Cyber economics drives many of the decisions related to cybersecurity by both the defenders and attackers. It determines on the defensive side the technologies and procedures implemented to prevent and respond to cyber-attacks. On the offensive side, it not only determines the type of attack but also the effort expended to ensure its success. In short, these and other factors determine the asymmetric balance between the attackers and defenders. The Cyber Resilience Economics workshop will explore foundational and applied advances to achieve an optimal asymmetric balance and how to most effectively leverage technical and management options to achieve this target. To do so, the workshop will seek to understand the parameters needed to accurately quantify asymmetric imbalance from both the offensive and defensive perspective; examine technical and non-technical approaches to shifting that balance, including the full range of costs/benefits of each approach; and explore and evaluate a range of options for defining and achieving optimality. It will bring together a diverse group of experts to advance the concepts, analysis and application of cost, value, risk and other important features of cyber systems as related to asymmetric advantage and cyber resiliency. This will serve to accelerate the recognition, adoption and application of cyber resilience within industry, government and academia by addressing the key concerns of how these techniques and technologies can be realized within the practical constraints of cost, risk, and benefit.

The topics of interest include, but are not limited to:

  • Foundations of asymmetric cyber advantage
  • Integrated analyses of cyber resiliency & asymmetry with cyber environments
  • Metrics, measures, and economics of cyber resiliency & asymmetry
  • Defining practical cyber resiliency
  • Technical & architectural approaches to gaining asymmetric advantage
  • Relationship between resiliency and security
  • Adversary economics: assessing the impact of defender capabilities and actions to the attacker
  • Frameworks for ROI analysis (cost, risk, benefit) to guide technology investment (research, development, and utilization)
  • Cyber-resiliency related tools that are guided by economic factors for defender and/or adversary
  • Use cases or case studies for defender and/or adversary that include economic factors


At least one author of each accepted paper (including panelists’ position statements) must register with the full fee and present at the workshop in order for the paper to be included in the QRS 2017 Supplemental Proceedings. Papers will also be submitted to the IEEE Xplore database and indexed by all the abstracting and indexing partners (such as the EI Compendex).

Journal Special Issue (TBA)

Best Paper Award

At least one award will be presented. Authors will receive a certificate signed by the President of the IEEE Reliability Society and the Organizers of CRE 2017.

Panelists Solicitation (TBA)

Important Dates

    April 21, 2017 (extended)       Submission deadline
    May 25, 2017       Author notification
    June 5, 2017       Camera-ready dues
    July 25-29, 2017       Workshop


Authors are invited to submit original, unpublished research papers as well as industrial practice papers. Simultaneous submissions to other publications and conferences are not permitted. Detailed instructions for electronic paper submission, panel proposals and review process can be found at

The length of a camera ready paper will be limited to eight pages, including the title of the paper, the name and affiliation of each author, a 150-word abstract, and up to 6 keywords.

Authors must follow the IEEE Computer Society Press Proceedings Author Guidelines to prepare papers. At least one of the authors of each accepted paper is required to pay full registration fee and present the paper at the workshop. Arrangements are being made to publish selected accepted papers in reputable journals. The submissions must be in PDF and uploaded to the conference submission site.

  Click here to submit your papers to CRE 2017

Program Chairs

Nick Multari Pacific Northwest National Laboratory USA
Jeffrey Picciotto MITRE Corp USA

Steering Committee

Christopher Oehmen Pacific Northwest National Laboratory USA
Rosalie McQuaid MITRE Corp USA
Tyler Moore University of Tulsa USA
David Manz Pacific Northwest National Laboratory USA
Richard Graubart MITRE Corp USA
Pradeep Ramuhalli Pacific Northwest National Laboratory USA

