Skip to Main Content
A method is described that takes into account the investments done in the security and/or achieved security confidence in planning new security measures. The method uses new integral security metrics and the well-known graded security model. A precondition for the application of this method is the availability of expert knowledge or statistical data for the model in use that describes a class of situations where the analyzed security situation belongs to. For a number of situations at present, this information has been extracted from standards of graded security. For specific military communications applications the data must be collected from a log analysis of characteristic attacks and security reports, as well as by the traditional knowledge acquisition means.