A domain-specific modeling framework for attack surface modeling

Fecha

2020-01-01

Autores

Sun, T.N.
Drouot, B.
Golra, F.R.
Champeau, J.
Guerin, S.
Le Roux, L.
Mazo, R.
Teodorov, C.
Van Aertryck, L.
L'Hostis, B.

Título de la revista

ISSN de la revista

Título del volumen

Editor

SciTePress

Resumen

Cybersecurity is becoming vital as industries are gradually moving from automating physical processes to a higher level automation using cyber physical systems (CPS) and internet of things (IoT). In this context, security is becoming a continuous process that runs in parallel to other processes during the complete life cycle of a system. Traditional threat analysis methods use design models alongside threat models as an input for security analysis, hence missing the life-cycle-based dynamicity required by the security concern. In this paper, we argue for an attacker-aware systems modeling language that exposes the systems attack surfaces. For this purpose, we have designed Pimca, a domain specific modeling language geared towards capturing the attacker point of view of the system. This study introduces the formalism along with the Pimca workbench, a framework designed to ease the development and manipulation of the Pimca models. Finally, we present two relevant use cases, serving as a preliminary validation of our approach. © Copyright 2020 by SCITEPRESS - Science and Technology Publications, Lda. All rights reserved.

Descripción

Palabras clave

Citación

URI

http://hdl.handle.net/10784/28778

Colecciones

Documentos de conferencia