67 research outputs found
Tool-assisted Threat Modeling for Smart Grid Cyber Security
Threat modeling is about identifying architectural flaws and weaknesses in a system in order to mitigate them and avoid unwanted incidents caused by an attacker. Tool assisted threat modeling has seen limited use in complex cyber physical systems involving both Information Technology (IT) and Operational Technology (OT) systems. In this paper, we investigate the applicability of tool-assisted threat modeling to the complex cyber-physical system that is the smart grid, and present a new Smart Grid template for the Microsoft Threat Modeling Tool. We demonstrate benefits of our smart grid threat modeling template on a use-case, and discuss limitations.acceptedVersio
Automated Interactive Threat Analysis of IT Architectures
Threat modeling or architectural risk analysis (ARA) is a process to find cybersecurity threats in an IT system by analyzing its architecture. Because of the large number of possible threats to consider in such an analysis, it helps to automate it. Automatic application of threat analysis rules gives more consistent results and reduces the dependency on expert knowledge in threat modeling, but asks the threat modeler to annotate the architecture with relevant information. The threat modeler will however still have to know what information to provide. In this disclosure we describe a system that interactively asks the threat modeler to supply such information, based on the analysis rules. This reduces the dependency on expert knowledge even further
Threat Modeling of Cyber-Physical Systems in Practice
Traditional Cyber-physical Systems(CPSs) were not built with cybersecurity in
mind. They operated on separate Operational Technology (OT) networks. As these
systems now become more integrated with Information Technology (IT) networks
based on IP, they expose vulnerabilities that can be exploited by the attackers
through these IT networks. The attackers can control such systems and cause
behavior that jeopardizes the performance and safety measures that were
originally designed into the system. In this paper, we explore the approaches
to identify threats to CPSs and ensure the quality of the created threat
models. The study involves interviews with eleven security experts working in
security consultation companies, software engineering companies, an Original
Equipment Manufacturer (OEM),and ground and areal vehicles integrators. We
found through these interviews that the practitioners use a combination of
various threat modeling methods, approaches, and standards together when they
perform threat modeling of given CPSs. key challenges practitioners face are:
they cannot transfer the threat modeling knowledge that they acquire in a
cyber-physical domain to other domains, threat models of modified systems are
often not updated, and the reliance on mostly peer-evaluation and quality
checklists to ensure the quality of threat models. The study warns about the
difficulty to develop secure CPSs and calls for research on developing
practical threat modeling methods for CPSs, techniques for continuous threat
modeling, and techniques to ensure the quality of threat models
Connecting the Dots: An Assessment of Cyber-risks in Networked Building and Municipal Infrastructure Systems
The buildings and city streets we walk down are changing. Driven by various data-driven use cases, there is increased interest in networking and integrating lighting and other building systems (e.g., heating, ventilation, and air conditioning (HVAC), security, scheduling) that were previously not internet-facing, and equipping them with sensors that collect information about their environment and the people that inhabit it. These data-enabled systems can potentially deliver improved occupant and resident experiences and help meet the U.S. Department of Energy (DOE) national energy and carbon reduction goals. Deploying connected devices new to being networked, however, is not without its challenges. This paper explores tools available to system designers and integrators that facilitate a cybersecurity landscape assessment – or more specifically the identification of threats, vulnerabilities, and adversarial behaviors that could be used against these networked systems. These assessments can help stakeholders shift security prioritization proactively toward the beginning of the development process
Integración de metodología de seguridad en entornos de desarrollo web
El trabajo aborda el análisis de los ciclos de desarrollo de un departamento de desarrollo de software, el estudio de las soluciones implementadas por otras empresas y la implementación e integración, en la metodología de desarrollo actual, de nuevos procedimientos de seguridad. Esto ha llevado al desarrollo de una plataforma de seguridad en la que poder hacer el seguimiento de una aplicación web, desde su diseño, pasando por todo el proceso de desarrollo, hasta su entrega al cliente
- …