Date of Award


Document Type


Degree Name

Doctor of Philosophy (PhD)


Computer Science : Modeling and Simulation

Committee Chair

Mikel D. Petty

Committee Member

John A. Bland

Committee Member

Harry Delugach

Committee Member

Mary Ellen Weisskopf

Committee Member

Huaming Zhang


Computer security--Mathematical models, Petri nets


Verification and validation are crucial to establishing the credibility of the results of a modeling and simulation project. Conclusions drawn from an unverified and unvalidated model are at best unconvincing, and at worst have the potential to be dangerous if decisions are made based on outputs from an incorrect model. In general, the most effective methods of verification and validation involve comparisons of simulation results with data from observations of the system or event being simulated. However, such methods cannot be used if system data is not available. This is often true of cyberattacks, because the victims of cyberattacks conceal information related to the attacks, including actors, methods, and impacts. Their reasons for doing so include damage to reputation, risk of revealing vulnerabilities that are difficult to remediate, and regulatory constraints. Consequently, verification and validation of cyberattack models can be a significant challenge. In this research, verification and validation methods that do not depend on sensitive data from actual cyberattacks are developed for models of cyberattacks. The models are based on the publicly available Common Attack Pattern Enumeration and Classification and are expressed using a formalism known as Petri Nets with Players, Strategies, and Costs. The verification methods include direct comparison, semi-formal, and formal methods. The validation methods include face validation, comparison with publicly available data, and experimental validation.



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.