“If you were attacked, you’d be sorry‿: Counterfactuals as security arguments

Cormac Herley, Wolter Pieters

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    8 Citations (Scopus)


    Counterfactuals (or what-if scenarios) are often employed as security arguments, but the dos and don’ts of their use are poorly understood. They are useful to discuss vulnerability of systems under threats that haven’t yet materialized, but they can also be used to justify investment in obscure controls. In this paper, we shed light on the role of counterfactuals in security, and present conditions under which counterfactuals are legitimate arguments, linked to the exclusion or inclusion of the threat environment in security metrics. We provide a new paradigm for security reasoning by deriving essential questions to ask in order to decide on the acceptability of specific counterfactuals as security arguments, which can serve as a basis for further study in this field. We conclude that counterfactuals are a necessary evil in security, which should be carefully controlled.
    Original languageUndefined
    Title of host publicationNew Security Paradigm Workshop (NSPW)
    Place of PublicationNew York
    PublisherAssociation for Computing Machinery (ACM)
    Number of pages12
    ISBN (Print)978-1-4503-3754-0
    Publication statusPublished - Sep 2015
    Event2015 New Security Paradigms Workshop, NSPW 2015 - Twente, Netherlands
    Duration: 8 Sep 201511 Sep 2015

    Publication series



    Workshop2015 New Security Paradigms Workshop, NSPW 2015
    Abbreviated titleNSPW


    • SCS-Cybersecurity
    • EWI-26393
    • IR-97946
    • EC Grant Agreement nr.: FP7/318003
    • METIS-314989
    • EC Grant Agreement nr.: FP7/2007-2013

    Cite this