{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,30]],"date-time":"2024-10-30T20:26:00Z","timestamp":1730319960284,"version":"3.28.0"},"publisher-location":"New York, NY, USA","reference-count":38,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,4,10]],"date-time":"2018-04-10T00:00:00Z","timestamp":1523318400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,4,10]]},"DOI":"10.1145\/3190619.3190644","type":"proceedings-article","created":{"date-parts":[[2018,4,11]],"date-time":"2018-04-11T12:31:17Z","timestamp":1523449877000},"page":"1-10","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Application of capability-based cyber risk assessment methodology to a space system"],"prefix":"10.1145","author":[{"given":"Martha","family":"McNeil","sequence":"first","affiliation":[{"name":"The Johns Hopkins University Applied Physics Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thomas","family":"Llans\u00f3","sequence":"additional","affiliation":[{"name":"The Johns Hopkins University Applied Physics Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dallas","family":"Pearson","sequence":"additional","affiliation":[{"name":"The Johns Hopkins University Applied Physics Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,4,10]]},"reference":[{"issue":"1","key":"e_1_3_2_1_1_1","first-page":"1","article-title":"2017 Data Breach Investigations Report","year":"2017","unstructured":"Verizon , \" 2017 Data Breach Investigations Report ,\" Verizon Bus. J. , no. 1 , pp. 1 -- 48 , 2017 . Verizon, \"2017 Data Breach Investigations Report,\" Verizon Bus. J., no. 1, pp. 1--48, 2017.","journal-title":"Verizon Bus. J."},{"unstructured":"Microsoft \"Microsoft Security Intelligence Report \" 2016.  Microsoft \"Microsoft Security Intelligence Report \" 2016.","key":"e_1_3_2_1_2_1"},{"unstructured":"J. Gosler and L. Von Thaer \"Resilient Military Systems and the Advanced Cyber Threat \" 2013.  J. Gosler and L. Von Thaer \"Resilient Military Systems and the Advanced Cyber Threat \" 2013.","key":"e_1_3_2_1_3_1"},{"key":"e_1_3_2_1_4_1","volume-title":"United States Benchmark Study of U.S. Companies","author":"Ponemon Institute","year":"2013","unstructured":"Ponemon Institute , \"Cost of Cyber Crime Study : United States Benchmark Study of U.S. Companies ,\" 2013 . Ponemon Institute, \"Cost of Cyber Crime Study: United States Benchmark Study of U.S. Companies,\" 2013."},{"key":"e_1_3_2_1_5_1","volume-title":"Estimating the Global Cost of Cybercrime","author":"Center for Strategic and International Studies, \"Net Losses","year":"2014","unstructured":"Center for Strategic and International Studies, \"Net Losses : Estimating the Global Cost of Cybercrime ,\" 2014 . Center for Strategic and International Studies, \"Net Losses: Estimating the Global Cost of Cybercrime,\" 2014."},{"key":"e_1_3_2_1_6_1","volume-title":"Symantec Internet Security Threat Report","author":"Chandrasekar K.","year":"2017","unstructured":"K. Chandrasekar , \" Symantec Internet Security Threat Report ,\" 2017 . K. Chandrasekar et al., \"Symantec Internet Security Threat Report,\" 2017."},{"volume-title":"Announces Personnel Changes","year":"2017","unstructured":"Equifax, \"Equifax Releases Details on Cybersecurity Incident , Announces Personnel Changes ,\" 2017 . {Online}. Available: https:\/\/www.equifaxsecurity2017.com\/2017\/09\/15\/equifax-releases-details-cybersecurity-incident-announces-personnel-changes\/. Equifax, \"Equifax Releases Details on Cybersecurity Incident, Announces Personnel Changes,\" 2017. {Online}. Available: https:\/\/www.equifaxsecurity2017.com\/2017\/09\/15\/equifax-releases-details-cybersecurity-incident-announces-personnel-changes\/.","key":"e_1_3_2_1_7_1"},{"unstructured":"Cybersecurity Ventures \"Cybersecurity Market Report \" 2017. {Online}. Available: https:\/\/cybersecurityventures.com\/cybersecurity-market-report\/.  Cybersecurity Ventures \"Cybersecurity Market Report \" 2017. {Online}. Available: https:\/\/cybersecurityventures.com\/cybersecurity-market-report\/.","key":"e_1_3_2_1_8_1"},{"key":"e_1_3_2_1_9_1","first-page":"10","volume-title":"Conf. Syst. Sci","author":"Llanso T.","year":"2017","unstructured":"T. Llanso , M. McNeil , D. Pearson , and G. Moore , \" An Analytic Framework for Mission-Cyber Risk Assessment and Mitigation Recommendation,\" Hawaii Int . Conf. Syst. Sci , p. 10 , 2017 . T. Llanso, M. McNeil, D. Pearson, and G. Moore, \"An Analytic Framework for Mission-Cyber Risk Assessment and Mitigation Recommendation,\" Hawaii Int. Conf. Syst. Sci, p. 10, 2017."