Cyber-physical control systems present a critical infrastructure characterized by interdependencies and complexity (collections of interacting components) where high availability is critical for all stakeholders. The classical formula based on time-between-failure and time-to-recovery does not fully and satisfactorily account for the interdependences of stakeholders, components, vulnerabilities and threats. This talk will review some cyber and information security fundamentals to motivate the case that accounts for these factors towards a more comprehensive bottom line assessment of Òcybernomic" risk. We present a new measure of Cyber Econometric Availability (CEA) and discuss the results of a year-long power utility assessment study.
Speaker's Bio:
Dr. Rick Sheldon has 29+ years in the fields of software engineering and computer science engaged as an engineer, principal investigator, research scientist, business developer and conference chair. He is professor and Chair of Computer Science at the University of Idaho (including Center for Secure and Dependable Systems, interim director) and holds a visiting professorship at the Int'l School of Software, WHU, China. He's held faculty appointments (U. Colorado CS, Wash. State U., U. Memphis) and R&D positions at Oak Ridge National Laboratory and three fortune 100 companies (LMCO, GD and Raytheon/TI) including a National Academy NRC postdoc at NASA Langley, and Visiting Scholar at NASA Ames and Stanford University. He's published 140+ articles, 12 editorships and 4 US Patents. He's chaired, facilitated and participated in National R&D venues including invited speaker, panelist and moderator. His research interests are currently focused on cyber and information security. He enjoys teaching Senior and Graduate level topics.