Ankur Shukla,Basel Katt,Livinus Obiora Nweke,Prosper Kandabongee Yeng,Goitom Kahsay Weldehawaryat

DOI: https://doi.org/10.1016/j.cosrev.2022.100496

2022-07-29

Abstract:System security assurance provides the confidence that security features, practices, procedures, and architecture of software systems mediate and enforce the security policy and are resilient against security failure and attacks. Alongside the significant benefits of security assurance, the evolution of new information and communication technology (ICT) introduces new challenges regarding information protection. Security assurance methods based on the traditional tools, techniques, and procedures may fail to account new challenges due to poor requirement specifications, static nature, and poor development processes. The common criteria (CC) commonly used for security evaluation and certification process also comes with many limitations and challenges. In this paper, extensive efforts have been made to study the state-of-the-art, limitations and future research directions for security assurance of the ICT and cyber-physical systems (CPS) in a wide range of domains. We conducted a systematic review of requirements, processes, and activities involved in system security assurance including security requirements, security metrics, system and environments and assurance methods. We highlighted the challenges and gaps that have been identified by the existing literature related to system security assurance and corresponding solutions. Finally, we discussed the limitations of the present methods and future research directions.

Cryptography and Security,Software Engineering

WU Chao,LIN Jiajun,TANG Siliang,YU Ling,LIU Peitao

DOI: https://doi.org/10.3969/j.issn.1000-3428.2005.11.027

2005-01-01

Abstract:The capable maturity model of military communication software (MCS-CMM) is studied and developed, to overcome the use of CMM for the software engineering management of the military communication equipments for the purpose of dealing with the three key basic problems necessary to be solved. The three key problems include: (1) the application of CMM in a system of quality management built on the basis of ISO9001; (2) the use of combination of CMM in the practical use of military communication equipments; (3) the use of CMM in the small or medium enterprises and in the small or short period projects.

Nabin Chowdhury,Vasileios Gkioulos

DOI: https://doi.org/10.1108/ics-07-2020-0121

2021-08-24

Information and Computer Security

Abstract:Purpose The purpose of this paper can be encapsulated in the following points: identify the research papers published on the topic: competencies and skills necessary for critical infrastructure (CI) cyber-security (CS) protection; determine main focus areas within the identified literature and evaluate the dependency or lack thereof between them: make recommendations for future research. Design/methodology/approach This study is based on a systematic literature review conducted to identify scientific papers discussing and evaluating competencies, skills and essential attributes needed by the CI workforce for CS and preparedness to attacks and incidents. Findings After a comparative analysis of the articles reviewed in this study, a variety of skills and competencies was found to be necessary for CS assurance in CIs. These skills have been grouped into four categories, namely, technical, managerial, implementation and soft skills. Nonetheless, there is still a lack of agreement on which skills are the most critical and further research should be conducted on the relation between specific soft skills and CS assurance. Research limitations/implications Investigation of which skills are required by industry for specific CS roles, by conducting interviews and sending questionnaire\surveys, would allow consolidating whether literature and industry requirements are equivalent. Practical implications Findings from this literature review suggest that more effort should be taken to conciliate current CS curricula in academia with the skills and competencies required for CS roles in the industry. Originality/value This study provides a previously lacking current mapping and review of literature discussing skills and competencies evidenced as critical for CS assurance for CI. The findings of this research are useful for the development of comprehensive solutions for CS awareness and training.

Bert Valkenburg,Ivano Bongiovanni

DOI: https://doi.org/10.2139/ssrn.4671348

IF: 5.105

2024-01-17

Computers & Security

Abstract:Enterprise risk management frameworks have gained popularity after the Global Financial Crisis for companies to be more in control of their risks. Since then, the Three Lines of Defence model (based on defence-in-depth approaches) has become one of the primary risk management frameworks in the Western world. Yet, its application in the cybersecurity space, one of the fastest-growing areas of risk for modern organisations, has been fragmented at best. In this article, we conducted a systematic literature review on the application of the Three Lines of Defence model in cybersecurity. The model has been recently renamed the Three Lines Model. After the seminal publication by the Institute of Internal Auditors in 2013, academics and practitioners have either referenced this model as the primary governance framework for risk management or analysed it in depth in various areas. To the best of our knowledge, this is the first systematic literature review on the topic. We have performed a methodical analysis of existing research using best practices in the field and adopted the grounded theory approach as the theoretical underpinning of our investigation. This way, we unraveled details, critiques and possible alternatives to the Three Lines Model in cybersecurity. Our study expands our understanding of the Three Lines Model and its application in cybersecurity, highlighting the status quo of research in the space and offering practical recommendations for organisations interested in exploring its implementation to mitigate the impact of cyber-risks.

