NIST.IR.7564"},{"key":"13_CR23","doi-asserted-by":"crossref","unstructured":"Jones D. and Endsley M. R. (2000). Examining the validity of real-time probes as a metric of situation awareness. the 14th Triennial Congress of the International Ergonomics Association.","DOI":"10.1177\/154193120004400175"},{"key":"13_CR24","doi-asserted-by":"crossref","unstructured":"Kotenko I., et al. (2006). Attack graph based evaluation of network security. the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security, (pp. 216\u2013227).","DOI":"10.1007\/11909033_20"},{"key":"13_CR25","doi-asserted-by":"crossref","unstructured":"Lewis L., et al. (2008). Enabling Cyber Situation Awareness, Impact Assessment, and Situation Projection. Situation Management (SIMA).","DOI":"10.1109\/MILCOM.2008.4753521"},{"key":"13_CR26","unstructured":"Lindstrom, P. (2005). Security: Measuring Up. Retrieved from http:\/\/searchsecurity.techtarget.com\/tip\/Security-Measuring-Up"},{"issue":"3","key":"13_CR27","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1109\/TSE.2010.60","volume":"37","author":"P Manadhata","year":"2011","unstructured":"Manadhata P. and Wing J. (2011). An Attack Surface Metric. Software Engineering, IEEE Transactions on, vol. 37, no. 3, pp. 371\u2013386.","journal-title":"Software Engineering, IEEE Transactions on"},{"key":"13_CR28","unstructured":"Matthews M., et al. (2000). Measures of infantry situation awareness for a virtual MOUT environment. the Human Performance, Situation Awareness and Automation: User-Centered Design for the New Millennium."},{"key":"13_CR29","unstructured":"McDermott, J. (2000). Attack net penetration testing. Workshop on New Security Paradigms."},{"key":"13_CR30","doi-asserted-by":"crossref","unstructured":"Meland P. and Jensen J. (2008). Secure Software Design in Practice. the 3rd International Conference on Availability, Reliability and Security.","DOI":"10.1109\/ARES.2008.48"},{"key":"13_CR31","doi-asserted-by":"crossref","unstructured":"Musman S., et al. (2010). Evaluating the Impact of Cyber Attacks on Missions. MITRE Technical Paper #09-4577.","DOI":"10.1109\/SYSCON.2011.5929055"},{"key":"13_CR32","doi-asserted-by":"crossref","unstructured":"Natarajan A., et al. (2012). NSDMiner: Automated discovery of network service dependencies. INFOCOM (pp. 2507\u20132515). IEEE.","DOI":"10.1109\/INFCOM.2012.6195642"},{"issue":"1","key":"13_CR33","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1145\/200836.200848","volume":"42","author":"B Nebel","year":"1995","unstructured":"Nebel B., et al. (1995). Reasoning about temporal relations: a maximal tractable subclass of Allen's interval algebra. Journal of the ACM (JACM), vol. 42, no. 1, pp. 43\u201366.","journal-title":"Journal of the ACM (JACM)"},{"key":"13_CR34","doi-asserted-by":"crossref","unstructured":"Noel S., et al. (2004). Correlating Intrusion Events and Building Attack Scenarios through Attack Graph Distance. the 20th Annual Computer Security Conference. Tucson, Arizona.","DOI":"10.1109\/CSAC.2004.11"},{"key":"13_CR35","doi-asserted-by":"crossref","unstructured":"Ou X., et al. (2006). A Scalable Approach to Attack Graph Generation. the 13th ACM Conference on Computer and Communication Security (CCS), (pp. 336\u2013345).","DOI":"10.1145\/1180405.1180446"},{"key":"13_CR36","unstructured":"Qin X. and Lee W. (2004). Attack Plan Recognition and prediction Using Causal Networks. the 20th Annual Computer Security Applications Conference."},{"key":"13_CR37","doi-asserted-by":"crossref","unstructured":"Salerno J., et al. (2005). A Situation Awareness Model Applied to Multiple Domains. Multisensor, Multisource Information Fusion.","DOI":"10.1117\/12.603735"},{"key":"13_CR38","unstructured":"Salerno, J. (2008). Measuring situation assessment performance through the activities of interest score. the 11th International Conference on Information Fusion."},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"Sheyner O., et al. (2002). Automated Generation and Analysis of Attack Graphs. the 2002 IEEE Symposium on Security and Privacy, (pp. 254\u2013265).","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"13_CR40","doi-asserted-by":"crossref","unstructured":"Singhal A., et al. (2010). Ontologies for modeling enterprise level security metrics. the 6th Annual Workshop on Cyber Security and Information Intelligence Research. ACM.","DOI":"10.1145\/1852666.1852731"},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Strater L., et al. (2001). Measures of platoon leader situation awareness in virtual decision making exercises (No. Research Report 1770). Army Research Institute.","DOI":"10.21236\/ADA393977"},{"key":"13_CR42","doi-asserted-by":"crossref","unstructured":"Tadda G., et al. (2006). Realizing Situation Awareness within a Cyber Environment. Multisensor, Multisource Information Fusion: Architectures, Algorithms, and Applications (p. 1\u20138). Orlando: SPIE Vol.6242.","DOI":"10.1117\/12.665763"},{"key":"13_CR43","unstructured":"Taylor, R. (1989). Situational awareness rating technique (SART): The development of a tool for aircrew systems design. the AGARD AMP Symposium on Situational Awareness in Aerospace Operations, CP478."},{"key":"13_CR44","unstructured":"Tu W., et. al. (2009). Automated Service Discovery for Enterprise Network Management. Stony Brook University. Retrieved May 8, 2014, from http:\/\/www.cs.sunysb.edu\/~live3\/research\/asd_ppt.pdf"},{"key":"13_CR45","unstructured":"Vidulich M. (2000). Testing the sensitivity of situation awareness metrics in interface evaluations. Situation awareness analysis and measurement, 227\u2013246."},{"key":"13_CR46","doi-asserted-by":"crossref","unstructured":"Wang J., et al. (2009). Security Metrics for Software Systems. the 47th Annual Southeast Regional Conference.","DOI":"10.1145\/1566445.1566509"},{"key":"13_CR47","unstructured":"Watters J., et al. (2009). The Risk-to-Mission Assessment Process (RiskMAP): A Sensitivity Analysis and an Extension to Treat Confidentiality Issues."},{"key":"13_CR48","doi-asserted-by":"crossref","unstructured":"Zhou S., et al. (2003). Colored petri net based attack modeling. Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing: the 9th International Conference (pp. vol. 2639, pp. 715\u2013718). Chongqing, China: Springer.","DOI":"10.1007\/3-540-39205-X_123"}],"container-title":["Advances in Information Security","Cyber Defense and Situational Awareness"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-11391-3_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,24]],"date-time":"2023-01-24T10:19:51Z","timestamp":1674555591000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-11391-3_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319113906","9783319113913"],"references-count":48,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-11391-3_13","relation":{},"ISSN":["1568-2633"],"issn-type":[{"value":"1568-2633","type":"print"}],"subject":[],"published":{"date-parts":[[2014]]},"assertion":[{"value":"3 October 2014","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}