Towards an Integrated Conceptual Model of Security and Dependability

Paper i proceeding, 2006

It is now commonly accepted that security and dependability largely represent two different aspects of an overall meta-concept that reflects the trust that we put in a computer system. There exists a large number of models of security and dependability with various definitions and terminology. This position paper suggests a high-level conceptual model that is aimed to give a novel approach to the area. The model defines security and dependability characteristics in terms of a system’s interaction with its environment via the system boundaries and attempts to clarify the relation between malicious environmental influence, e.g. attacks, and the service delivered by the system. The model is intended to help reasoning about security and dependability and to provide an overall means for finding and applying fundamental defence mechanisms. Since the model is high-level and conceptual it must be interpreted into each specific sub-area of security/dependability to be practically useful.