Security analysis and design are key activities for the protection of critical systems and infrastructures. Traditional approaches consist first in applying a qualitative threat assessment that identifies the attack points. Results are then used as input for the security design such that appropriate countermeasures are selected. In this paper we propose a novel approach for the selection and ranking of security controlling strategies which is driven by quantitative threat analysis based on attack graphs. It consists of two main steps: i) a threat analysis, performed to evaluate attack points and paths identifying those that are feasible, and to rank attack costs from the perspective of an attacker; ii) controlling strategies, to derive the appropriate monitoring rules and the selection of countermeasures are evaluated, based upon the provided values and ranks. Indeed, the exploitation of such threat analysis allows to compare different controlling strategies and to select the one that fits better the given set of functional and security requirements. To exemplify our approach, we adopt part of an electrical power system, the Customer Energy Management System (CEMS), as reference scenario where the steps of threat analysis and security strategies are applied.
On Security Countermeasures Ranking through Threat Analysis / Nicola Nostro; Ilaria Matteucci; Andrea Ceccarelli; Felicita Di Giandomenico; Fabio Martinelli; Andrea Bondavalli. - STAMPA. - 8696:(2014), pp. 243-254. (Intervento presentato al convegno 1st International Workshop on DEvelopment, Verification and VAlidation of cRiTical Systems tenutosi a Florence (Italy) nel September 8-9, 2014) [10.1007/978-3-319-10557-4_27].
On Security Countermeasures Ranking through Threat Analysis
NOSTRO, NICOLA;CECCARELLI, ANDREA;DI GIANDOMENICO, FELICITA;BONDAVALLI, ANDREA
2014
Abstract
Security analysis and design are key activities for the protection of critical systems and infrastructures. Traditional approaches consist first in applying a qualitative threat assessment that identifies the attack points. Results are then used as input for the security design such that appropriate countermeasures are selected. In this paper we propose a novel approach for the selection and ranking of security controlling strategies which is driven by quantitative threat analysis based on attack graphs. It consists of two main steps: i) a threat analysis, performed to evaluate attack points and paths identifying those that are feasible, and to rank attack costs from the perspective of an attacker; ii) controlling strategies, to derive the appropriate monitoring rules and the selection of countermeasures are evaluated, based upon the provided values and ranks. Indeed, the exploitation of such threat analysis allows to compare different controlling strategies and to select the one that fits better the given set of functional and security requirements. To exemplify our approach, we adopt part of an electrical power system, the Customer Energy Management System (CEMS), as reference scenario where the steps of threat analysis and security strategies are applied.
| File | Dimensione | Formato | |
|---|---|---|---|
|
SAFECOMP-2014-Workshops-nostro.pdf
Accesso chiuso
Tipologia:
Altro
Licenza:
Tutti i diritti riservati
Dimensione
294.44 kB
Formato
Adobe PDF
|
294.44 kB | Adobe PDF | Richiedi una copia |
I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
