@inproceedings{db27bef1f59b483284f664f0e8f51edc,
title = "Model-based threat and risk assessment for systems design",
abstract = "Integrating cybersecurity considerations in the design of modern systems is a significant challenge. As systems increasingly rely on connectivity and software to perform, cybersecurity issues of confidentiality, integrity and availability emerge. Addressing these issues during the design of a system – a security by-design approach – is desirable, and considered preferable to patching an existing design with extraneous components and mechanisms. In this paper, we present a model-based methodology for cybersecurity related systems design. This field-proven methodology takes into consideration cybersecurity threats alongside the system{\textquoteright}s composition and existing mechanisms, in order to communicate, assess and drive the incorporation of security controls into the system design. We discuss aspects of the methodology{\textquoteright}s design and how it relates to its real-life applications and usage context.",
keywords = "Cybersecurity, Model based Engineering, Security by Design, Systems Design, Threat and Risk Assessment",
author = "Avi Shaked and Yoram Reich",
note = "Publisher Copyright: Copyright {\textcopyright} 2021 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved; 7th International Conference on Information Systems Security and Privacy, ICISSP 2021 ; Conference date: 11-02-2021 Through 13-02-2021",
year = "2021",
doi = "10.5220/0010187203310338",
language = "אנגלית",
series = "ICISSP 2021 - Proceedings of the 7th International Conference on Information Systems Security and Privacy",
publisher = "SciTePress",
pages = "331--338",
editor = "Paolo Mori and Lenzini Gabriele and Steven Furnell",
booktitle = "ICISSP 2021 - Proceedings of the 7th International Conference on Information Systems Security and Privacy",
}