Tool-assisted Threat Modeling for Smart Grid Cyber Security

Threat modeling is about identifying architectural flaws and weaknesses in a system in order to mitigate them and avoid unwanted incidents caused by an attacker. Tool assisted threat modeling has seen limited use in complex cyber physical systems involving both Information Technology (IT) and Operational Technology (OT) systems. In this paper, we investigate the applicability of tool-assisted threat modeling to the complex cyber-physical system that is the smart grid, and present a new Smart Grid template for the Microsoft Threat Modeling Tool. We demonstrate benefits of our smart grid threat modeling template on a use-case, and discuss limitations.acceptedVersio

Smart Grid Threat Modelling Tool Documentation

publishedVersio

Automated Interactive Threat Analysis of IT Architectures

Threat modeling or architectural risk analysis (ARA) is a process to find cybersecurity threats in an IT system by analyzing its architecture. Because of the large number of possible threats to consider in such an analysis, it helps to automate it. Automatic application of threat analysis rules gives more consistent results and reduces the dependency on expert knowledge in threat modeling, but asks the threat modeler to annotate the architecture with relevant information. The threat modeler will however still have to know what information to provide. In this disclosure we describe a system that interactively asks the threat modeler to supply such information, based on the analysis rules. This reduces the dependency on expert knowledge even further

Threat Modeling of Cyber-Physical Systems in Practice

Traditional Cyber-physical Systems(CPSs) were not built with cybersecurity in mind. They operated on separate Operational Technology (OT) networks. As these systems now become more integrated with Information Technology (IT) networks based on IP, they expose vulnerabilities that can be exploited by the attackers through these IT networks. The attackers can control such systems and cause behavior that jeopardizes the performance and safety measures that were originally designed into the system. In this paper, we explore the approaches to identify threats to CPSs and ensure the quality of the created threat models. The study involves interviews with eleven security experts working in security consultation companies, software engineering companies, an Original Equipment Manufacturer (OEM),and ground and areal vehicles integrators. We found through these interviews that the practitioners use a combination of various threat modeling methods, approaches, and standards together when they perform threat modeling of given CPSs. key challenges practitioners face are: they cannot transfer the threat modeling knowledge that they acquire in a cyber-physical domain to other domains, threat models of modified systems are often not updated, and the reliance on mostly peer-evaluation and quality checklists to ensure the quality of threat models. The study warns about the difficulty to develop secure CPSs and calls for research on developing practical threat modeling methods for CPSs, techniques for continuous threat modeling, and techniques to ensure the quality of threat models

Connecting the Dots: An Assessment of Cyber-risks in Networked Building and Municipal Infrastructure Systems

The buildings and city streets we walk down are changing. Driven by various data-driven use cases, there is increased interest in networking and integrating lighting and other building systems (e.g., heating, ventilation, and air conditioning (HVAC), security, scheduling) that were previously not internet-facing, and equipping them with sensors that collect information about their environment and the people that inhabit it. These data-enabled systems can potentially deliver improved occupant and resident experiences and help meet the U.S. Department of Energy (DOE) national energy and carbon reduction goals. Deploying connected devices new to being networked, however, is not without its challenges. This paper explores tools available to system designers and integrators that facilitate a cybersecurity landscape assessment – or more specifically the identification of threats, vulnerabilities, and adversarial behaviors that could be used against these networked systems. These assessments can help stakeholders shift security prioritization proactively toward the beginning of the development process

Integración de metodología de seguridad en entornos de desarrollo web

El trabajo aborda el análisis de los ciclos de desarrollo de un departamento de desarrollo de software, el estudio de las soluciones implementadas por otras empresas y la implementación e integración, en la metodología de desarrollo actual, de nuevos procedimientos de seguridad. Esto ha llevado al desarrollo de una plataforma de seguridad en la que poder hacer el seguimiento de una aplicación web, desde su diseño, pasando por todo el proceso de desarrollo, hasta su entrega al cliente