Validating and restoring defense in depth using attack graphs
Suri, "A security Metrics Framework for the Cloud," in Proc.
of the 1st Workshop on the Security of the Internet of Things (Sec Io T 2010), 2010.
Clarke, "Assessing the Security of Internet Connected Critical Infrastructures (The Co Mi Fin Project Approach)," in Proc.
Very few frameworks have been proposed to aggregate security metrics.
Yu, "Trust Builder: negotiating trust in dynamic coalitions," in Proceedings DARPA Information Survivability Conference and Exposition, 2003, pp.
Jones, "Responding to policies at runtime in Trust Builder," in IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY’04), 2004, pp.
Wing, "An Attack Surface Metric," IEEE Transactions on Software Engineering (TSE), vol.
Savola, "On the Feasibility of Utilizing Security Metrics in Software Intensive Systems," in International Journal of Computer Science and Network Security (IJCSNS), vol.