Data Driven Vulnerability Exploration for Design Phase System Analysis

TL;DR

This paper introduces CYBOK, an algorithmic framework that enables early-stage vulnerability exploration in system design by associating attack vectors with characteristic system models, enhancing security assessment during development.

Contribution

The paper presents CYBOK, a novel algorithmic approach that extends existing cybersecurity knowledge to facilitate automated vulnerability exploration based on system models.

Findings

CYBOK effectively associates attack vectors with system models.

It enables early security assessment during system design.

Supports collaboration between security analysts and designers.

Abstract

Applying security as a lifecycle practice is becoming increasingly important to combat targeted attacks in safety-critical systems. Among others there are two significant challenges in this area: (1) the need for models that can characterize a realistic system in the absence of an implementation and (2) an automated way to associate attack vector information; that is, historical data, to such system models. We propose the cybersecurity body of knowledge (CYBOK), which takes in sufficiently characteristic models of systems and acts as a search engine for potential attack vectors. CYBOK is fundamentally an algorithmic approach to vulnerability exploration, which is a significant extension to the body of knowledge it builds upon. By using CYBOK, security analysts and system designers can work together to assess the overall security posture of systems early in their lifecycle, during major design decisions and before final product designs. Consequently, assisting in applying security earlier and throughout the systems lifecycle.