MIT Interdisciplinary Consortium for Improving Critical Infrastrucutre Cybersecurity


*    Samples of Research in progress at (IC)3

Listed below are samples of the research work being done by the (IC)3 team.  To hear more about our Cybersecurity Research, learn how you can use this research to increase and improve the Cybersecurity of your organization, and learn how you can interact with the MIT faculty, researchers, and students -- please contact one of the (IC)3 Directors on the Team page, and then join (IC)3.  What you learn at (IC)3 can save your organization.

*    Recent PowerPoint Presentations:

NEWThe Wolves of Vuln Street: The 1st System Dynamics Model of the 0day Market - as presented at the RSA Conference, April 21, 2015, Moscone Center, by (IC)3 Associate Director Michael Siegel, and Katie Moussouris, HackerOne

NEWCyber Safety: A Systems Thinking and Systems Theory Approach to Managing Cybersecurity Applied to TJX Case - as presented at the International Atomic Energy Agency, Vienna, June 2, 2015

3.     Advancing Cybersecurity Using System Dynamics Simulation Modeling For System Resilience, Patching, and Software Development - as presented September 3, 2014

4.     Advancing Cybersecurity Using System Dynamics Simulation Modeling For Analyzing & Disrupting Cybercrime Ecosystem & Vulnerability Markets - as presented September 3, 2014

5.     Cyber Safety: A Systems Thinking and Systems Theory Approach to Managing Cybersecurity Applied to TJX Case

6.     MIT House of Security: Techniques to Quantify Perceptions and Other Cultural Aspects of Cyber Security

*    A Sampling of Research Papers:

Each title below is a link to the actual research paper.  To maintain continued and early access to (IC)3, research, models and tools please JOIN (IC)3 now. 

1.     A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems: Applied to Stuxnet

2.     Cyber Safety: A Systems Thinking and Systems Theory Approach to Managing Cyber Security Risks (Condensed 37 page version)

3.     Cyber Safety: A Systems Thinking and Systems Theory Approach to Managing Cyber Security Risks (Full 157 page version)

4.     The House of Security: Stakeholder Perceptions of Security Assessment and Importance (FSTC)

5.     Using System Dynamics to Model and Better Understand State Stability (SD)

6.     Institutional Foundations for Cyber Security: Current Responses and New Challenges (JITD)

7.     Inter-Organizational Information Sharing of Customer Data in Retail

8.     Issues in Strategic Management of Large-Scale Software Product Line Development

9.     Challenges in Implementing Enterprise Resource Planning (ERP) system in Large Organizations: Similarities and Differences Between Corporate and  University Environment

10.  Using System Dynamics to Analyze the Effect of Funding Fluctuation on Software Development (ASEM)

11.  Agile Project Dynamics: A System Dynamics Investigation of Agile Software Development Methods (SD Conference)

12.  Towards better understanding Cybersecurity:  or are "Cyberspace" and "Cyber Space" the same? (WISP)

13.  Strategic Philanthropy for Cyber Security: An extended cost-benefit analysis framework to study cybersecurity

14.  Comparative Analysis of Cybersecurity Metrics to Develop New Hypotheses (WISP)

15.  Institutional Foundations for Cyber Security: Current Responses and New Challenges (revised)

16.  Exploring Terms and Taxonomies Relating to the Cyber International Relations Research Field: or are "Cyberspace" and "Cyber Space" the same?

17.  Institutional Foundations for Cyber Security: Current Responses and New Challenges

18.  Experiences and Challenges with using CERT Data to Analyze International Cyber Security (AIS/WISP)

19.  Explorations in Cyber International Relations (ECIR) - Data Dashboard Report #1: CERT Data Sources and Prototype Dashboard System

20.  A Systems Approach to Risk Management (ASEM)

21.  An Economic Analysis of Policies for the Protection and Reuse of Non-Copyrightable Database Contents (JMIS)

22.  Preventing Accidents and Building a Culture of Safety: Insights from a Simulation Model

23.  Enhancing Vehicle Safety Management in Training Deployments: An Application of System Dynamics

24.  House of Security: Locale, Roles and Resources for Ensuring Information Security (AMCIS)

25.  Improving National and Homeland Security through Context Knowledge Representation & Reasoning Technologies (Book chapter)

26.  Understanding & Modeling State Stability: Exploiting System Dynamics (IEEE Aerospace)

27.  Understanding & Modeling State Stability: Exploiting System Dynamics (PCAS Final Report with Appendices)

28.  Policy for the Protection and Reuse of Non-Copyrightable Database Contents

29.  To Standardize Enterprise Data or Not?  An Economic Analysis of Flexibility versus Control

30.  Context Mediation Demonstration of Counter-Terrorism Intelligence (CTI) Integration

31.  Research Initiative to Understand & Model State Stability: Exploiting System Dynamics (SD)

32.  Linkage Between Pre- and Post- Conflict: Exploiting Information Integration & System Dynamics (IEEE Aerospace)

33.  Improving National and Homeland Security through a proposed Laboratory for Information Globalization and Harmonization Technologies (LIGHT)

34.  Global e-Readiness - For What?  Readiness for e-Banking (Journal of IT Development)

35.  Improving UccNet-Compliant B2B Supply-Chain Applications Using a Context Interchange Framework (BAI2004)

36.  Information Integration for Counter Terrorism Activities: The Requirement for Context Mediation (IEEE Aerospace)

37.  LIGHTS: Laboratory for Information Globalization and Harmonization Technologies and Studies

38.  Attribution Principles for Data Integration:  Technology and Policy Perspectives - Part 2: Focus on Policy

39.  Attribution Principles for Data Integration:  Technology and Policy Perspectives - Part 1: Focus on Technology

40.  Why Not One Big Database? Principles for Data Ownership (DSS)