TY - GEN
T1 - I've seen this before
T2 - 1st ACM/IEEE International Workshop on Security Awareness from Design to Deployment, SEAD 2018
AU - Alrimawi, Faeq
AU - Pasquale, Liliana
AU - Mehta, Deepak
AU - Nuseibeh, Bashar
N1 - Publisher Copyright:
© 2018 IEEE/ACM.
PY - 2018/9/25
Y1 - 2018/9/25
N2 - An increasing number of security incidents in cyber-physical systems (CPSs) arise from the exploitation of cyber and physical components of such systems. Knowledge about how such incidents arose is rarely captured and used systematically to enhance security and support future incident investigations. In this paper, we propose an approach to represent and share incidents knowledge. Our approach captures incident patterns-common aspects of incidents occurring in different CPSs. Our approach then allows incident patterns to be instantiated for different systems to assess if and how such patterns can manifest again. To support our approach, we provide two meta-models that represent, respectively, incident patterns and the cyber-physical systems themselves. The incident meta-model captures the characteristics of incidents, such as assets and activities. The system meta-model captures cyber and physical components and their interactions, which may be exploited during an incident. We demonstrate the feasibility of our approach in the application domain of smart buildings, by tailoring the system meta-model to represent components and interactions in this domain.
AB - An increasing number of security incidents in cyber-physical systems (CPSs) arise from the exploitation of cyber and physical components of such systems. Knowledge about how such incidents arose is rarely captured and used systematically to enhance security and support future incident investigations. In this paper, we propose an approach to represent and share incidents knowledge. Our approach captures incident patterns-common aspects of incidents occurring in different CPSs. Our approach then allows incident patterns to be instantiated for different systems to assess if and how such patterns can manifest again. To support our approach, we provide two meta-models that represent, respectively, incident patterns and the cyber-physical systems themselves. The incident meta-model captures the characteristics of incidents, such as assets and activities. The system meta-model captures cyber and physical components and their interactions, which may be exploited during an incident. We demonstrate the feasibility of our approach in the application domain of smart buildings, by tailoring the system meta-model to represent components and interactions in this domain.
KW - Cyber-Physical Systems
KW - Incident Pattern
KW - Meta-model
KW - Smart Buildings
UR - http://www.scopus.com/inward/record.url?scp=85055429387&partnerID=8YFLogxK
U2 - 10.23919/SEAD.2018.8472851
DO - 10.23919/SEAD.2018.8472851
M3 - Conference contribution
AN - SCOPUS:85055429387
T3 - Proceedings - 2018 ACM/IEEE 1st International Workshop on Security Awareness from Design to Deployment, SEAD 2018
SP - 33
EP - 40
BT - Proceedings - 2018 ACM/IEEE 1st International Workshop on Security Awareness from Design to Deployment, SEAD 2018
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 27 May 2018
ER -