We arrive at scientific laws or theories through a process of logic and evidence. Logic by way of theory and evidence from observations are the two, and only two, pillars upon which scientific knowledge is based. In science, theories and observations are interrelated and cannot exist without each other. Theories provide meaning and significance to what we observe, and observations help validate or refine existing theory or construct new theory. Any other means of knowledge acquisition, such as faith or authority cannot be considered science.
Given that theories and observations are the two pillars of science, scientific research operates at two levels: a theoretical level and an empirical level. The theoretical level is concerned with developing abstract concepts about a natural or social phenomenon and relationships between those concepts, while the empirical level is concerned with testing the theoretical concepts and relationships to see how well they reflect our observations of reality, with the goal of ultimately building better theories. Over time, a theory becomes more and more refined, and the science gains maturity. Scientific research involves continually moving back and forth between theory and observations. Both theory and observations are essential components of scientific research. For instance, relying solely on observations for making inferences and ignoring theory is not considered valid scientific research
The scientific method is a structured way of investigating the world. This group of techniques can be used to gain knowledge, study the state of the world, correct errors in current knowledge, and integrate facts. The scientific method contributes to a theoretical and practical understanding of cybersecurity. The Oxford English Dictionary defines the scientific method as “a method of observation or procedure based on scientific ideas or methods; specifically, an empirical method that has underlain the development of natural science since the 17th century”. Scientific experimentation and inquiry reveal opportunities to optimize and create more secure cyber solutions. The scientific method contains five essential elements: ask a good question, formulate hypotheses, make predictions, experimentally test the predictions, analyze the results.Experiments must be objective, falsifiable, reproducible, predictable, and verifiable.The human elements of cybersecurity science are critical to designing accurate and unbiased experiments and to maximizing the practical usefulness of experiments.
People benefit every day from the experimentation and scientific investigation done by people in cybersecurity. Cybersecurity is a broad category, covering the technology and practices used to protect computer networks, computers, and data from harm. People throughout industry, academia, and government all use formal and informal science to create and expand cybersecurity knowledge. As a discipline, the field of cybersecurity requires authentic knowledge to explore and reason about the how and why we build or deploy security controls. Like applied science, cybersecurity science often takes the form of applied research which the goal of the work is to discover how to meet a specific need.