Model-based threat and risk assessment for systems design

Avi Shaked*, Yoram Reich

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

Integrating cybersecurity considerations in the design of modern systems is a significant challenge. As systems increasingly rely on connectivity and software to perform, cybersecurity issues of confidentiality, integrity and availability emerge. Addressing these issues during the design of a system – a security by-design approach – is desirable, and considered preferable to patching an existing design with extraneous components and mechanisms. In this paper, we present a model-based methodology for cybersecurity related systems design. This field-proven methodology takes into consideration cybersecurity threats alongside the system’s composition and existing mechanisms, in order to communicate, assess and drive the incorporation of security controls into the system design. We discuss aspects of the methodology’s design and how it relates to its real-life applications and usage context.

Original languageEnglish
Title of host publicationICISSP 2021 - Proceedings of the 7th International Conference on Information Systems Security and Privacy
EditorsPaolo Mori, Lenzini Gabriele, Steven Furnell
PublisherSciTePress
Pages331-338
Number of pages8
ISBN (Electronic)9789897584916
DOIs
StatePublished - 2021
Event7th International Conference on Information Systems Security and Privacy, ICISSP 2021 - Virtual, Online
Duration: 11 Feb 202113 Feb 2021

Publication series

NameICISSP 2021 - Proceedings of the 7th International Conference on Information Systems Security and Privacy

Conference

Conference7th International Conference on Information Systems Security and Privacy, ICISSP 2021
CityVirtual, Online
Period11/02/2113/02/21

Keywords

  • Cybersecurity
  • Model based Engineering
  • Security by Design
  • Systems Design
  • Threat and Risk Assessment

Fingerprint

Dive into the research topics of 'Model-based threat and risk assessment for systems design'. Together they form a unique fingerprint.

Cite this