A domain-specific modeling framework for attack surface modeling
dc.contributor.author | Sun, T.N. | |
dc.contributor.author | Drouot, B. | |
dc.contributor.author | Golra, F.R. | |
dc.contributor.author | Champeau, J. | |
dc.contributor.author | Guerin, S. | |
dc.contributor.author | Le Roux, L. | |
dc.contributor.author | Mazo, R. | |
dc.contributor.author | Teodorov, C. | |
dc.contributor.author | Van Aertryck, L. | |
dc.contributor.author | L'Hostis, B. | |
dc.contributor.department | Universidad EAFIT. Departamento de Ingeniería de Sistemas | spa |
dc.contributor.researchgroup | I+D+I en Tecnologías de la Información y las Comunicaciones | spa |
dc.date.accessioned | 2021-04-12T21:07:09Z | |
dc.date.available | 2021-04-12T21:07:09Z | |
dc.date.issued | 2020-01-01 | |
dc.description.abstract | Cybersecurity is becoming vital as industries are gradually moving from automating physical processes to a higher level automation using cyber physical systems (CPS) and internet of things (IoT). In this context, security is becoming a continuous process that runs in parallel to other processes during the complete life cycle of a system. Traditional threat analysis methods use design models alongside threat models as an input for security analysis, hence missing the life-cycle-based dynamicity required by the security concern. In this paper, we argue for an attacker-aware systems modeling language that exposes the systems attack surfaces. For this purpose, we have designed Pimca, a domain specific modeling language geared towards capturing the attacker point of view of the system. This study introduces the formalism along with the Pimca workbench, a framework designed to ease the development and manipulation of the Pimca models. Finally, we present two relevant use cases, serving as a preliminary validation of our approach. © Copyright 2020 by SCITEPRESS - Science and Technology Publications, Lda. All rights reserved. | eng |
dc.identifier | https://eafit.fundanetsuite.com/Publicaciones/ProdCientif/PublicacionFrw.aspx?id=11963 | |
dc.identifier.doi | 10.5220/0008916203410348 | |
dc.identifier.isbn | 9789897583995 | |
dc.identifier.other | WOS;000570766300034 | |
dc.identifier.other | SCOPUS;2-s2.0-85083036006 | |
dc.identifier.uri | http://hdl.handle.net/10784/28778 | |
dc.language.iso | eng | |
dc.publisher | SciTePress | |
dc.relation.uri | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85083036006&partnerID=40&md5=49425adc9fcb4180c0b2f02fdad55c8b | |
dc.rights | SciTePress | |
dc.source | A Domain-Specific Modeling Framework For Attack Surface Modeling | |
dc.subject.keyword | Embedded | eng |
dc.subject.keyword | systems | eng |
dc.subject.keyword | Information | eng |
dc.subject.keyword | systems | eng |
dc.subject.keyword | Information | eng |
dc.subject.keyword | use | eng |
dc.subject.keyword | Internet | eng |
dc.subject.keyword | of | eng |
dc.subject.keyword | things | eng |
dc.subject.keyword | Life | eng |
dc.subject.keyword | cycle | eng |
dc.subject.keyword | Specification | eng |
dc.subject.keyword | languages, | eng |
dc.subject.keyword | Continuous | eng |
dc.subject.keyword | process | eng |
dc.subject.keyword | Cyber-physical | eng |
dc.subject.keyword | systems | eng |
dc.subject.keyword | (CPS) | eng |
dc.subject.keyword | Domain | eng |
dc.subject.keyword | specific | eng |
dc.subject.keyword | modeling | eng |
dc.subject.keyword | Domain | eng |
dc.subject.keyword | specific | eng |
dc.subject.keyword | modeling | eng |
dc.subject.keyword | languages | eng |
dc.subject.keyword | Internet | eng |
dc.subject.keyword | of | eng |
dc.subject.keyword | Things | eng |
dc.subject.keyword | (IOT) | eng |
dc.subject.keyword | Security | eng |
dc.subject.keyword | analysis | eng |
dc.subject.keyword | Surface | eng |
dc.subject.keyword | modeling | eng |
dc.subject.keyword | Systems | eng |
dc.subject.keyword | modeling | eng |
dc.subject.keyword | languages, | eng |
dc.subject.keyword | Modeling | eng |
dc.subject.keyword | languages | eng |
dc.title | A domain-specific modeling framework for attack surface modeling | eng |
dc.type | info:eu-repo/semantics/conferencePaper | eng |
dc.type | conferencePaper | eng |
dc.type | info:eu-repo/semantics/publishedVersion | eng |
dc.type | publishedVersion | eng |
dc.type.local | Documento de conferencia | spa |