Threat Modelling allows defenders to identify threats to which the target system is exposed. Such a process requires a detailed infrastructure analysis to map threats to assets and to identify possible flaws. Unfortunately, the process is still mostly done manually and without the support of formally sound approaches. Moreover, Threat Modelling often involves teams with different levels of security knowledge, leading to different possible interpretation in the system under analysis representation. Threat modelling automation comes with two main challenges: (i) the need for a standard representation of models and data used in various stages of the process, establishing a formal vocabulary for all involved parties, and (ii) the requirement for a well-defined inference rule set enabling reasoning process automation for threat identification. The paper presents the ThreMA approach to automating threat modelling for ICT infrastructures, aiming at addressing the key automation issues through the use of ontologies. Specifically, a formal vocabulary for modelling an ICT infrastructure, a threat catalog and a set of inference rules needed to support the reasoning process for threat identification are provided. The proposed approach has been validated against actual significant case studies provided by different Stakeholders of the Italian Public Sector.

ThreMA: Ontology-based Automated Threat Modelling for ICT Infrastructures / De Rosa, Fabio; Maunero, Nicolò; Prinetto, Paolo; Talentino, Federico; Trussoni, Martina. - In: IEEE ACCESS. - ISSN 2169-3536. - ELETTRONICO. - 10:(2022), pp. 116514-116526. [10.1109/ACCESS.2022.3219063]

ThreMA: Ontology-based Automated Threat Modelling for ICT Infrastructures

Maunero, Nicolò;Prinetto, Paolo;Talentino, Federico;
2022

Abstract

Threat Modelling allows defenders to identify threats to which the target system is exposed. Such a process requires a detailed infrastructure analysis to map threats to assets and to identify possible flaws. Unfortunately, the process is still mostly done manually and without the support of formally sound approaches. Moreover, Threat Modelling often involves teams with different levels of security knowledge, leading to different possible interpretation in the system under analysis representation. Threat modelling automation comes with two main challenges: (i) the need for a standard representation of models and data used in various stages of the process, establishing a formal vocabulary for all involved parties, and (ii) the requirement for a well-defined inference rule set enabling reasoning process automation for threat identification. The paper presents the ThreMA approach to automating threat modelling for ICT infrastructures, aiming at addressing the key automation issues through the use of ontologies. Specifically, a formal vocabulary for modelling an ICT infrastructure, a threat catalog and a set of inference rules needed to support the reasoning process for threat identification are provided. The proposed approach has been validated against actual significant case studies provided by different Stakeholders of the Italian Public Sector.
File in questo prodotto:
File Dimensione Formato  
ThreMA Ontology-based Automated Threat Modelling for ICT Infrastructures.pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: PUBBLICO - Tutti i diritti riservati
Dimensione 7.76 MB
Formato Adobe PDF
7.76 MB Adobe PDF Visualizza/Apri
ThreMA_Ontology-Based_Automated_Threat_Modeling_for_ICT_Infrastructures.pdf

accesso aperto

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Creative commons
Dimensione 4 MB
Formato Adobe PDF
4 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2972592