Core Concepts
A new conceptual framework for analyzing complex security systems using the notions of modes and mode transitions, where a mode is an independent component with its own objectives, monitoring data, algorithms, and scope of action, and mode transitions are determined by interpretations of monitoring data and capabilities in light of objectives.
Abstract
The paper proposes a new conceptual framework for analyzing complex security systems using the notions of modes and mode transitions. A mode is defined as an independent component of the system with its own objectives, monitoring data, algorithms, and scope of action. The behavior of a mode, including its transitions to other modes, is determined by interpretations of the mode's monitoring data and capabilities in light of its objectives, which are termed beliefs.
The framework is formalized mathematically using simplicial complexes to visualize the beliefs and mode transitions. Three security scenarios are used to demonstrate the application of the framework:
Triage for classifying "persons of interest" based on available evidence.
Mapping the potential causes and effects of a cyber security incident.
Examining a multi-agency response to a critical incident using the UK Gold-Silver-Bronze command structure.
The key principles of the framework include completeness (a system can be in one or more modes at a time), composition (joint modes can be formed by combining other modes), localization (each mode has its own monitoring data and evidence space), globalization (the overall system state is a synthesis of the modes' evidence), quantification (the relevance of modes to the system state is quantified), and visualization (the beliefs and mode transitions are represented geometrically using simplicial complexes).
The framework aims to provide a transparent and explainable approach to designing, analyzing, and understanding complex security systems, especially in human-centered contexts.