Enabling Model-Based Security Engineering - Automated Attack Tree Generation in ThreatGet

Publikation: Beitrag in Buch oder TagungsbandVortrag mit Beitrag in TagungsbandBegutachtung

Abstract

Security analysis as the initial step of security engineering is of utmost importance. Current approaches are mostly manual and neither connected to system engineering nor following established model-based approaches. We present here a novel approach to automatically derive Attack Trees based on a system model, enhanced with security-related information. The approach is based on STRIDE Threat Modeling, but utilizes a set of novel features to identify potential attack paths. With this, new regulations, requiring security analysis for more domains can be addressed and we enable system engineers to evaluate the security during design time and follow a risk-based security-by-design approach.
OriginalspracheEnglisch
TitelProceedings of IEEE/IFIP Network Operations and Management Symposium 2023
Redakteure/-innenKemal Akkaya, Olivier Festor, Carol Fung, Mohammad Ashiqur Rahman, Lisandro Zambenedetti Granville, Carlos Raniery Paula dos Santos
Seiten1-5
ISBN (elektronisch) 978-1-6654 -7716-1
PublikationsstatusVeröffentlicht - 2023
Veranstaltung2ND IEEE/IFIP INTERNATIONAL WORKSHOP ON TECHNOLOGIES FOR NETWORK TWINS (TNT 2023) & 4TH WORKSHOP ON MANAGEMENT FOR INDUSTRY 5.0 (MFI5.0 2023) - Miami, Miami, USA/Vereinigte Staaten
Dauer: 8 Mai 2023 → …
https://noms2023.ieee-noms.org/program/workshops/2nd-ieeeifip-international-workshop-technologies-network-twins-tnt-2023-4th

Workshop

Workshop2ND IEEE/IFIP INTERNATIONAL WORKSHOP ON TECHNOLOGIES FOR NETWORK TWINS (TNT 2023) & 4TH WORKSHOP ON MANAGEMENT FOR INDUSTRY 5.0 (MFI5.0 2023)
KurztitelMFI5.0
Land/GebietUSA/Vereinigte Staaten
StadtMiami
Zeitraum8/05/23 → …
Internetadresse

Research Field

  • Dependable Systems Engineering

Fingerprint

Untersuchen Sie die Forschungsthemen von „Enabling Model-Based Security Engineering - Automated Attack Tree Generation in ThreatGet“. Zusammen bilden sie einen einzigartigen Fingerprint.

Diese Publikation zitieren