Research Article
Meta-modelling for Ecosystems Security
@INPROCEEDINGS{10.1007/978-3-030-97124-3_22, author={Tristan Caulfield and Marius-Constantin Ilau and David Pym}, title={Meta-modelling for Ecosystems Security}, proceedings={Simulation Tools and Techniques. 13th EAI International Conference, SIMUtools 2021, Virtual Event, November 5-6, 2021, Proceedings}, proceedings_a={SIMUTOOLS}, year={2022}, month={3}, keywords={Systems Ecosystems Models Qualities Methodology Co-design Translation zone Security Modelling}, doi={10.1007/978-3-030-97124-3_22} }- Tristan Caulfield
Marius-Constantin Ilau
David Pym
Year: 2022
Meta-modelling for Ecosystems Security
SIMUTOOLS
Springer
DOI: 10.1007/978-3-030-97124-3_22
Abstract
As the world has evolved to become ever more dependent on complex ecosystems of large, interacting systems, it has become ever more important to be able to reason rigorously about the design, construction, and behaviour not only of individual systems—which may include aspects related to all of people, process, and technology—but also of their assembly into ecosystems. In such situations, it is inevitable that no one type of model—such as mathematical models of dynamical systems, logical models of languages, or discrete event simulation models—will be sufficient to describe all of the aspects of ecosystems about which rigorous reasoning is required. We propose here a meta-theoretical framework, the ‘triangle framework’, within which different types of models may be categorized and their interactions, especially during the construction of models, can be understood. Its explicit goals are to facilitate a better understanding of the nature of models and to provide a more inclusive language for the description of heterogeneous models. Specifically, we identify three qualities of models, each derived from modelling goals—conceptuality, mathematicality, and executability—and explain how models will, typically, have all of these qualities to varying extents. We also show how the framework supports an analysis of how models can be co-designed by their various stakeholders within an identified translation zone within the process of model construction. We explore our ideas in the concrete setting of models encountered in a range of surveyed security papers, drawn from a diverse collection of security conferences. Although descriptive in nature, we envision this framework as a necessary first step in the development of a methodology for heterogeneous model design and construction, diverse enough to characterize the myriad of model types used in the field of information security while at the same time addressing validation concerns that can reduce their usability in the area of security decision-making.
