Threat Modeling of Cyber-Physical Systems - A Case Study of a Microgrid System

Shaymaa Mamdouh Khalil, Hayretdin Bahsi, Henry Ochieng’ Dola, Tarmo Korõtko, Kieran McLaughlin, Vahur Kotkas

Research output: Contribution to journalArticlepeer-review

25 Scopus citations

Abstract

Cyber threat modeling is an analytical process that is used for identifying the potential threats against a system and supporting the selection of security requirements in the early stages of the system development life cycle. Thus, threat modeling is a vital instrument for the realization of the secure-by-design principle. Despite being a well-known practice in software development projects, its adaptation to cyber-physical systems still requires systematic elaboration. The complex interactions between cyber and physical spaces and their reflection on the cyber threat landscape constitute a significant challenge for the system development teams. This study proposes a detailed methodology to apply STRIDE to cyber-physical systems and demonstrates its applicability in a case study of a microgrid system. Our methodology provides a systematic threat elicitation procedure based on an attack taxonomy that was created for this research. This paper also shows how assets could be identified, data flow diagrams formed, trust boundaries determined, and threats prioritized, in the case of a cyber-physical system.

Original languageEnglish (US)
Article number102950
JournalComputers and Security
Volume124
DOIs
StatePublished - Jan 2023
Externally publishedYes

Keywords

  • Cyber-Physical Systems (CPS)
  • Impact assessment
  • Industrial Control Systems (ICS)
  • Microgrid
  • STRIDE
  • Threat modeling
  • Threat Modeling

ASJC Scopus subject areas

  • General Computer Science
  • Law

Fingerprint

Dive into the research topics of 'Threat Modeling of Cyber-Physical Systems - A Case Study of a Microgrid System'. Together they form a unique fingerprint.

Cite this