AsIf: Asset Interface Analysis of Industrial Automation Devices

TL;DR

This paper introduces a systematic method inspired by ISO/OSI for analyzing and classifying asset interfaces in industrial control systems to improve threat modeling and security architecture.

Contribution

It presents a novel systematic approach for asset interface analysis in industrial systems, enhancing threat modeling accuracy and security planning.

Findings

Enriched system model with interface tree visualization

Application to a PLC demonstrating the method

Insights into security experts' threat modeling workflows

Abstract

As Industry 4.0 and the Industrial Internet of Things continue to advance, industrial control systems are increasingly adopting IT solutions, including communication standards and protocols. As these systems become more decentralized and interconnected, a critical need for enhanced security measures arises. Threat modeling is traditionally performed in structured brainstorming sessions involving domain and security experts. Such sessions, however, often fail to provide an exhaustive identification of assets and interfaces due to the lack of a systematic approach. This is a major issue, as it leads to poor threat modeling, resulting in insufficient mitigation strategies and, lastly, a flawed security architecture. We propose a method for the analysis of assets in industrial systems, with special focus on physical threats. Inspired by the ISO/OSI reference model, a systematic approach is introduced to help identify and classify asset interfaces. This results in an enriched system model of the asset, offering a comprehensive overview visually represented as an interface tree, thereby laying the foundation for subsequent threat modeling steps. To demonstrate the proposed method, the results of its application to a programmable logic controller (PLC) are presented. In support of this, a study involving a group of 12 security experts was conducted. Additionally, the study offers valuable insights into the experts' general perspectives and workflows on threat modeling.