},{"key":"e_1_3_2_1_10_1","volume-title":"Satellite industry must invest in cyber security,\" Financial Times","author":"Stuart J.","year":"2015","unstructured":"J. Stuart , \"Comment : Satellite industry must invest in cyber security,\" Financial Times , 2015 . J. Stuart, \"Comment: Satellite industry must invest in cyber security,\" Financial Times, 2015."},{"unstructured":"P. Lewis \"Space Will Be the Next Frontier for Cyber Attackers \" WIRED 2016.  P. Lewis \"Space Will Be the Next Frontier for Cyber Attackers \" WIRED 2016.","key":"e_1_3_2_1_11_1"},{"key":"e_1_3_2_1_12_1","article-title":"Governance Challenges at the Intersection of Space and Cyber Security","author":"Robinson J.","year":"2016","unstructured":"J. Robinson , \" Governance Challenges at the Intersection of Space and Cyber Security ,\" The Space Review , 2016 . J. Robinson, \"Governance Challenges at the Intersection of Space and Cyber Security,\" The Space Review, 2016.","journal-title":"The Space Review"},{"key":"e_1_3_2_1_13_1","volume-title":"Spacecraft Embedded Cyber Defense-Prototypes & Experimentation,\" AIAA Space Forum","author":"Cohen N.","year":"2016","unstructured":"N. Cohen , R. Ewart , W. Wheeler , and J. Betser , \" Spacecraft Embedded Cyber Defense-Prototypes & Experimentation,\" AIAA Space Forum , 2016 . N. Cohen, R. Ewart, W. Wheeler, and J. Betser, \"Spacecraft Embedded Cyber Defense-Prototypes & Experimentation,\" AIAA Space Forum, 2016."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","DOI":"10.21236\/ADA470450","volume-title":"Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process","author":"Caralli R. A.","year":"2007","unstructured":"R. A. Caralli , J. F. Stevens , L. R. Young , and W. R. Wilson , \" Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process ,\" 2007 . R. A. Caralli, J. F. Stevens, L. R. Young, and W. R. Wilson, \"Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process,\" 2007."},{"unstructured":"ISACA \"The Risk IT Framework \" 2009.   ISACA \"The Risk IT Framework \" 2009.","key":"e_1_3_2_1_15_1"},{"key":"e_1_3_2_1_16_1","article-title":"Performing a Security Risk Assessment","volume":"1","author":"Schmittling R. A. M.","year":"2010","unstructured":"R. A. M. Schmittling , \" Performing a Security Risk Assessment ,\" ISACA J. , vol. 1 , 2010 . R. A. M. Schmittling, \"Performing a Security Risk Assessment,\" ISACA J., vol. 1, 2010.","journal-title":"ISACA J."},{"key":"e_1_3_2_1_17_1","volume-title":"Threat Assessment & Remediation Analysis (TARA)","author":"Wynn J.","year":"2011","unstructured":"J. Wynn , \" Threat Assessment & Remediation Analysis (TARA) ,\" 2011 . J. Wynn et al., \"Threat Assessment & Remediation Analysis (TARA),\" 2011."},{"volume-title":"Threat-Informed Approach to Address Advanced Adversaries,\"","year":"2013","unstructured":"MITRE, \"Cyber Mission Assurance Engineering : A Risk-Based , Threat-Informed Approach to Address Advanced Adversaries,\" 2013 . MITRE, \"Cyber Mission Assurance Engineering: A Risk-Based, Threat-Informed Approach to Address Advanced Adversaries,\" 2013.","key":"e_1_3_2_1_18_1"},{"key":"e_1_3_2_1_19_1","volume-title":"Guide for Conducting Risk Assessments","author":"National Institute of Standards and Technology, \"National Institute of Standards and Technology Special Publication 800-30 R1","year":"2012","unstructured":"National Institute of Standards and Technology, \"National Institute of Standards and Technology Special Publication 800-30 R1 : Guide for Conducting Risk Assessments ,\" 2012 . National Institute of Standards and Technology, \"National Institute of Standards and Technology Special Publication 800-30 R1: Guide for Conducting Risk Assessments,\" 2012."