Abstract

Cyber threat modeling is an analytical process that is used for identifying the potential threats against a system and supporting the selection of security requirements in the early stages of the system development life cycle. Thus, threat modeling is a vital instrument for the realization of the secure-by-design principle. Despite being a well-known practice in software development projects, its adaptation to cyber-physical systems still requires systematic elaboration. The complex interactions between cyber and physical spaces and their reflection on the cyber threat landscape constitute a significant challenge for the system development teams. This study proposes a detailed methodology to apply STRIDE to cyber-physical systems and demonstrates its applicability in a case study of a microgrid system. Our methodology provides a systematic threat elicitation procedure based on an attack taxonomy that was created for this research. This paper also shows how assets could be identified, data flow diagrams formed, trust boundaries determined, and threats prioritized, in the case of a cyber-physical system.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Security and Privacy Aspect of Cyber Physical Systems
Umesh Kumar Singh ... Pragya Singh Tomar
-
Umesh Kumar Singh, et. al.Umesh Kumar Singh ... Pragya Singh Tomar
27 Dec 2022
Taxonomy of Attacks for Agent-Based Smart Grids
Jiankun Hu ... Song Guo
IEEE Transactions on Parallel and Distributed Systems | VOL. 25
Jiankun Hu, et. al.Jiankun Hu ... Song Guo
01 Jul 2014
Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies
Ioannis Zografopoulos ... Xiaorui Liu
IEEE Access | VOL. 9
Ioannis Zografopoulos, et. al.Ioannis Zografopoulos ... Xiaorui Liu
01 Jan 2020
An Evaluation of Cyber Physical System (CPS) or Intelligent System in Which a Mechanism is Controlled or Monitored by Computer Based Algorithms
Dr.M.Aruna Safali ... Elangovan Muniyandy
Technoarete Transactions on Industrial Robotics and Automation Systems | VOL. 2
Dr.M.Aruna Safali, et. al.Dr.M.Aruna Safali ... Elangovan Muniyandy
15 Jun 2022
View more papers

More From: Computers & Security

Paper Title
Journal
Date
Author
Web of shadows: Investigating malware abuse of internet services
Mauro Allegretta ... Juan Caballero
Computers & Security | VOL. -
Mauro Allegretta, et. al.Mauro Allegretta ... Juan Caballero
01 Nov 2024
SecKG2vec: A Novel Security Knowledge Graph Relational Reasoning Method based on Semantic and Structural Fusion Embedding
Xiaojian Liu ... Wen Gu
Computers & Security | VOL. -
Xiaojian Liu, et. al.Xiaojian Liu ... Wen Gu
01 Nov 2024
Genetic programming for enhanced detection of Advanced Persistent Threats through feature construction
Abdullah Al Mamun ... Seyit Camtepe
Computers & Security | VOL. -
Abdullah Al Mamun, et. al.Abdullah Al Mamun ... Seyit Camtepe
01 Nov 2024
Privacy protection against user profiling through optimal data generalization
César Gil ... Jordi Forné
Computers & Security | VOL. -
César Gil, et. al.César Gil ... Jordi Forné
01 Nov 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.