Abstract
Recent technological advances allow us to design and implement sophisticated infrastructures to assist users’ everyday life; technological paradigms such as Intelligent Transportation Systems (ITS) and Multi-modal Transport are excellent instances of those cases. Therefore, a systematic risk evaluation process in conjunction with proper threat identification are essential for environments like those mentioned above as they involve human safety. Threat modelling is the process of identifying and understanding threats while risk analysis is the process of identifying and analyzing potential risks. This research initially focuses on the most widely-used threat modelling and risk analysis approaches and reviewing their characteristics. Then, it presents a service-oriented dynamic risk analysis approach that focuses on Cyber-Physical Systems (CPS) by adopting threat modelling characteristics and by blending other methods and well-established sources to achieve automation in several stages. Finally, it provides the qualitative features of the proposed method and other related threat modelling and risk analysis approaches with a discussion regarding their similarities, differences, advantages and drawbacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
References
The H2020 CitySCAPE Project. https://www.cityscape-project.eu
BSI-Standard 200–1. Information Security Management Systems (ISMS) (2018).https://www.bsi.bund.de/EN/Topics/ITGrundschutz/itgrundschutz_node.htm
BSI-Standard 200–2. IT-Grundschutz-Methodology (2018). https://www.bsi.bund.de/EN/Topics/ITGrundschutz/itgrundschutz_node.htm
BSI-Standard 200–3. Risk Analysis based on IT-Grundschutz (2018). https://www.bsi.bund.de/EN/Topics/ITGrundschutz/itgrundschutz_node.htm
ISO 31000:2018 Risk Management - Guidelines (2018). https://www.iso.org/standard/65694.html
ISO/IEC 27000:2018 Information technology - Security techniques - Information security management systems - Overview and vocabulary (2018). https://www.iso.org/standard/73906.html
ISO/IEC 27005:2018 Information Technology - Security Techniques - Information Security Risk Management (2018). https://www.iso.org/standard/75281.html
IT-Grundschutz-Compendium (2021). https://www.bsi.bund.de/EN/Topics/ITGrundschutz/itgrundschutz_node.htm
Common Attack Pattern Enumeration and Classification (2022). https://capec.mitre.org
Common Vulnerabilities and Exposures (2022). https://cve.mitre.org
Common Weakness Enumeration (2022). https://cwe.mitre.org
Threat Modeling (2022). https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling
Spanish Ministry of Finance & Public Administration. MAGERIT - versión 3.0.Metodología de Análisis y Gestión de Riesgos de los Sistemas de Información. Libro II - Catálogo de Elementos (2012)
Spanish Ministry of Finance & Public Administration. MAGERIT - versión 3.0.Metodología de Análisis y Gestión de Riesgos de los Sistemas de Información. Libro III - Guía de Técnicas (2012)
Spanish Ministry of Finance & Public Administration. MAGERIT-version 3.0.Methodology for Information Systems Risk Analysis and Management. Book I - The Method (2014)
Alberts, C., Behrens, S., Pethia, R., Wilson, W.: Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0. Tech. Rep. CMU/SEI-99-TR-017, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA (1999)
Alberts, C., Dorofee, A., Stevens, J., Woody, C.: Introduction to the OCTAVE Approach (2003)
Alexander, O., Belisle, M., Steele, J.: MITRE ATT &CK® for Industrial Control Systems: Design and Philosophy (2020)
ANNSI. EBIOS Risk Manager (2019). https://www.ssi.gouv.fr/uploads/2019/11/anssi-guide-ebios_risk_manager-en-v1.0.pdf
ANSSI. Label EBIOS Risk Manager: Solutions Logicielles Conformes Ebios Risk Manager (2018). https://www.ssi.gouv.fr/entreprise/management-du-risque/la-methode-ebios-risk-manager/label-ebios-risk-manager-des-outils-pour-faciliter-le-management-du-risque-numerique
Bojanc, R., Jerman-Blažič, B.: A quantitative model for information-security risk management. Eng. Manag. J. 25(2), 25–37 (2013)
Caralli, R., Stevens, J., Young, L., Wilson, W.: Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process. Tech. Rep. CMU/SEI-2007-TR-012, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA (2007). http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8419
CASES. Optimised risk analysis method (2016). https://www.cases.lu/assets/docs/CASES_Monarc2016EN-web.pdf
CASES MONARC. Technical Guide (2021). https://www.monarc.lu/documentation/technical-guide/
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27 (2016)
ENISA. Magerit. https://www.enisa.europa.eu/topics/threat-risk-management/risk-management/current-risk/risk-management-inventory/rm-ra-methods/m_magerit.html
ENISA. Cloud Computing Risk Assessment (2009). https://www.enisa.europa.eu/publications/cloud-computing-risk-assessment
ENISA.. Smartphones: information security risks, opportunities and recommendations for users (2010). https://www.enisa.europa.eu/publications/smartphones-information-security-risks-opportunities-and-recommendations-for-users
