Structured Cyber Resiliency Analysis MethodologyMay 2016
Topics: Cybersecurity, Computer Security, Information Security Operations, Information Security Risk Management, Government Agency Operations
The Structured Cyber Resiliency Analysis Methodology (SCRAM) defines processes, supported by such resources as frameworks and models, value scales, and datasets, that can be used to perform cyber resiliency analyses (CRAs) with varying scopes and purposes, at different points in the lifecycle of a system, system-of-systems (SoS), or mission. SCRAM uses MITRE’s Cyber Resiliency Engineering Framework (CREF) as a common structuring mechanism, enabling results of CRAs under different circumstances to be compared or used together. This paper presents a high-level description of SCRAM, and identifies some representative resources.