LAUSR

Visualization and simulation models used for the evaluation and selection of security countermeasures need accurate data to compute the impact of cyber events (e.g., malicious and benign actions). The information required to build appropriate impact models depends directly on the nature of the system. The information dealt by water supply systems, for instance, is particularly different from the information obtained by energy, telecommunication, transportation, or finance systems. It is, therefore, important to properly classify the data of security events according to the nature of the system. This paper proposes an event data taxonomy based on the system’s criticality, the geographical location of the target, the time at which the information is obtained by the attacker, and the nature of the data. A use case on the impact assessment of events originated in a critical infrastructure is presented to show the applicability of the proposed taxonomy.