Model the System from Adversary Viewpoint: Threats Identification and Modeling
This work addresses the problem of unclear security attack specifications for security experts and analysts, though it appears incremental as it builds on an existing framework.
The paper tackles the difficulty of understanding and specifying security attacks by introducing a security attack meta-model within the SysML-Sec framework, which uses ontological concepts and SysML-Sec diagrams to explicitly represent security concerns and enable reasoning about threats.
Security attacks are hard to understand, often expressed with unfriendly and limited details, making it difficult for security experts and for security analysts to create intelligible security specifications. For instance, to explain Why (attack objective), What (i.e., system assets, goals, etc.), and How (attack method), adversary achieved his attack goals. We introduce in this paper a security attack meta-model for our SysML-Sec framework, developed to improve the threat identification and modeling through the explicit representation of security concerns with knowledge representation techniques. Our proposed meta-model enables the specification of these concerns through ontological concepts which define the semantics of the security artifacts and introduced using SysML-Sec diagrams. This meta-model also enables representing the relationships that tie several such concepts together. This representation is then used for reasoning about the knowledge introduced by system designers as well as security experts through the graphical environment of the SysML-Sec framework.