computer science, information systems

Alexander Kott,Curtis Arnold

DOI: https://doi.org/10.48550/arXiv.1512.07937

2015-12-25

Abstract:We review the current status and research challenges in the area of cyber security often called continuous monitoring and risk scoring (CMRS). We focus on two most salient aspects of CMRS. First, continuous collection of data through automated feeds; hence the term continuous monitoring. Typical data collected for continuous monitoring purposes include network traffic information as well as host information from host-based agents. Second, analysis of the collected data in order to assess the risks - the risk scoring. This assessment may include flagging especially egregious vulnerabilities and exposures, or computing metrics that provide an overall characterization of the network's risk level. Currently used risk metrics are often simple sums or counts of vulnerabilities and missing patches. The research challenges pertaining to CMRS fall mainly into two categories. The first centers on the problem of integrating and fusing highly heterogeneous information. The second group of challenges is the lack of rigorous approaches to computing risk. Existing risk scoring algorithms remain limited to ad hoc heuristics such as simple sums of vulnerability scores or counts of things like missing patches or open ports, etc. Weaknesses and potentially misleading nature of such metrics are well recognized. For example, the individual vulnerability scores are dangerously reliant on subjective, human, qualitative input, potentially inaccurate and expensive to obtain. Further, the total number of vulnerabilities may matters far less than how vulnerabilities are distributed over hosts, or over time. Similarly, neither topology of the network nor the roles and dynamics of inter-host interactions are considered by simple sums of vulnerabilities or missing patches.

Cryptography and Security

Shaofei Huang,Christopher M. Poskitt,Lwin Khin Shar

2024-09-19

Abstract:Cyber-physical systems (CPS) are at the intersection of digital technology and engineering domains, rendering them high-value targets of sophisticated and well-funded cybersecurity threat actors. Prominent cybersecurity attacks on CPS have brought attention to the vulnerability of these systems, and the inherent weaknesses of critical infrastructure reliant on CPS. Security modelling for CPS is an important mechanism to systematically identify and assess vulnerabilities, threats, and risks throughout system lifecycles, and to ultimately ensure system resilience, safety, and reliability. This survey delves into state-of-the-art research in CPS security modelling, encompassing both threat and attack modelling. While these terms are sometimes used interchangeably, they are different concepts. This article elaborates on the differences between threat and attack modelling, examining their implications for CPS security. A systematic search yielded 428 articles, from which 15 were selected and categorised into three clusters: those focused on threat modelling methods, attack modelling methods, and literature reviews. Specifically, we sought to examine what security modelling methods exist today, and how they address real-world cybersecurity threats and CPS-specific attacker capabilities throughout the lifecycle of CPS, which typically span longer durations compared to traditional IT systems. This article also highlights several limitations in existing research, wherein security models adopt simplistic approaches that do not adequately consider the dynamic, multi-layer, multi-path, and multi-agent characteristics of real-world cyber-physical attacks.

Cryptography and Security

Nan Sun,Chang-Tsun Li,Hin Chan,Ba Dung Le,MD Zahidul Islam,Leo Yu Zhang,MD Rafiqul Islam,Warren Armstrong

DOI: https://doi.org/10.1109/ACCESS.2022.3168716

2022-04-02

Abstract:Advances of emerging Information and Communications Technology (ICT) technologies push the boundaries of what is possible and open up new markets for innovative ICT products and services. The adoption of ICT products and systems with security properties depends on consumers' confidence and markets' trust in the security functionalities and whether the assurance measures applied to these products meet the inherent security requirements. Such confidence and trust are primarily gained through the rigorous development of security requirements, validation criteria, evaluation, and certification. Common Criteria for Information Technology Security Evaluation (often referred to as Common Criteria or CC) is an international standard (ISO/IEC 15408) for cyber security certification. In this paper, we conduct a systematic review of the CC standards and its adoptions. Adoption barriers of the CC are also investigated based on the analysis of current trends in security evaluation. Specifically, we share the experiences and lessons gained through the recent Development of Australian Cyber Criteria Assessment (DACCA) project that promotes the CC among stakeholders in ICT security products related to specification, development, evaluation, certification and approval, procurement, and deployment. Best practices on developing Protection Profiles, recommendations, and future directions for trusted cybersecurity advancement are presented.

