An Architecture-based Modeling Approach Using Data Flows for Zone Concepts in Industry 4.0

Kern, Matthias; Taspolatoglu, Emre; Scheytt, Fabian; Glock, Thomas; Liu, Bo; Betancourt, Victor Pazmino; Becker, Juergen; Sax, Eric

doi:10.1109/isse49799.2020.9272013

Cited by 5 publications

(2 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The commonly used domainspecific language modeling methods are unified modelling language (UML) [9], object constraint language (OCL) [10], extensible markup language (XML) [11], etc. Currently, researchers have developed scenario-oriented attack languages [12][13][14][15][16][17][18], relating them to existing security concepts, attack tactics, techniques, and practices. Arshad et al [12] constructed an attack-specific language to concisely provide information about attack techniques, which will streamline and automate the cyber range functions of threat and challenge execution.…”

Section: Introductionmentioning

confidence: 99%

“…Briland and Bouquet [13] proposed a method that uses a domain-specific language to generate modified data, allowing simulated and tested attacks such as injecting forged data into the system. Kern et al [14] propose a domain-specific language for industrial automation and control systems that complies with international security standards. However, since many attack processes exhibit strong dynamics, these hard-coded modeling approaches are not applicable, because they are inflexible and hard to change and reuse.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Design of Threat Response Modeling Language for Attacker Profile Based on Probability Distribution

Zhang

Wang

Bai

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Threat modeling and simulation (TMS) was aimed at dynamically capturing the features of attacks, which is a challenging job in complex Industrial Internet of Things (IIoT) control systems due to the complicated relationships among attacks. Recently, Meta Attack Language (MAL) showed its powerful TMS capabilities for representing complex attacks. However, existing methods pay less attention to the impact of changes in threat profiles on the simulation of key attack techniques. This paper proposes a novel method called threat response modeling language (TRMLang) for threat modeling and simulation in complex IIoT attacks. TRMLang obtains attacker information through an automated analysis of cyber threat intelligence (CTI) to build dynamic attacker profiles. Furthermore, it merges attacker features and probabilistic attack graphs in the simulation to improve TMS performance. The experimental results demonstrate that TRMLang can represent and evaluate the security conditions of IIoT control systems with two attack cases by Lazarus Group on SEGRID smart grids.

show abstract