Litcius/Paper detail

Threat Modeling of Cyber-Physical Systems - A Case Study of a Microgrid System

Shaymaa Mamdouh Khalil, Hayretdin Bahşi, Henry Ochieng’ Dola, Tarmo Korõtko, Kieran McLaughlin, Vahur Kotkas

2022Computers & Security65 citationsDOIOpen Access PDF

Abstract

Cyber threat modeling is an analytical process that is used for identifying the potential threats against a system and supporting the selection of security requirements in the early stages of the system development life cycle. Thus, threat modeling is a vital instrument for the realization of the secure-by-design principle. Despite being a well-known practice in software development projects, its adaptation to cyber-physical systems still requires systematic elaboration. The complex interactions between cyber and physical spaces and their reflection on the cyber threat landscape constitute a significant challenge for the system development teams. This study proposes a detailed methodology to apply STRIDE to cyber-physical systems and demonstrates its applicability in a case study of a microgrid system. Our methodology provides a systematic threat elicitation procedure based on an attack taxonomy that was created for this research. This paper also shows how assets could be identified, data flow diagrams formed, trust boundaries determined, and threats prioritized, in the case of a cyber-physical system.

Topics & Concepts

Cyber-physical systemComputer scienceComputer securityProcess (computing)Adaptation (eye)Threat modelSystem of systemsUnified Modeling LanguageSystems engineeringRisk analysis (engineering)Process managementSoftwareSystems designSoftware engineeringEngineeringOperating systemMedicineProgramming languageOpticsPhysicsSmart Grid Security and ResilienceInformation and Cyber SecurityAdvanced Malware Detection Techniques