Trustworthy Refinement Through Intrusion-Aware Design
Appendix: Glossary
attack pattern - a generic representation of deliberate and malicious activity that commonly occurs in a specific architectural context
attack tree - a mission-critical compromise of a system and a hierarchical organization of intrusion scenarios, each of which accomplishes that compromise by different means
conceptual architecture (or conceptual survivability architecture) - a description of the system structure and function that addresses the need to ensure mission success despite penetrations and compromise at a level appropriate for the customer of the system
impact - the extent of harm to a system that results from a threat's exploitation of a system vulnerability [DoD 00]
information system - any combination of information technology and people's activities using that technology to support operations, management, and decision-making
intrusion scenario - a description of people interacting with systems in a malicious way, thereby intentionally causing harm to an organization
security risk - a combination of the likelihood that a threat will occur, the likelihood that a threat occurrence will result in an adverse impact, and the severity of the resulting impact [DITSCAP 99]
survivability - the capability of a system to fulfill its mission by preserving essential services, even when systems are penetrated and compromised
survivability architecture - the combination of a system's conceptual architecture and technical architecture
survivability strategy - an overall approach to resist, recognize, recover from, and adapt to mission-compromising attacks
survivability tactic - a generic representation of an architectural approach to resist, recognize, recover from, or adapt to some pattern of attack in a specific context
survivability traceability - a characteristic of a system in which the survivability requirements are clearly linked to their sources (mission) and to the artifacts created during the system development life cycle based on these requirements (survivability architecture) [Ramesh 97]
survivability tracing - the process of ensuring survivability traceability
system dynamics - a method to model and analyze the holistic behavior of complex, managed systems as they evolve over time
technical architecture (or technical survivability architecture) - a description of the system structure and function that addresses the need to ensure mission success despite penetrations and compromise at a level of technical detail sufficient to actually build the system
technical component - any existing architectural building block, such as commercial off-the-shelf software or hardware
threat - any circumstance or event with the potential to cause harm to a system [DoD 00]
threat dynamics - an application of system dynamics that explicitly addresses hostile, malicious actions by individuals and the system operational response to such actions
vulnerability - a system characteristic that could be exploited by a threat to harm a system [DoD 00]