},{"key":"e_1_3_2_1_20_1","volume-title":"MAAP: Mission Assurance Analytics Platform,\" in IEEE Conference on Technologies for Homeland Security (HST)","author":"Llanso T.","year":"2012","unstructured":"T. Llanso , P. A. Hamilton , and M. Silberglitt , \" MAAP: Mission Assurance Analytics Platform,\" in IEEE Conference on Technologies for Homeland Security (HST) , 2012 . T. Llanso, P. A. Hamilton, and M. Silberglitt, \"MAAP: Mission Assurance Analytics Platform,\" in IEEE Conference on Technologies for Homeland Security (HST), 2012."},{"unstructured":"PCI Security Standards Council \"PCI DSS Quick Reference Guide \" 2015.  PCI Security Standards Council \"PCI DSS Quick Reference Guide \" 2015.","key":"e_1_3_2_1_21_1"},{"unstructured":"D. Czagan \"Quantitative Risk Analysis \" INFOSEC Institute 2013. {Online}. Available: http:\/\/resources.infosecinstitute.com\/quantitative-risk-analysis\/.  D. Czagan \"Quantitative Risk Analysis \" INFOSEC Institute 2013. {Online}. Available: http:\/\/resources.infosecinstitute.com\/quantitative-risk-analysis\/.","key":"e_1_3_2_1_22_1"},{"key":"e_1_3_2_1_23_1","volume-title":"Cyber Security,\" Forbes","author":"Kauflin J.","year":"2017","unstructured":"J. Kauflin , \"The Fast-Growing Job With A Huge Skills Gap : Cyber Security,\" Forbes , 2017 . J. Kauflin, \"The Fast-Growing Job With A Huge Skills Gap: Cyber Security,\" Forbes, 2017."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_24_1","DOI":"10.1145\/2038642.2038650"},{"key":"e_1_3_2_1_25_1","first-page":"1","article-title":"Social, Behavioral, and Economic Sciences Perspectives on Robust and Reliable Science","author":"Bollen K.","year":"2015","unstructured":"K. Bollen , J. Cacioppo , R. Kaplan , J. A. Krosnick , and J. L. Olds , \" Social, Behavioral, and Economic Sciences Perspectives on Robust and Reliable Science ,\" Rep. Subcomm. Replicability Sci. Advis. Comm. to Natl. Sci Found. Dir. Soc. Behav. Econ. Sci. , pp. 1 -- 29 , 2015 . K. Bollen, J. Cacioppo, R. Kaplan, J. A. Krosnick, and J. L. Olds, \"Social, Behavioral, and Economic Sciences Perspectives on Robust and Reliable Science,\" Rep. Subcomm. Replicability Sci. Advis. Comm. to Natl. Sci Found. Dir. Soc. Behav. Econ. Sci., pp. 1--29, 2015.","journal-title":"Rep. Subcomm. Replicability Sci. Advis. Comm. to Natl. Sci Found. Dir. Soc. Behav. Econ. Sci."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_26_1","DOI":"10.1145\/2812803"},{"key":"e_1_3_2_1_27_1","volume-title":"The Research Methods Knowledge Base","author":"Trochim W.","year":"2006","unstructured":"W. Trochim and J. Donnelly , The Research Methods Knowledge Base , 3 rd ed. Atomic Dog Publishing Inc , 2006 . W. Trochim and J. Donnelly, The Research Methods Knowledge Base, 3rd ed. Atomic Dog Publishing Inc, 2006.","edition":"3"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_28_1","DOI":"10.1111\/exsy.12039"},{"key":"e_1_3_2_1_29_1","first-page":"131","volume-title":"Conf. Secur. Manag.","author":"Hallberg J.","year":"2017","unstructured":"J. Hallberg , J. Bengtsson , N. Hallberg , H. Karlz\u00e9n , and T. Sommestad , \" The Significance of Information Security Risk Assessments Exploring the Consensus of Raters' Perceptions of Probability and Severity,\" Int . Conf. Secur. Manag. , pp. 131 -- 137 , 2017 . J. Hallberg, J. Bengtsson, N. Hallberg, H. Karlz\u00e9n, and T. Sommestad, \"The Significance of Information Security Risk Assessments Exploring the Consensus of Raters' Perceptions of Probability and Severity,\" Int. Conf. Secur. Manag., pp. 131--137, 2017."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_30_1","DOI":"10.1016\/0167-9236(94)90061-2"},{"key":"e_1_3_2_1_31_1","first-page":"135","volume-title":"Mission-Based Analysis For Assessing Cyber Risk In Critical Infrastructure Systems,\" International Federation for Information Processing (IFIP) - Critical Infrastructure Protection VII","author":"Llanso T.","year":"2013","unstructured":"T. Llanso , G. Tally , M. Silberglitt , and T. Anderson , \" Mission-Based Analysis For Assessing Cyber Risk In Critical Infrastructure Systems,\" International Federation for Information Processing (IFIP) - Critical Infrastructure Protection VII , vol. VII , J. Butts and S. Shenoi, Eds . Springer , 2013 , pp. 135 -- 148 . T. Llanso, G. Tally, M. Silberglitt, and T. Anderson, \"Mission-Based Analysis For Assessing Cyber Risk In Critical Infrastructure Systems,\" International Federation for Information Processing (IFIP) - Critical Infrastructure Protection VII, vol. VII, J. Butts and S. Shenoi, Eds. Springer, 2013, pp. 135--148."