A major component of the SENDS Pilot Project is a modeling and simulation task that helps us better understand how people and information technology interact and the interdependencies that arise with the convergence of these two sources of vulnerability. We call the product output of this task SENDSim. In brief, SENDSim is being designed to help the cybersecurity expert face cyberspace security challenges by providing a platform for understanding threats, evaluating solutions, and communicating the benefits of a principled security plan to non-technical decision makers. Users can specify network designs, assumptions, and policy parameters. SENDSim then creates a simulated network, a simulated workforce using that network, and a simulated malware threat. The illustration of an early SENDSim screenshot below helps to visualize the components and interactions of SENDSim agent-actors.
Incorporating modeling techniques from epidemiology and behavioral economics, SENDSim captures both the behaviors of the malware and the behaviors of the network users. These behaviors (based on intents and attitudes modeled on subject matter expert insights) include users’ appreciation of cyber threats, their level of technical sophistication, and their actions, such as choosing passwords, enabling and disabling features, and telling co-workers about threats and solutions.