Cryptography and Security,Computers and Society

Bereket Abera Yilma,Hervé Panetto,Yannick Naudet

DOI: https://doi.org/10.1016/j.compind.2021.103458

2021-04-12

Abstract:The notion of Cyber-Physical-Social System (CPSS) is an emerging concept developed as a result of the need to understand the impact of Cyber-Physical Systems (CPS) on humans and vice versa. This paradigm shift from CPS to CPSS was mainly attributed to the increasing use of sensor-enabled smart devices and the tight link with the users. The concept of CPSS has been around for over a decade and it has gained increasing attention over the past few years. The evolution to incorporate human aspects in the CPS research has unlocked a number of research challenges. Particularly human dynamics brings additional complexity that is yet to be explored. The exploration to conceptualise the notion of CPSS has been partially addressed in few scientific literatures. Although its conceptualisation has always been use-case dependent. Thus, there is a lack of generic view as most works focus on specific domains. Furthermore, the systemic core and design principles linking it with the theory of systems are loose. This work aims at addressing these issues by first exploring and analysing scientific literature to understand the complete spectrum of CPSS through a Systematic Literature Review (SLR). Thereby identifying the state-of-the-art perspectives on CPSS regarding definitions, underlining principles and application areas. Subsequently, based on the findings of the SLR, we propose a domain-independent definition and a meta-model for CPSS, grounded in the Theory of Systems. Finally, a discussion on feasible future research directions is presented based on the systemic notion and the proposed meta-models.

Artificial Intelligence,Human-Computer Interaction

Uchenna D Ani,Jeremy D McK Watson,Nilufer Tuptuk,Steve Hailes,Madeline Carr,Carsten Maple

DOI: https://doi.org/10.48550/arXiv.2208.07965

2022-08-16

Cryptography and Security

Abstract:The UK Critical National Infrastructure is critically dependent on digital technologies that provide communications, monitoring, control, and decision-support functionalities. Digital technologies are progressively enhancing efficiency, reliability, and availability of infrastructure, and enabling new benefits not previously available. These benefits can introduce vulnerabilities through the connectivity enabled by the digital systems, thus, making it easier for would-be attackers, who frequently use socio-technical approaches, exploiting humans-in-the-loop to break in and sabotage an organization. Therefore, policies and strategies that minimize and manage risks must include an understanding of operator and corporate behaviors, as well as technical elements and the interfaces between them and humans. Better security via socio-technical security Modelling and Simulation can be achieved if backed by government effort, including appropriate policy interventions. Government, through its departments and agencies, can contribute by sign-posting and shaping the decision-making environment concerning cybersecurity M&S approaches and tools, showing how they can contribute to enhancing security in Modern Critical Infrastructure Systems.

Nabin Chowdhury

DOI: https://doi.org/10.3390/signals2040046

2021-11-04

Signals

Abstract:As digital instrumentation in Nuclear Power Plants (NPPs) is becoming increasingly complex, both attack vectors and defensive strategies are evolving based on new technologies and vulnerabilities. Continued efforts have been made to develop a variety of measures for the cyber defense of these infrastructures, which often consist in adapting security measures previously developed for other critical infrastructure sectors according to the requirements of NPPs. That being said, due to the very recent development of these solutions, there is a lack of agreement or standardization when it comes to their adoption at an industrial level. To better understand the state of the art in NPP Cyber-Security (CS) measures, in this work, we conduct a Systematic Literature Review (SLR) to identify scientific papers discussing CS frameworks, standards, guidelines, best practices, and any additional CS protection measures for NPPs. From our literature analysis, it was evidenced that protecting the digital space in NPPs involves three main steps: (i) identification of critical digital assets; (ii) risk assessment and threat analysis; (iii) establishment of measures for NPP protection based on the defense-in-depth model. To ensure the CS protection of these infrastructures, a holistic defense-in-depth approach is suggested in order to avoid excessive granularity and lack of compatibility between different layers of protection. Additional research is needed to ensure that such a model is developed effectively and that it is based on the interdependencies of all security requirements of NPPs.