},{"key":"e_1_3_2_1_32_1","first-page":"1","volume-title":"June","author":"Knez C.","unstructured":"C. Knez , T. Llanso , D. Pearson , T. Schonfeld , and K. Sotzen , \" Lessons learned from applying cyber risk management and survivability concepts to a space mission,\" IEEE Aerospace Conference Proceedings, 2016 , June , pp. 1 -- 8 . C. Knez, T. Llanso, D. Pearson, T. Schonfeld, and K. Sotzen, \"Lessons learned from applying cyber risk management and survivability concepts to a space mission,\" IEEE Aerospace Conference Proceedings, 2016, June, pp. 1--8."},{"key":"e_1_3_2_1_33_1","volume-title":"Achieving Space Mission Resilience To Cyber Attack: Architectural Implications,\" AAIA Space","author":"Llanso T.","year":"2016","unstructured":"T. Llanso and D. Pearson , \" Achieving Space Mission Resilience To Cyber Attack: Architectural Implications,\" AAIA Space , 2016 . T. Llanso and D. Pearson, \"Achieving Space Mission Resilience To Cyber Attack: Architectural Implications,\" AAIA Space, 2016."},{"key":"e_1_3_2_1_34_1","volume-title":"Critical Controls that Could Have Prevented Target Breach","author":"Radichel T.","year":"2014","unstructured":"T. Radichel , \"SANS Institute InfoSec Reading Room Case Study : Critical Controls that Could Have Prevented Target Breach ,\" 2014 . T. Radichel, \"SANS Institute InfoSec Reading Room Case Study: Critical Controls that Could Have Prevented Target Breach,\" 2014."},{"key":"e_1_3_2_1_35_1","volume-title":"Mapping Dependencies among Cyber Assets, Missions, and Users","author":"Buchanan L.","year":"2012","unstructured":"L. Buchanan , M. Larkin , and A. D'Amico , \"Mission Assurance Proof-of-Concept : Mapping Dependencies among Cyber Assets, Missions, and Users ,\" 2012 . L. Buchanan, M. Larkin, and A. D'Amico, \"Mission Assurance Proof-of-Concept: Mapping Dependencies among Cyber Assets, Missions, and Users,\" 2012."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_36_1","DOI":"10.1109\/SysCon.2014.6819227"},{"key":"e_1_3_2_1_37_1","first-page":"1","article-title":"Computing the Impact of Cyber Attacks on Complex Missions","author":"Musman S.","year":"2010","unstructured":"S. Musman , A. Temin , and M. Tanner , \" Computing the Impact of Cyber Attacks on Complex Missions ,\" Proceedings of the 5th International Conference on Warfare and Security , 2010 , pp. 1 -- 15 . S. Musman, A. Temin, and M. Tanner, \"Computing the Impact of Cyber Attacks on Complex Missions,\" Proceedings of the 5th International Conference on Warfare and Security, 2010, pp. 1--15.","journal-title":"Proceedings of the 5th International Conference on Warfare and Security"},{"key":"e_1_3_2_1_38_1","first-page":"3063","volume-title":"Tradespace Analysis for Multiple Performance Measures,\" Proceedings of the 2016 Winter Simulation Conference","author":"Maccalman A. D.","year":"2016","unstructured":"A. D. Maccalman , S. M. Sanchez , M. L. Mcdonald , A. T. Karl , and S. R. Goerger , \" Tradespace Analysis for Multiple Performance Measures,\" Proceedings of the 2016 Winter Simulation Conference , 2016 , pp. 3063 -- 3074 . A. D. Maccalman, S. M. Sanchez, M. L. Mcdonald, A. T. Karl, and S. R. Goerger, \"Tradespace Analysis for Multiple Performance Measures,\" Proceedings of the 2016 Winter Simulation Conference, 2016, pp. 3063--3074."}],"event":{"sponsor":["National Security Agency National Security Agency","SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"acronym":"HoTSoS '18","name":"HoTSoS '18: Symposium and Bootcamp","location":"Raleigh North Carolina"},"container-title":["Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3190619.3190644","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,14]],"date-time":"2023-01-14T06:06:01Z","timestamp":1673676361000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3190619.3190644"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,4,10]]},"references-count":38,"alternative-id":["10.1145\/3190619.3190644","10.1145\/3190619"],"URL":"https:\/\/doi.org\/10.1145\/3190619.3190644","relation":{},"subject":[],"published":{"date-parts":[[2018,4,10]]},"assertion":[{"value":"2018-04-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}