To the top

Page Manager: Webmaster
Last update: 9/11/2012 3:13 PM

Tell a friend about this page
Print version

Towards Security Threats … - University of Gothenburg, Sweden Till startsida
Sitemap
To content Read more about how we use cookies on gu.se

Towards Security Threats that Matter

Conference paper
Authors Katja Tuma
Riccardo Scandariato
M. Widman
C. Sandberg
Published in International Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems. CyberICPS and SECPRE. pp 47-62
ISBN 978-3-319-72817-9
Publisher Springer
Publication year 2017
Published at Department of Computer Science and Engineering (GU)
Language en
Links https://doi.org/10.1007/978-3-319-7...
https://gup.ub.gu.se/file/207216
Keywords Architectural threat analysis, Security assets, STRIDE
Subject categories Software Engineering

Abstract

Architectural threat analysis is a pillar of security by design and is routinely performed in companies. STRIDE is a well-known technique that is predominantly used to this aim. This technique aims towards maximizing completeness of discovered threats and leads to discovering a large number of threats. Many of them are eventually ranked with the lowest importance during the prioritization process, which takes place after the threat elicitation. While low-priority threats are often ignored later on, the analyst has spent significant time in eliciting them, which is highly inefficient. Experience in large companies shows that there is a shortage of security experts, which have limited time when analyzing architectural designs. Therefore, there is a need for a more efficient use of the allocated resources. This paper attempts to mitigate the problem by introducing a novel approach consisting of a risk-first, end-to-end asset analysis. Our approach enriches the architectural model used during the threat analysis, with a particular focus on representing security assumptions and constraints about the solution space. This richer set of information is leveraged during the architectural threat analysis in order to apply the necessary abstractions, which result in a lower number of significant threats. We illustrate our approach by applying it on an architecture originating from the automotive industry.

Page Manager: Webmaster|Last update: 9/11/2012
Share:

The University of Gothenburg uses cookies to provide you with the best possible user experience. By continuing on this website, you approve of our use of cookies.  What are cookies?