Högskolan i Skövde

his.sePublikationer
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Towards Threat Modeling for CPS-based Critical Infrastructure Protection
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Distribuerade realtidssystem (DRTS), Distributed Real-Time Systems)ORCID-id: 0000-0002-8927-0968
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Distribuerade realtidssystem (DRTS), Distributed Real-Time Systems)ORCID-id: 0000-0002-1039-5830
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Distribuerade realtidssystem (DRTS), Distributed Real-Time Systems)ORCID-id: 0000-0001-7106-0025
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Distribuerade realtidssystem (DRTS), Distributed Real-Time Systems)ORCID-id: 0000-0002-6662-9034
2015 (Engelska)Ingår i: Proceedings of the International Emergency Management Society (TIEMS), 22nd TIEMS Annual Conference: Evolving threats and vulnerability landscape: new challenges for the emergency management / [ed] Snjezana Knezic & Meen Poudyal Chhetri, Brussels: TIEMS, The International Emergency Management Society , 2015, Vol. 22Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

With the evolution of modern Critical Infrastructures (CI), more Cyber-Physical systems are integrated into the traditional CIs. This makes the CIs a multidimensional complex system, which is characterized by integrating cyber-physical systems into CI sectors (e.g., transportation, energy or food & agriculture). This integration creates complex interdependencies and dynamics among the system and its components. We suggest using a model with a multi-dimensional operational specification to allow detection of operational threats. Embedded (and distributed) information systems are critical parts of the CI where disruption can lead to serious consequences. Embedded information system protection is therefore crucial. As there are many different stakeholders of a CI, comprehensive protection must be viewed as a cross-sector activity to identify and monitor the critical elements, evaluate and determine the threat, and eliminate potential vulnerabilities in the CI. A systematic approach to threat modeling is necessary to support the CI threat and vulnerability assessment. We suggest a Threat Graph Model (TGM) to systematically model the complex CIs. Such modeling is expected to help the understanding of the nature of a threat and its impact on throughout the system. In order to handle threat cascading, the model must capture local vulnerabilities as well as how a threat might propagate to other components. The model can be used for improving the resilience of the CI by encouraging a design that enhances the system's ability to predict threats and mitigate their damages. This paper surveys and investigates the various threats and current approaches to threat modeling of CI. We suggest integrating both a vulnerability model and an attack model, and we incorporate the interdependencies within CI cross CI sectors. Finally, we present a multi-dimensional threat modeling approach for critical infrastructure protection.

Ort, förlag, år, upplaga, sidor
Brussels: TIEMS, The International Emergency Management Society , 2015. Vol. 22
Nyckelord [en]
Critical infrastructure protection (CIP), threat modeling, threat cascading, threat mitigation
Nationell ämneskategori
Data- och informationsvetenskap
Forskningsämne
Naturvetenskap; Teknik; Distribuerade realtidssystem (DRTS)
Identifikatorer
URN: urn:nbn:se:his:diva-11622ISBN: 978-94-90297-13-8 (tryckt)OAI: oai:DiVA.org:his-11622DiVA, id: diva2:862516
Konferens
The 22nd International Emergency Management Society (TIEMS) Annual Conference, Rome, Italy, 30th September – 2nd October 2015
Tillgänglig från: 2015-10-22 Skapad: 2015-10-22 Senast uppdaterad: 2019-01-22Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Person

Ding, JianguoLindström, BirgittaMathiason, GunnarAndler, Sten F.

Sök vidare i DiVA

Av författaren/redaktören
Ding, JianguoLindström, BirgittaMathiason, GunnarAndler, Sten F.
Av organisationen
Institutionen för informationsteknologiForskningscentrum för Informationsteknologi
Data- och informationsvetenskap

Sök vidare utanför DiVA

GoogleGoogle Scholar

isbn
urn-nbn

Altmetricpoäng

isbn
urn-nbn
Totalt: 2188 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf