Security Prognostics: Cyber meets PHM

In this paper we cast a vision for Security Prognostics (SP) for critical systems, promoting the view that security related protections would be well served to integrate fully with Monitoring and Diagnostics (M&D) systems that assess the health of complex assets and systems. To detect complex Cyber threats we propose combining system parameters already in use by M&D systems for Prognostics and Health Monitoring (PHM) with security parameters. Combining system parameters used by M&D to detect non-malicious faults with the system parameters used by security schemes to detect complex Cyber threats will improve: (a) accuracy of PHM (b) security of M&D, and (c) availability and safety of critical systems. We also introduce the notion of Remaining Secure Life (RSL), assessed based on the propagation of “security damage,” to create the prospect for Security Prognostics. RSL will assist in the selection of appropriate response(s), based on breach or compromise to security component´s and potential impact on system operation. An example of M&D data is provided which is normally associated with non-malicious faults providing input to detect Malware execution through time series monitoring.