Science of Cyber Security: Modeling, Composition, and Measurement 

Program Objective

Our nation’s increasing dependence on computing systems that are not trustworthy puts individuals, commercial enterprises, the public sector, and our military at risk. This project is advancing a science base for trustworthiness by developing concepts, relationships, and laws with predictive value.

Scientific Approach

Focusing on pressing problem areas amenable to rigorous treatment and generalizable solutions, the project is organized around three thrust areas: Security Modeling, Secure Composition, and Security Measurement. A uniform approach to security modeling allows systematic approaches to be developed and applied to a broad range of richly connected systems, supporting analysis of resilience against graduated classes of clearly defined threat models. Principles of secure composition are developed, analyzed and evaluated for systematic and modular construction of trustworthy systems, relative to security properties that can be verified and validated through theoretical proof and/or experiment. New security measurement concepts make it possible to determine relative strengths of defense mechanisms, determine whether security improves from one version of a system to another, and determine when additional security mechanisms are warranted given incentives associated with system attackers and defenders. Together, advances from these three, complementary thrusts will support a science base for future systems that proactively resist attacks through secure design, development, and implementation based on principled foundations.


Anupam Datta (CMU)
Joe Halpern (Cornell University)
John C. Mitchell (Stanford University, PI)
Andrew Myers (Cornell)
Andre Scedrov (University fo Pennsylvania)
Fred B. Schneider (Cornell University)
David Wagner (UC Berkeley)

Jeannette Wing (Microsoft)

Top Chief: Tristan N Nguyen