Model the System from Adversary Viewpoint: Threats Identification & Modeling

Abstract :

Security attacks are hard to understand, often expressed with unfriendly and limited details, making it difficult for security experts and for security analysts to create intelligible security specifications. For instance, to explain ”Why” (attack objective), ”What” (i.e., system as- sets, goals, etc.), and ”How” (attack method), adversary achieved his at- tack goals. We introduce in this paper a security attack meta-model for our SysML-Sec framework [17], developed to improve the threat identification and modeling through the explicit representation of security concerns with knowledge representation techniques. Our proposed meta- model enables the specification of these concerns through ontological concepts which define the semantics of the security artifacts and introduced using SysML-Sec diagrams. This meta-model also enables representing the relationships that tie several such concepts together. This representation is then used for reasoning about the knowledge introduced by system designers as well as security experts through the graphical environment of the SysML-Sec framework.

Keywords : Security attacks SysML
Complete list of metadatas

https://hal.telecom-paristech.fr/hal-02286972
Contributor : Telecomparis Hal <>
Submitted on : Friday, September 13, 2019 - 4:26:01 PM
Last modification on : Tuesday, November 5, 2019 - 9:32:04 AM

Identifiers

  • HAL Id : hal-02286972, version 1

Citation

Muhammad Sabir Idrees, Yves Roudier, Ludovic Apvrille. Model the System from Adversary Viewpoint: Threats Identification & Modeling. AIDP workshop, IFIP-SEC conference, Jun 2014, Marrakech, Morocco. ⟨hal-02286972⟩

Share

Metrics

Record views

10