Program Committee

Marco CarvalhoFlorida Institute of TechnologyUSA
Peter ChenCarnegie Mellon University/SEIUSA
Robert CunninghamMIT Lincoln LabsUSA
James DavisIowa State UniversityUSA
Sabrina De Capitani di VimercatiUniversita degli Studi di MilanoItaly
Herve DebarTelecom SudParisFrance
Erich DevendorfAir Force Research LabUSA
Anurag DwivediJohn Hopkins University/APLUSA
Kristin GlassPerianderUK
Arlette HartFederal Bureau of InvestigationsUSA
Walt HeimerdingerHoneywell - RetiredUSA
Chad HeitzenraterAir Force Research LabsUSA
Craig JacksonIndiana UniversityUSA
Doug JacobsonIowa State UniversityUSA
Dong-Seong KimUniversity of CanterburyNew Zealand
Hermann KopetzUniversity of TechnologyAustria
Al MokUniversity of Texas at AustinUSA
Takashi NanyaUniversity of TokyoJapan
Nuno NevesUniversity of LisbonPortugal
Indrajit RayColorado State UniversityUSA
Craig RiegerIdaho National LaboratoryUSA
O. Sami SaydjariCyber Defense AgencyUSA
Nabil SchearMIT Lincoln LabsUSA
Neeraj SuriTechnical University DarmstadtGermany
Paulo VerissimoUniversity of LuxembourgLuxembourg

Web Masters

Shou-Yu Lee University of Texas at Dallas USA
Xuelin Li University of Texas at Dallas USA

PC Login

Please click here to log in your PC account for CRE 2017.

Workshop Venue

CRE 2017 will be held in conjunction with QRS 2017 at Prague, Czech Republic. Please visit the QRS 17 website for further information.

General Inquiries

For more detailed and updated information, please contact Dr. Nick Multari at or Mr. Jeffrey Picciotto at

Previous CRE

CRE 2017 Program

  Click here to download the conference program.

Wednesday, 26 July, 2017
  • 10:00-10:50, Session I-F, room 153 – Industry Track
    • Invited Talk – Cybersecurity Economics and Valuation Modeling
      Phil Owen, AECOM
  • 16:00-17:40, Session III-C, room 113 – Paper Presentations
    • CsPI: A New Way to Evaluate Cybersecurity Investments
      Summer Fowler and Peter Chen
    • Resilience in Homogeneous Networks: A Strategic Network Formation Approach
      Babak Heydari
    • Risky Cyber Security: ‘7012’ Regulations Federally-Driven inhibitor to Resilience within the Defense Industrial Base: A Position Paper
      Larisa Breton
    • Resilience Mechanism for Trustworthy Workflow Management System
      Qiang Han

Thursday, 27 July
  • 10:00-12:05, Session IV-C, Room 113
    • Invited Talk – Cyber Resilience of Complex Systems-of-Systems
      Dr. George Sharkov, National Cybersecurity Coordinator/Advisor to the Bulgarian Prime Minister’s Office
    • Panel – Examining Concepts Raised in Presented Papers
      • Moderator: Dr. Peter Chen, CMU/SEI
      • Dr. Robert Cunningham, MIT Lincoln Labs
      • Summer Fowler, CMU/SEI
      • Dr. Babak Heydari, Stevens Institute of Technology
      • Larisa Breton, Full Circle Communications and George Washington University
  • 12:05-14:00, Lunch, Foyer
  • 14:00-15:40, Session V-C, Room 113
    • Invited Talk – Towards Defensible Applications
      Dr. Volkmar Lotz, Research Strategy Lead, SAP Global Security
    • Panel – Factors Driving Plans, Policies, and Application of Cybersecurity and Resilience in Government and Industry
      • Moderator: Dr. Nick Multari, PNNL
      • Phil Owen, Director of Information Assurance and Information Systems Security Engineering AECOM Ltd
      • Dr. George Sharkov, National Cybersecurity Coordinator/Advisor to the Bulgarian Prime Minister’s Office
      • Dr. Peter Chen, Distinguished Career Scientist and Professor, CMU
      • Dr. Volkmar Lotz, Research Strategy Lead, SAP Global Security