A Domain-specific Modeling Framework for Attack Surface Modeling - ENSTA Bretagne - École nationale supérieure de techniques avancées Bretagne Accéder directement au contenu
Communication Dans Un Congrès Année : 2020

A Domain-specific Modeling Framework for Attack Surface Modeling

Tithnara Nicolas Sun
  • Fonction : Auteur
Bastien Drouot
Joël Champeau
Sylvain Guerin
Raul Mazo
Ciprian Teodorov
Lionel Van Aertryck
  • Fonction : Auteur
Bernard L ' Hostis
  • Fonction : Auteur

Résumé

Cybersecurity is becoming vital as industries are gradually moving from automating physical processes to a higher level automation using cyber physical systems (CPS) and internet of things (IoT). In this context, security is becoming a continuous process that runs in parallel to other processes during the complete life cycle of a system. Traditional threat analysis methods use design models alongside threat models as an input for security analysis, hence missing the life-cycle-based dynamicity required by the security concern. In this paper, we argue for an attacker-aware systems modeling language that exposes the systems attack surfaces. For this purpose, we have designed Pimca, a domain specific modeling language geared towards capturing the attacker point of view of the system. This study introduces the formalism along with the Pimca workbench, a framework designed to ease the development and manipulation of the Pimca models. Finally, we present two relevant use cases, serving as a preliminary validation of our approach.
Fichier principal
Vignette du fichier
2020_A Domain-specific Modeling Framework for Attack Surface Modeling_ICISSP.pdf (528.36 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-02502387 , version 1 (10-03-2020)

Identifiants

Citer

Tithnara Nicolas Sun, Bastien Drouot, Fahad R Golra, Joël Champeau, Sylvain Guerin, et al.. A Domain-specific Modeling Framework for Attack Surface Modeling. ICISSP 2020 : 6th International Conference on Information Systems Security and Privacy, Feb 2020, Valetta, Malta. pp.341 - 348, ⟨10.5220/0008916203410348⟩. ⟨hal-02502387⟩
302 Consultations
307 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More