Abstract
Security analysis as the initial step of security engineering is of utmost importance. Current approaches are mostly manual and neither connected to system engineering nor following established model-based approaches. We present here a novel approach to automatically derive Attack Trees based on a system model, enhanced with security-related information. The approach is based on STRIDE Threat Modeling, but utilizes a set of novel features to identify potential attack paths. With this, new regulations, requiring security analysis for more domains can be addressed and we enable system engineers to evaluate the security during design time and follow a risk-based security-by-design approach.
Originalsprache | Englisch |
---|---|
Titel | Proceedings of IEEE/IFIP Network Operations and Management Symposium 2023 |
Redakteure/-innen | Kemal Akkaya, Olivier Festor, Carol Fung, Mohammad Ashiqur Rahman, Lisandro Zambenedetti Granville, Carlos Raniery Paula dos Santos |
Seiten | 1-5 |
ISBN (elektronisch) | 978-1-6654 -7716-1 |
Publikationsstatus | Veröffentlicht - 2023 |
Veranstaltung | 2ND IEEE/IFIP INTERNATIONAL WORKSHOP ON TECHNOLOGIES FOR NETWORK TWINS (TNT 2023) & 4TH WORKSHOP ON MANAGEMENT FOR INDUSTRY 5.0 (MFI5.0 2023) - Miami, Miami, USA/Vereinigte Staaten Dauer: 8 Mai 2023 → … https://noms2023.ieee-noms.org/program/workshops/2nd-ieeeifip-international-workshop-technologies-network-twins-tnt-2023-4th |
Workshop
Workshop | 2ND IEEE/IFIP INTERNATIONAL WORKSHOP ON TECHNOLOGIES FOR NETWORK TWINS (TNT 2023) & 4TH WORKSHOP ON MANAGEMENT FOR INDUSTRY 5.0 (MFI5.0 2023) |
---|---|
Kurztitel | MFI5.0 |
Land/Gebiet | USA/Vereinigte Staaten |
Stadt | Miami |
Zeitraum | 8/05/23 → … |
Internetadresse |
Research Field
- Dependable Systems Engineering