ENISA. Smart Grid Threat Landscape and Good Practice Guide (2013). https://www.enisa.europa.eu/publications/smart-grid-threat-landscape-and-good-practice-guide
ENISA. Baseline Security Recommendations for IoT (2017). https://www.enisa.europa.eu/publications/baseline-security-recommendations-for-iot
ENISA. ENISA good practices for security of Smart Cars (2019). https://www.enisa.europa.eu/publications/smart-cars
ENISA. Port Cybersecurity - Good practices for cybersecurity in the maritime sector (2019). https://www.enisa.europa.eu/publications/port-cybersecurity-good-practices-for-cybersecurity-in-the-maritime-sector
ENISA. ENISA Threat Landscape for 5G Networks Report (2020). https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-for-5g-networks
ENISA. Interoperable EU Risk Management Framework (2022). https://www.enisa.europa.eu/publications/interoperable-eu-risk-management-framework
ETSI. Telecommunications and internet converged services and protocols for advanced networking (tispan); methods and protocols; part 1: Method and proforma for threat, risk, vulnerability analysis (2011)
EUR-LEX. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX
Hamad, M., Nolte, M., Prevelakis, V.: Towards comprehensive threat modeling for vehicles. In: The 1st Workshop on Security and Dependability of Critical Embedded Real-Time Systems, p. 31 (2016)
Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Uncover security design flaws using the STRIDE approach (2006). https://docs.microsoft.com/en-us/archive/msdn-magazine/2006/november/uncover-security-design-flaws-using-the-stride-approach
Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Comput. Indust. 137, 103611 (2022)
Mataracioglu, T.: Comparison of PCI DSS and ISO/IEC 27001 Standards. ISACA 1 (2016). https://www.isaca.org/resources/isaca-journal/issues/2016/volume-1/comparison-of-pci-dss-and-isoiec-27001-standards#f1
NIST. Security and Privacy Controls for Information Systems and Organizations. Tech. rep. (2020). https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf
Petit, J., Shladover, S.E.: Potential cyberattacks on automated vehicles. IEEE Trans. Intell. Transp. Syst. 16(2), 546–556 (2015)
Scarfone, K., Mell, P.: An analysis of CVSS version 2 vulnerability scoring. In: 2009 3rd International Symposium on Empirical Software Engineering and Measurement, pp. 516–525. IEEE (2009)
Semertzis, I., Rajkumar, V.S., Ştefanov, A., Fransen, F., Palensky, P.: Quantitative risk assessment of cyber attacks on cyber-physical systems using attack graphs, pp. 1–6 (2022)
Stefan Sacala, I., Pop, E., Alexandru Moisescu, M., Dumitrache, I., Iuliana Caramihai, S., Culita, J.: Enhancing cps architectures with SOA for industry 4.0 enterprise systems. In: 2021 29th Mediterranean Conference on Control and Automation (MED), pp. 71–76 (2021)
Tucker, B.: Advancing Risk Management Capability Using the OCTAVE FORTE Process. Tech. rep., Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA (2020). http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=644636
UcedaVélez, T., Morana, M.M.: Risk Centric Threat Modeling: Process for attack simulation and threat analysis. Wiley (2015). https://www.wiley.com/en-us/Risk+Centric+Threat+Modeling%3A+Process+for+Attack+Simulation+and+Threat+Analysis-p-9780470500965
Vega, R., Arroyo, R., Yoo, S.G.: Experience in applying the analysis and risk management methodology called Magerit to identify threats and vulnerabilities in an agro-industrial company. Int. J. Appl. Eng. Res. 12, 6741–6750 (2017)
Wolf, A., Simopoulos, D., D’Avino, L., Schwaiger, P.: The PASTA threat model implementation in the IoT development life cycle. INFORMATIK 2020, 1195–1204 (2021)
Wuyts, K., Joosen, W.: Linddun privacy threat modeling: A tutorial (2015). https://lirias.kuleuven.be/retrieve/331950
Wuyts, K., Van Landuyt, D., Hovsepyan, A., Joosen, W.: Effective and efficient privacy threat modeling through domain refinements. In: Proceedings of the 33rd Annual ACM Symposium on Applied Computing (SAC ’18), pp. 1175–1178. Association for Computing Machinery, New York (2018)
Xiong, W., Lagerström, R.: Threat modeling - A systematic literature review. Comput. Secur. 84, 53–69 (2019)
Zeddini, B., Maachaoui, M., Inedjaren, Y.: Security threats in intelligent transportation systems and their risk levels. Risks 10(5) (2022)
Acknowledgment
This work is a part of the CitySCAPE project. CitySCAPE has received funding from the European Union’s Horizon 2020 research & innovation programme under grant agreement no 883321. Content reflects only the authors’ view and European Commission is not responsible for any use that may be made of the information it contains.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Lyvas, C. et al. (2023). A Hybrid Dynamic Risk Analysis Methodology for Cyber-Physical Systems. In: Katsikas, S., et al. Computer Security. ESORICS 2022 International Workshops. ESORICS 2022. Lecture Notes in Computer Science, vol 13785. Springer, Cham. https://doi.org/10.1007/978-3-031-25460-4_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-25460-4_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-25459-8
Online ISBN: 978-3-031-25460-4
eBook Packages: Computer ScienceComputer Science (R0)