Integrating Threat Modeling and Automated Test Case Generation into Industrialized Software Security Testing
This addresses security vulnerabilities in IIoT systems, but appears incremental as it builds on existing threat modeling and test automation methods.
The paper tackles the problem of new security threats in Industrial Internet of Things (IIoT) applications due to increased system integration, and presents an approach to automate security testing by integrating threat modeling with automated test case generation.
Industrial Internet of Things (IIoT) application provide a whole new set of possibilities to drive efficiency of industrial production forward. However, with the higher degree of integration among systems, comes a plethora of newthreats to the latter, as they are not yet designed to be broadly reachable and interoperable. To mitigate these vast amount of new threats, systematic and automated test methods are necessary. This comprehensiveness can be achieved by thorough threat modeling. In order to automate security test, we present an approach to automate the testing process from threat modeling onward, closing the gap between threat modeling and automated test case generation.