Threat modeling in cyber-physical systems

被引:17
|
作者
Fernandez, Eduardo B. [1 ]
机构
[1] Florida Atlantic Univ, Boca Raton, FL 33431 USA
来源
2016 IEEE 14TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 14TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 2ND INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS (DASC/PICOM/DATACOM/CYBERSC | 2016年
关键词
Cyber-physical systems; threat modeling; misuse patterns; secure systems design; security patterns; ELICITING SECURITY REQUIREMENTS;
D O I
10.1109/DASC-PICom-DataCom-CyberSciTec.2016.89
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
To design a secure system we need to understand its possible threats; more specifically we need to understand how the components of the architecture are compromised and used by an attacker in order to fulfill his objectives and how the attack proceeds through these units. We can do this using misuse patterns, an artifact we have introduced in earlier work. Threat modeling of IT systems has been widely explored but there is no much work on cyber-physical system (CPS) threats. CPSs are complex and heterogeneous systems and have many vulnerabilities. We discuss here how to extend misuse patterns to describe CPS threats and how to enumerate and unify CPS threats. This approach can be valuable to complement methodologies to build secure CPSs. We show our ideas through a metamodel and an example.
引用
收藏
页码:448 / 453
页数:6
相关论文
共 50 条
  • [1] Threat Modeling of Cyber-Physical Systems in Practice
    Jamil, Ameerah-Muhsinah
    Ben Othmane, Lotfi
    Valani, Altaz
    RISKS AND SECURITY OF INTERNET AND SYSTEMS (CRISIS 2021), 2022, 13204 : 3 - 19
  • [2] On Threat Modeling and Mitigation of Medical Cyber-Physical Systems
    Almohri, Hussain
    Cheng, Long
    Yao, Danfeng
    Alemzadeh, Homa
    2017 IEEE/ACM SECOND INTERNATIONAL CONFERENCE ON CONNECTED HEALTH - APPLICATIONS, SYSTEMS AND ENGINEERING TECHNOLOGIES (CHASE), 2017, : 114 - 119
  • [3] STRIDE-based Threat Modeling for Cyber-Physical Systems
    Khan, Rafiullah
    McLaughlin, Kieran
    Laverty, David
    Sezer, Sakir
    2017 IEEE PES INNOVATIVE SMART GRID TECHNOLOGIES CONFERENCE EUROPE (ISGT-EUROPE), 2017,
  • [4] Towards a Systematic Threat Modeling Approach for Cyber-physical Systems
    Martins, Goncalo
    Bhatia, Sajal
    Koutsoukos, Xenofon
    Stouffer, Keith
    Tang, CheeYee
    Candell, Richard
    2015 RESILIENCE WEEK (RSW), 2015, : 114 - 119
  • [5] Modeling Cyber-Physical Systems
    Derler, Patricia
    Lee, Edward A.
    Vincentelli, Alberto Sangiovanni
    PROCEEDINGS OF THE IEEE, 2012, 100 (01) : 13 - 28
  • [6] Sensor Threat Isolation for Cyber-Physical Systems
    Zhang, Kangkang
    Kasis, Andreas
    Keliris, Christodoulos
    Polycarpou, Marios M.
    Parisini, Thomas
    IFAC PAPERSONLINE, 2023, 56 (02): : 11324 - 11329
  • [7] Threat Modeling of Cyber-Physical Systems-A Case Study of a Microgrid System
    Khalil, Shaymaa Mamdouh
    Bahsi, Hayretdin
    Dola, Henry Ochieng'
    Korotko, Tarmo
    McLaughlin, Kieran
    Kotkas, Vahur
    COMPUTERS & SECURITY, 2023, 124
  • [8] Modeling Architectures of Cyber-Physical Systems
    Kusmenko, Evgeny
    Roth, Alexander
    Rumpe, Bernhard
    von Wenckstern, Michael
    MODELLING FOUNDATIONS AND APPLICATIONS, ECMFA 2017, 2017, 10376 : 34 - 50
  • [9] Modeling security in cyber-physical systems
    Burmester, Mike
    Magkos, Ernmanouil
    Chrissikopoulos, Vassilis
    INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2012, 5 (3-4) : 118 - 126
  • [10] Context modeling for cyber-physical systems
    Daun, Marian
    Tenbergen, Bastian
    JOURNAL OF SOFTWARE-EVOLUTION AND PROCESS, 2023, 35 (07)
12345