Uchenna D Ani,Jeremy D McK. Watson,Jason R.C. Nurse,Al Cook,Carsten Maple

DOI: https://doi.org/10.48550/arXiv.1904.01551

2019-04-03

Abstract:As new technologies such as the Internet of Things (IoT) are integrated into Critical National Infrastructures (CNI), new cybersecurity threats emerge that require specific security solutions. Approaches used for analysis include the modelling and simulation of critical infrastructure systems using attributes, functionalities, operations, and behaviours to support various security analysis viewpoints, recognising and appropriately managing associated security risks. With several critical infrastructure protection approaches available, the question of how to effectively model the complex behaviour of interconnected CNI elements and to configure their protection as a system-of-systems remains a challenge. Using a systematic review approach, existing critical infrastructure protection approaches (tools and techniques) are examined to determine their suitability given trends like IoT, and effective security modelling and analysis issues. It is found that empirical-based, agent-based, system dynamics-based, and network-based modelling are more commonly applied than economic-based and equation-based techniques, and empirical-based modelling is the most widely used. The energy and transportation critical infrastructure sectors reflect the most responsive sectors, and no one Critical Infrastructure Protection (CIP) approach - tool, technique, methodology or framework -- provides a fit-for-all capacity for all-round attribute modelling and simulation of security risks. Typically, deciding factors for CIP choices to adopt are often dominated by trade-offs between complexity of use and popularity of approach, as well as between specificity and generality of application in sectors.

Cryptography and Security,Networking and Internet Architecture,Systems and Control

Jie Zhang,Haoyu Bu,Hui Wen,Yu Chen,Lun Li,Hongsong Zhu

2024-05-07

Abstract:The rapid advancements in large language models (LLMs) have opened new avenues across various fields, including cybersecurity, which faces an ever-evolving threat landscape and need for innovative technologies. Despite initial explorations into the application of LLMs in cybersecurity, there is a lack of a comprehensive overview of this research area. This paper bridge this gap by providing a systematic literature review, encompassing an analysis of over 180 works, spanning across 25 LLMs and more than 10 downstream scenarios. Our comprehensive overview addresses three critical research questions: the construction of cybersecurity-oriented LLMs, LLMs' applications in various cybersecurity tasks, and the existing challenges and further research in this area. This study aims to shed light on the extensive potential of LLMs in enhancing cybersecurity practices, and serve as a valuable resource for applying LLMs in this doamin. We also maintain and regularly updated list of practical guides on LLMs for cybersecurity at

Cryptography and Security,Artificial Intelligence

Betsy Uchendu,Jason R.C. Nurse,Maria Bada,Steven Furnell

DOI: https://doi.org/10.1016/j.cose.2021.102387

2021-10-01

Abstract:<p>While the creation of a strong security culture has been researched and discussed for decades, it continues to elude many businesses. Part of the challenge faced is distilling pertinent, recent academic findings and research into useful guidance. In this article, we aim to tackle this issue by conducting a state-of-the-art study into organisational cyber security culture research. This work investigates four questions, including how cyber security culture is defined, what factors are essential to building and maintaining such a culture, the frameworks proposed to cultivate a security culture and the metrics suggested to assess it. Through the application of the PRISMA systematic literature review technique, we identify and analyse 58 research articles from the last 10 years (2010-2020). Our findings demonstrate that while there have been notable changes in the use of terms (e.g., information security culture and cyber security culture), many of the most influential factors across papers are similar. Top management support, policy and procedures, and awareness for instance, are critical in engendering cyber security culture. Many of the frameworks reviewed revealed common foundations, with organisational culture playing a substantial role in crafting appropriate cyber security culture models. Questionnaires and surveys are the most used tool to measure cyber security culture, but there are also concerns as to whether more dynamic measures are needed. For practitioners, this article highlights factors and models essential to the creation and management of a robust security culture. For research, we produce an up-to-date characterisation of the field and also define open issues deserving of further attention such as the role of change management processes and national culture in an enterprise's cyber security culture.</p>

