Accéder directement au contenu Accéder directement à la navigation
Communication dans un congrès

A Domain-specific Modeling Framework for Attack Surface Modeling

Abstract : Cybersecurity is becoming vital as industries are gradually moving from automating physical processes to a higher level automation using cyber physical systems (CPS) and internet of things (IoT). In this context, security is becoming a continuous process that runs in parallel to other processes during the complete life cycle of a system. Traditional threat analysis methods use design models alongside threat models as an input for security analysis, hence missing the life-cycle-based dynamicity required by the security concern. In this paper, we argue for an attacker-aware systems modeling language that exposes the systems attack surfaces. For this purpose, we have designed Pimca, a domain specific modeling language geared towards capturing the attacker point of view of the system. This study introduces the formalism along with the Pimca workbench, a framework designed to ease the development and manipulation of the Pimca models. Finally, we present two relevant use cases, serving as a preliminary validation of our approach.
Type de document :
Communication dans un congrès
Liste complète des métadonnées

Littérature citée [17 références]  Voir  Masquer  Télécharger
Contributeur : Raul Mazo <>
Soumis le : mardi 10 mars 2020 - 11:26:51
Dernière modification le : mardi 1 décembre 2020 - 09:38:32
Archivage à long terme le : : jeudi 11 juin 2020 - 14:17:35


2020_A Domain-specific Modelin...
Fichiers produits par l'(les) auteur(s)



Tithnara Sun, Bastien Drouot, Fahad Golra, Joël Champeau, Sylvain Guerin, et al.. A Domain-specific Modeling Framework for Attack Surface Modeling. ICISSP 2020 : 6th International Conference on Information Systems Security and Privacy, Feb 2020, Valetta, Malta. pp.341 - 348, ⟨10.5220/0008916203410348⟩. ⟨hal-02502387⟩



Consultations de la notice


Téléchargements de fichiers