Modeling and Simulation Approaches

Abstract

The discussion so far has been limited to relatively narrow abstractions of systems and networks. Such abstractions allow effective assessment and analysis methodologies but do not cover the richness and diversity of realistic organizations, systems and processes. Therefore, this chapter explains how to build a multidimensional simulation model of an organization’s business processes. This multidimensional view incorporates physical objects, human factors, time and cyberspace aspects. Not all systems, the components within a system, or the connections and interfaces between systems and domains are equally resilient to attack. It is important to test complex systems under load in a variety of circumstances to both understand the risks inherent in the systems but also to test the effectiveness of redundant and degenerate systems. There is a growing need to test and compare the limitations and consequences of potential mitigation strategies before implementation. Simulation is a valuable tool because it can explore and demonstrate relationships between environmental variables in a controlled and repeatable manner. This chapter introduces the integrated cyber-physical effects {(ICPE)} model as a means of describing the synergistic results obtained through the simultaneous, parallel or sequential prosecution of attacking and defensive measures in both the physical and cyber domains.