computer science, information systems

Hussain Ahmad,Isuru Dharmadasa,Faheem Ullah,M. Ali Babar

DOI: https://doi.org/10.1145/3558001

2022-01-31

Abstract:Command, Control, Communication, and Intelligence (C3I) systems are increasingly used in critical civil and military domains for achieving information superiority, operational efficacy, and greater situational awareness. Unlike traditional systems facing widespread cyber-attacks, the sensitive nature of C3I tactical operations make their cybersecurity a critical concern. For instance, tampering or intercepting confidential information in military battlefields not only damages C3I operations, but also causes irreversible consequences such as loss of human lives and mission failures. Therefore, C3I systems have become a focal point for cyber adversaries. Moreover, technological advancements and modernization of C3I systems have significantly increased the potential risk of cyber-attacks on C3I systems. Consequently, cyber adversaries leverage highly sophisticated attack vectors to exploit security vulnerabilities in C3I systems. Despite the burgeoning significance of cybersecurity for C3I systems, the existing literature lacks a comprehensive review to systematize the body of knowledge on C3I systems' security. Therefore, in this paper, we have gathered, analyzed, and synthesized the state-of-the-art on the cybersecurity of C3I systems. In particular, this paper has identified security vulnerabilities, attack vectors, and countermeasures/defenses for C3I systems. Furthermore, our survey has enabled us to: (i) propose a taxonomy for security vulnerabilities, attack vectors and countermeasures; (ii) interrelate attack vectors with security vulnerabilities and countermeasures; and (iii) propose future research directions for advancing the state-of-the-art on the cybersecurity of C3I systems.

Cryptography and Security,Systems and Control

Shengye Wan,Cyrus Nikolaidis,Daniel Song,David Molnar,James Crnkovich,Jayson Grace,Manish Bhatt,Sahana Chennabasappa,Spencer Whitman,Stephanie Ding,Vlad Ionescu,Yue Li,Joshua Saxe

2024-08-03

Abstract:We are releasing a new suite of security benchmarks for LLMs, CYBERSECEVAL 3, to continue the conversation on empirically measuring LLM cybersecurity risks and capabilities. CYBERSECEVAL 3 assesses 8 different risks across two broad categories: risk to third parties, and risk to application developers and end users. Compared to previous work, we add new areas focused on offensive security capabilities: automated social engineering, scaling manual offensive cyber operations, and autonomous offensive cyber operations. In this paper we discuss applying these benchmarks to the Llama 3 models and a suite of contemporaneous state-of-the-art LLMs, enabling us to contextualize risks both with and without mitigations in place.

Cryptography and Security,Machine Learning

Noor Suhani Sulaiman,Muhammad Ashraf Fauzi,Walton Wider,Jegatheesan Rajadurai,Suhaidah Hussain,Siti Aminah Harun

DOI: https://doi.org/10.3390/socsci11090386

2022-08-30

Social Sciences

Abstract:Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest link in cybersecurity systems as development in digital technology advances. The area of cybersecurity is an extension of the previously studied fields of information and internet security. The need to understand the underlying human behavioural factors associated with CIS policy warrants further study, mainly from theoretical perspectives. Based on these underlying theoretical perspectives, this study reviews literature focusing on CIS compliance and violations by personnel within organisations. Sixty studies from the years 2008 to 2020 were reviewed. Findings suggest that several prominent theories were used extensively and integrated with another specific theory. Protection Motivation Theory (PMT), the Theory of Planned Behaviour (TPB), and General Deterrence Theory (GDT) were identified as among the most referred-to theories in this area. The use of current theories is discussed based on their emerging importance and their suitability in future CIS studies. This review lays the foundation for future researchers by determining gaps and areas within the CIS context and encompassing employee compliance and violations within an organisation.

English Else

Anastasia Dimakopoulou,Konstantinos Rantos

DOI: https://doi.org/10.3390/jmse12060919

IF: 2.744

2024-05-31

Journal of Marine Science and Engineering

Abstract:As technology advances and digitalization becomes more prevalent in the industry, the cyber threats to maritime systems and operations have significantly increased. The maritime sector relies heavily on interconnected networks, communication systems, and sophisticated technologies for its operations, making it an attractive target for cybercriminals, nation-states, and other threat actors. Safeguarding the maritime sector against cyber threats is crucial to ensuring the safety, integrity, and efficiency of maritime operations as well as for protecting sensitive information and global trade. The International Maritime Organization (IMO) has played a significant role in addressing cybersecurity issues, leading to the implementation of regulations aimed at risk reduction. This paper delves into the realm of cybersecurity within the maritime industry, offering an in-depth analysis of its various aspects through an extensive literature review based on the latest Version 2.0 of the National Institute of Standards and Technology's (NIST) Cybersecurity Framework (CSF) functional areas. The primary objective is to establish a connection between research and NIST's functions and categories, thereby presenting a nascent perspective and identifying existing security research gaps. Through the adoption of this strategic approach, the present paper aims to cultivate a forward-looking and proactive state of maturity in anticipation of future developments within the maritime industry. The outcomes of this research can provide valuable reference points in academic discourse, potentially leading to new hypotheses, and fuel innovation in developing advanced cybersecurity measures within the maritime industry.

