AsIf: Asset Interface Analysis of Industrial Automation Devices
- URL: http://arxiv.org/abs/2409.17593v1
- Date: Thu, 26 Sep 2024 07:19:15 GMT
- Title: AsIf: Asset Interface Analysis of Industrial Automation Devices
- Authors: Thomas Rosenstatter, Christian Schäfer, Olaf Saßnick, Stefan Huber,
- Abstract summary: Industrial control systems are increasingly adopting IT solutions, including communication standards and protocols.
As these systems become more decentralized and interconnected, a critical need for enhanced security measures arises.
Threat modeling is traditionally performed in structured brainstorming sessions involving domain and security experts.
We propose a method for the analysis of assets in industrial systems, with special focus on physical threats.
- Score: 1.3216177247621483
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: As Industry 4.0 and the Industrial Internet of Things continue to advance, industrial control systems are increasingly adopting IT solutions, including communication standards and protocols. As these systems become more decentralized and interconnected, a critical need for enhanced security measures arises. Threat modeling is traditionally performed in structured brainstorming sessions involving domain and security experts. Such sessions, however, often fail to provide an exhaustive identification of assets and interfaces due to the lack of a systematic approach. This is a major issue, as it leads to poor threat modeling, resulting in insufficient mitigation strategies and, lastly, a flawed security architecture. We propose a method for the analysis of assets in industrial systems, with special focus on physical threats. Inspired by the ISO/OSI reference model, a systematic approach is introduced to help identify and classify asset interfaces. This results in an enriched system model of the asset, offering a comprehensive overview visually represented as an interface tree, thereby laying the foundation for subsequent threat modeling steps. To demonstrate the proposed method, the results of its application to a programmable logic controller (PLC) are presented. In support of this, a study involving a group of 12 security experts was conducted. Additionally, the study offers valuable insights into the experts' general perspectives and workflows on threat modeling.
Related papers
- EAIRiskBench: Towards Evaluating Physical Risk Awareness for Task Planning of Foundation Model-based Embodied AI Agents [47.69642609574771]
Embodied artificial intelligence (EAI) integrates advanced AI models into physical entities for real-world interaction.
Foundation models as the "brain" of EAI agents for high-level task planning have shown promising results.
However, the deployment of these agents in physical environments presents significant safety challenges.
This study introduces EAIRiskBench, a novel framework for automated physical risk assessment in EAI scenarios.
arXiv Detail & Related papers (2024-08-08T13:19:37Z) - Model-Driven Security Analysis of Self-Sovereign Identity Systems [2.5475486924467075]
We propose a model-driven security analysis framework for analyzing architectural patterns of SSI systems.
Our framework mechanizes a modeling language to formalize patterns and threats with security properties in temporal logic.
We present typical vulnerable patterns verified by SecureSSI.
arXiv Detail & Related papers (2024-06-02T05:44:32Z) - Introducing Systems Thinking as a Framework for Teaching and Assessing Threat Modeling Competency [3.467282314524728]
We propose using systems thinking in conjunction with popular and industry-standard threat modeling frameworks like STRIDE for teaching and assessing threat modeling competency.
Students who had both systems thinking and STRIDE instruction identified and attempted to mitigate component-level and systems-level threats.
arXiv Detail & Related papers (2024-04-25T14:21:15Z) - Mapping LLM Security Landscapes: A Comprehensive Stakeholder Risk Assessment Proposal [0.0]
We propose a risk assessment process using tools like the risk rating methodology which is used for traditional systems.
We conduct scenario analysis to identify potential threat agents and map the dependent system components against vulnerability factors.
We also map threats against three key stakeholder groups.
arXiv Detail & Related papers (2024-03-20T05:17:22Z) - Asset-centric Threat Modeling for AI-based Systems [7.696807063718328]
This paper presents ThreatFinderAI, an approach and tool to model AI-related assets, threats, countermeasures, and quantify residual risks.
To evaluate the practicality of the approach, participants were tasked to recreate a threat model developed by cybersecurity experts of an AI-based healthcare platform.
Overall, the solution's usability was well-perceived and effectively supports threat identification and risk discussion.
arXiv Detail & Related papers (2024-03-11T08:40:01Z) - TMAP: A Threat Modeling and Attack Path Analysis Framework for Industrial IoT Systems (A Case Study of IoM and IoP) [2.9922995594704984]
To deploy secure Industrial Control and Production Systems (ICPS) in smart factories, cyber threats and risks must be addressed.
Current approaches for threat modeling in cyber-physical systems (CPS) are ad hoc and inefficient.
This paper proposes a novel quantitative threat modeling approach, aiming to identify probable attack vectors, assess the path of attacks, and evaluate the magnitude of each vector.
arXiv Detail & Related papers (2023-12-23T18:32:53Z) - Leveraging Traceability to Integrate Safety Analysis Artifacts into the
Software Development Process [51.42800587382228]
Safety assurance cases (SACs) can be challenging to maintain during system evolution.
We propose a solution that leverages software traceability to connect relevant system artifacts to safety analysis models.
We elicit design rationales for system changes to help safety stakeholders analyze the impact of system changes on safety.
arXiv Detail & Related papers (2023-07-14T16:03:27Z) - ThreatKG: An AI-Powered System for Automated Open-Source Cyber Threat Intelligence Gathering and Management [65.0114141380651]
ThreatKG is an automated system for OSCTI gathering and management.
It efficiently collects a large number of OSCTI reports from multiple sources.
It uses specialized AI-based techniques to extract high-quality knowledge about various threat entities.
arXiv Detail & Related papers (2022-12-20T16:13:59Z) - A System for Automated Open-Source Threat Intelligence Gathering and
Management [53.65687495231605]
SecurityKG is a system for automated OSCTI gathering and management.
It uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors.
arXiv Detail & Related papers (2021-01-19T18:31:35Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z) - Towards an Interface Description Template for AI-enabled Systems [77.34726150561087]
Reuse is a common system architecture approach that seeks to instantiate a system architecture with existing components.
There is currently no framework that guides the selection of necessary information to assess their portability to operate in a system different than the one for which the component was originally purposed.
We present ongoing work on establishing an interface description template that captures the main information of an AI-enabled component.
arXiv Detail & Related papers (2020-07-13T20:30:26Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.