Towards Automated Attack Simulations of BPMN-based Processes

TL;DR

This paper introduces a novel method for automating attack simulations on BPMN process models, enabling cybersecurity analysis without extensive expert input, and demonstrating its feasibility through a real-world case study.

Contribution

It presents a new approach to map BPMN elements to attack graph concepts and demonstrates automated attack simulation on BPMN processes.

Findings

Attack surface of BPMN identified

Mapping to MAL-based DSL established

Prototype successfully applied to real-world process

Abstract

Process digitization and integration is an increasing need for enterprises, while cyber-attacks denote a growing threat. Using the Business Process Management Notation (BPMN) is common to handle the digital and integration focus within and across organizations. In other parts of the same companies, threat modeling and attack graphs are used for analyzing the security posture and resilience. In this paper, we propose a novel approach to use attack graph simulations on processes represented in BPMN. Our contributions are the identification of BPMN's attack surface, a mapping of BPMN elements to concepts in a Meta Attack Language (MAL)-based Domain-Specific Language (DSL), called coreLang, and a prototype to demonstrate our approach in a case study using a real-world invoice integration process. The study shows that non-invasively enriching BPMN instances with cybersecurity analysis through attack graphs is possible without much human expert input. The resulting insights into potential vulnerabilities could be beneficial for the process modelers.