A Hybrid Threat Assessment Model for Security of Cyber Physical Systems

Abstract

The scope of Cyber Physical Systems (CPS) is extending from being utilized in ordinary applications to critical infrastructures like smart grids, smart transportation, etc. These systems are vulnerable to security breaches that could result in both financial and human losses. Therefore, it is crucial to make sure these systems are secure. The threat modeling approach is a significant way to ensure security prior to the designing phase of a system. In this paper, we explore the use of threat modeling for the security of CPS. Specifically, we discuss some important threat modeling and assessment techniques including STRIDE, DREAD, and Attack Tree. We also discuss the different threat modeling approaches like attacker-centric, asset-centric, vulnerability-centric, and some hybrid approaches. Based on the diversified mechanisms and capabilities of these techniques, we propose a hybrid threat modeling approach for CPS which is based on STRIDE, DREAD, Attack Tree, and Attack Defense/Countermeasure Tree. Our approach highlights the basic loopholes that require significant attention at the designing phase of the system to the evaluation of risks and their countermeasures. We utilize STRIDE to identify and analyse system threats, DREAD to evaluate the level of risk associated with each threat, Attack Tree to provide an overview of goal achievement strategy through the attacker’s perspective, and Attack Defense or Countermeasure Tree to utilize methods to prevent exploitations.