Abstract
Building systems that are guaranteed to be secure or to remain secure over time is still an unachievable goal. The need for a tool that helps to determine security assurance level of a system is therefore vital in order to maintain and improve overall security. This paper introduces our system to assess the overall security assurance of a large, networked, IT-driven system in terms of a dedicated evaluation infrastructure based on multi-agent technology. We use attack graph approach to compute an attackability metric value and define other metrics for anomaly detection to assess both the static and dynamic visions of the system under study. The implemented software system is described, and the examples of experiments for evaluating of network component, sub network and network security assurance levels are considered.