Threat modeling for security assessment in cyberphysical systems

Authors:
Janusz Zalewski;Steven Drager;William McKeever;Andrew J. Kornecki
Affiliations:
Florida Gulf Coast University, Ft. Myers, FL;Air Force Research Lab, Rome, NY;Air Force Research Lab, Rome, NY;Embry-Riddle Aeronautical University, Daytona Beach, FL
Venue:
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Year:
2013

Citing 8
Cited 0

Safeware: system safety and computers

Safeware: system safety and computers
Threat Modeling

Threat Modeling
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities

The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
Threat Modeling: Diving into the Deep End

IEEE Software
Measuring Security

IEEE Security and Privacy
Developer-Driven Threat Modeling: Lessons Learned in the Trenches

IEEE Security and Privacy
Can we measure security and how?

Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Availability Assessment of Embedded Systems with Security Vulnerabilities

SEW '11 Proceedings of the 2011 IEEE 34th Software Engineering Workshop

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, threat modeling issues in cyberphysical systems are discussed. First a generic model of a cyberphysical system is outlined, with an attack surface suitable for security analysis. Then, a case study of network communication in a road vehicle is presented, with its behavior modeled by a discrete time Markov chain, under the assumption that security violations can cause gradual degradation of functionality. Finally, two ways of numerical assessment of vulnerabilities are analyzed, to help better estimate probabilities of state changes in a Markov model.