engineering, ocean,oceanography, marine

David Vance,Mingzhou Jin,Christopher Price,Sachin U. Nimbalkar,Thomas Wenning

DOI: https://doi.org/10.1108/jmtm-03-2022-0103

2023-04-27

Journal of Manufacturing Technology Management

Abstract:Purpose The purpose of this paper is to review existing smart manufacturing (SM) maturity models' dimensions and maturity levels to assess their applicability and drawbacks. There are many maturity models available but many of them have not been validated or do not provide a useful guide or tool for applications. This gap creates the need for a review of the existing maturity model's applicability. Design/methodology/approach Nineteen peer-reviewed maturity models related to "Digital Transformation," "Industry 4.0" or "Smart Manufacturing" were selected based on a systematic literature review and five consulting firm models were selected based on the author's industry knowledge. The chosen models were analyzed to determine 10 categories of dimensions. Then they are assessed on a 1–5 scale for how applicable they are in the 10 categories of dimensions. Findings The five "consulting firm" models have a first-mover advantage, are more widely used in industry and are more applicable, but some require payment, and they lack published details and validation. The 19 "peer reviewed" models are not as widely used, lack awareness in the industry and are not as easy to apply because of no web tool for self-assessment, but they are improving. The categories defined to characterize the models and facilitate comparisons for users include "Information Technology (IT) and Cyber-Physical System (CPS) and Data," "Strategy and Organization," "Supply Chain and Logistics," "Products and Services," "Culture and Employees," "Technology and Capabilities," "Customer and Market," "Cybersecurity and Risk," "Leadership and Management" and "Governance and Compliance." The analyzed maturity models were particularly weak in the areas of cybersecurity, leadership and governance. Practical implications Researchers and practitioners can use this review with consideration of their specific needs to determine if a maturity model is applicable or if a new model needs to be developed. The review can also aid in the development of maturity models through the discussion of each of the dimension categories. Originality/value Compared to existing reviews of SM maturity models, this research determines comprehensive dimension categories and focuses on applicability and drawbacks.

engineering, manufacturing, industrial,management

Beatrice Cassottana,Muhammad M Roomi,Daisuke Mashima,Giovanni Sansavini

DOI: https://doi.org/10.1111/risa.14089

Abstract:Cyber-physical systems (CPSs) are monitored and controlled by a computing and communicating core. This cyber layer enables better management of the controlled subsystem, but it also introduces threats to the security and protection of CPSs, as demonstrated by recent cyberattacks. The resulting governance and policy emphasis on cybersecurity is reflected in the academia by a vast body of literature. In this article, we systematize existing knowledge on CPS analysis. Specifically, we focus on the quantitative assessment of CPSs before and after the occurrence of a disruption. Through the systematic analysis of the models and methods adopted in the literature, we develop a CPS resilience assessment framework consisting of three steps, namely, (1) CPS description, (2) disruption scenario identification, and (3) resilience strategy selection. For each step of the framework, we suggest established methods for CPS analysis and suggest four criteria for method selection. The framework proposes a standardized workflow to assess the resilience of CPSs before and after the occurrence of a disruption. The application of the proposed framework is exemplified with reference to a power substation and associated communication network.The case study shows that the proposed framework supports resilience decision making by quantifying the effects of the implementation of resilience strategies.

Cataldo Basile,Gabriele Gatti,Francesco Settanni

2024-05-06

Abstract:Enforcing security requirements in networked information systems relies on security controls to mitigate the risks from increasingly dangerous threats. Configuring security controls is challenging; even nowadays, administrators must perform it without adequate tool support. Hence, this process is plagued by errors that translate to insecure postures, security incidents, and a lack of promptness in answering threats. This paper presents the Security Capability Model (SCM), a formal model that abstracts the features that security controls offer for enforcing security policies, which includes an Information Model that depicts the basic concepts related to rules (i.e., conditions, actions, events) and policies (i.e., conditions' evaluation, resolution strategies, default actions), and a Data Model that covers the capabilities needed to describe different types of filtering and channel protection controls. Following state-of-the-art design patterns, the model allows for generating abstract versions of the security controls' languages and a model-driven approach for translating abstract policies into device-specific configuration settings. By validating its effectiveness in real-world scenarios, we show that SCM enables the automation of different and complex security tasks, i.e., accurate and granular security control comparison, policy refinement, and incident response. Lastly, we present opportunities for extensions and integration with other frameworks and models.

Cryptography and Security