A domain-specific modeling framework for attack surface modeling

dc.contributor.authorSun, T.N.
dc.contributor.authorDrouot, B.
dc.contributor.authorGolra, F.R.
dc.contributor.authorChampeau, J.
dc.contributor.authorGuerin, S.
dc.contributor.authorLe Roux, L.
dc.contributor.authorMazo, R.
dc.contributor.authorTeodorov, C.
dc.contributor.authorVan Aertryck, L.
dc.contributor.authorL'Hostis, B.
dc.contributor.departmentUniversidad EAFIT. Departamento de Ingeniería de Sistemasspa
dc.contributor.researchgroupI+D+I en Tecnologías de la Información y las Comunicacionesspa
dc.date.accessioned2021-04-12T21:07:09Z
dc.date.available2021-04-12T21:07:09Z
dc.date.issued2020-01-01
dc.description.abstractCybersecurity is becoming vital as industries are gradually moving from automating physical processes to a higher level automation using cyber physical systems (CPS) and internet of things (IoT). In this context, security is becoming a continuous process that runs in parallel to other processes during the complete life cycle of a system. Traditional threat analysis methods use design models alongside threat models as an input for security analysis, hence missing the life-cycle-based dynamicity required by the security concern. In this paper, we argue for an attacker-aware systems modeling language that exposes the systems attack surfaces. For this purpose, we have designed Pimca, a domain specific modeling language geared towards capturing the attacker point of view of the system. This study introduces the formalism along with the Pimca workbench, a framework designed to ease the development and manipulation of the Pimca models. Finally, we present two relevant use cases, serving as a preliminary validation of our approach. © Copyright 2020 by SCITEPRESS - Science and Technology Publications, Lda. All rights reserved.eng
dc.identifierhttps://eafit.fundanetsuite.com/Publicaciones/ProdCientif/PublicacionFrw.aspx?id=11963
dc.identifier.doi10.5220/0008916203410348
dc.identifier.isbn9789897583995
dc.identifier.otherWOS;000570766300034
dc.identifier.otherSCOPUS;2-s2.0-85083036006
dc.identifier.urihttp://hdl.handle.net/10784/28778
dc.language.isoeng
dc.publisherSciTePress
dc.relation.urihttps://www.scopus.com/inward/record.uri?eid=2-s2.0-85083036006&partnerID=40&md5=49425adc9fcb4180c0b2f02fdad55c8b
dc.rightsSciTePress
dc.sourceA Domain-Specific Modeling Framework For Attack Surface Modeling
dc.subject.keywordEmbeddedeng
dc.subject.keywordsystemseng
dc.subject.keywordInformationeng
dc.subject.keywordsystemseng
dc.subject.keywordInformationeng
dc.subject.keyworduseeng
dc.subject.keywordInterneteng
dc.subject.keywordofeng
dc.subject.keywordthingseng
dc.subject.keywordLifeeng
dc.subject.keywordcycleeng
dc.subject.keywordSpecificationeng
dc.subject.keywordlanguages,eng
dc.subject.keywordContinuouseng
dc.subject.keywordprocesseng
dc.subject.keywordCyber-physicaleng
dc.subject.keywordsystemseng
dc.subject.keyword(CPS)eng
dc.subject.keywordDomaineng
dc.subject.keywordspecificeng
dc.subject.keywordmodelingeng
dc.subject.keywordDomaineng
dc.subject.keywordspecificeng
dc.subject.keywordmodelingeng
dc.subject.keywordlanguageseng
dc.subject.keywordInterneteng
dc.subject.keywordofeng
dc.subject.keywordThingseng
dc.subject.keyword(IOT)eng
dc.subject.keywordSecurityeng
dc.subject.keywordanalysiseng
dc.subject.keywordSurfaceeng
dc.subject.keywordmodelingeng
dc.subject.keywordSystemseng
dc.subject.keywordmodelingeng
dc.subject.keywordlanguages,eng
dc.subject.keywordModelingeng
dc.subject.keywordlanguageseng
dc.titleA domain-specific modeling framework for attack surface modelingeng
dc.typeinfo:eu-repo/semantics/conferencePapereng
dc.typeconferencePapereng
dc.typeinfo:eu-repo/semantics/publishedVersioneng
dc.typepublishedVersioneng
dc.type.localDocumento de conferenciaspa

Archivos