Threat modeling for aviation computer security

被引：0

作者：

Baquero, Abraham O. ^{[1
]}

Kornecki, Andrew J. ^{[2
]}

Zalewski, Janusz ^{[3
]}

机构：

[1] SMRT Software Corporation, 422 Wekiva Rapids Dr., Altamonte Springs,FL,32714, United States

[2] Electrical, Computer, Software, and System Engineering Department, Embry Riddle Aeronautical University, 600 S. Clyde Morris Blvd., Daytona Beach,FL,32114, United States

[3] Department of Software Engineering, Florida Gulf Coast University, 10501 FGCU Blvd, Ft. Myers,FL,33965, United States

来源：

CrossTalk | 2015年 / 28卷 / 06期

关键词：

Data flow analysis - Embedded systems - Network security - Data flow graphs - Application programs - Cybersecurity;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

The safety of aircraft cannot be analyzed anymore based only on potential hazards and failures. Due to their increasing interconnectivity, modern computer systems are exposed to a variety of security threats. Additionally, complexity of the system may be a source of vulnerabilities opening the system to malicious actions with ultimate impact on safety. Threat Modeling is the technique that assists software engineers to identify and document potential security threats associated with a software product, providing development teams a systematic way of discovering strengths and weaknesses in their software applications. Microsoft's SDL Threat Modeling Tool offers automated analysis of security threats of systems that can be represented using data flow diagrams. The article discusses issues of security in aviation and presents a case study of a realistic cyber-physical system to introduce tool-supported threat modeling method which can be used for unmanned aerial systems security analyses.

引用

页码：21 / 27

共 50 条

[21] Modeling aviation baggage screening security systems: a case study
Jacobson, SH
Virta, JL
Bowman, JM
Kobza, JE
Nestor, JJ
IIE TRANSACTIONS, 2003, 35 (03) : 259 - 269
[22] Data Security and Threat Modeling for Smart City Infrastructure
Wang, Paul
Ali, Amjad
Kelly, William
2015 INTERNATIONAL CONFERENCE ON CYBER SECURITY OF SMART CITIES, INDUSTRIAL CONTROL AND COMMUNICATIONS (SSIC), 2015,
[23] Threat Modeling for Security Failure-Tolerant Requirements
Shin, Michael
Dorbala, Swetha
Jang, Dongsoo
2013 ASE/IEEE INTERNATIONAL CONFERENCE ON SOCIAL COMPUTING (SOCIALCOM), 2013, : 594 - 599
[24] A CONSTRUCTIVE DIREST SECURITY THREAT MODELING FOR DRONE AS A SERVICE
Salamh, Fahad E.
Karabiyik, Umit
Rogers, Marcus K.
JOURNAL OF DIGITAL FORENSICS SECURITY AND LAW, 2021, 16 (01)
[25] Computer Network Security Analysis Modeling
Zhao, Xue
2019 2ND INTERNATIONAL CONFERENCE ON MECHANICAL, ELECTRONIC AND ENGINEERING TECHNOLOGY (MEET 2019), 2019, : 165 - 168
[26] Security Threat Modeling and Automated Analysis for System Design
Meng B.
Smith W.
Durling M.
SAE International Journal of Transportation Cybersecurity and Privacy, 2021, 4 (01):
[27] Modeling Computer Security Service Desk
Al-Fedaghi, Sabah
AlMusallam, Basmah
2019 6TH INTERNATIONAL CONFERENCE ON CONTROL, DECISION AND INFORMATION TECHNOLOGIES (CODIT 2019), 2019, : 906 - 911
[28] This aviation security
Einarsson, Atli
LAEKNABLADID, 2023, 109 (10): : 478 - 478
[29] The Missile Threat to Civil Aviation
Schaffer, Marvin B.
TERRORISM AND POLITICAL VIOLENCE, 1998, 10 (03) : 70 - +
[30] Understanding Security Behaviors in Personal Computer Usage: A Threat Avoidance Perspective
Liang, Huigang
Xue, Yajiong
JOURNAL OF THE ASSOCIATION FOR INFORMATION SYSTEMS, 2010, 11 (07): : 394 - 413

← 1 2 3 4 5 →