

%0 Conference Proceedings
%T A Domain-specific Modeling Framework for Attack Surface Modeling
%+ Lab-STICC_ENSTAB_ CACS_MOCS
%+ École Nationale Supérieure de Techniques Avancées Bretagne (ENSTA Bretagne)
%A Sun, Tithnara, Nicolas
%A Drouot, Bastien
%A Golra, Fahad, R
%A Champeau, Joël
%A Guerin, Sylvain
%A Le Roux, Luka
%A Mazo, Raul
%A Teodorov, Ciprian
%A Aertryck, Lionel, Van
%A Hostis, Bernard, L &apos;
%< avec comité de lecture
%B ICISSP 2020 : 6th International Conference on Information Systems Security and Privacy
%C Valetta, Malta
%3 Proceedings of the 6th International Conference on Information Systems Security and Privacy
%V 1
%N 978-989-758-399-5
%P 341 - 348
%8 2020-02-25
%D 2020
%R 10.5220/0008916203410348
%K Cyber Security
%K Attack Surface Modeling
%K DSL
%K Modeling
%K Model Federation
%Z Computer Science [cs]/Cryptography and Security [cs.CR]Conference papers
%X Cybersecurity is becoming vital as industries are gradually moving from automating physical processes to a higher level automation using cyber physical systems (CPS) and internet of things (IoT). In this context, security is becoming a continuous process that runs in parallel to other processes during the complete life cycle of a system. Traditional threat analysis methods use design models alongside threat models as an input for security analysis, hence missing the life-cycle-based dynamicity required by the security concern. In this paper, we argue for an attacker-aware systems modeling language that exposes the systems attack surfaces. For this purpose, we have designed Pimca, a domain specific modeling language geared towards capturing the attacker point of view of the system. This study introduces the formalism along with the Pimca workbench, a framework designed to ease the development and manipulation of the Pimca models. Finally, we present two relevant use cases, serving as a preliminary validation of our approach.
%G English
%2 https://hal.science/hal-02502387/document
%2 https://hal.science/hal-02502387/file/2020_A%20Domain-specific%20Modeling%20Framework%20for%20Attack%20Surface%20Modeling_ICISSP.pdf
%L hal-02502387
%U https://hal.science/hal-02502387
%~ UNIV-BREST
%~ INSTITUT-TELECOM
%~ ENSTA-BRETAGNE
%~ CNRS
%~ UNIV-UBS
%~ ENSTA-BRETAGNE-STIC
%~ ENIB
%~ LAB-STICC
%~ INSTITUTS-TELECOM
%~ SILECS
%~ FIT