Toolunterstützung für qualitatives Threat Modeling von Embedded Systems in Kritischen Infrastrukturen

Hanh Quyen Nguyen
October 2010
University of St. Gallen, Business Dissertations;10/26/2010, p1
Critical infrastructures are functional integrated collective automation systems and composed of software sensitive embedded systems. With the soaring interconnectedness of critical infrastructures these integrated digital information processing components have increasingly become the target of network-based IT-attacks. Against this background, more and more manufacturers have become aware of the need to integrate security-oriented quality management into the development process of embedded systems. The aim is to invigorate single embedded systems by invigorating the information security and failure resistance of the integrated embedded software. Despite the growing prominence of the embedded software in automation systems, software engineering is still a neglected discipline in the development process of embedded systems. Currently applied development processes fail to integrate a required degree of systematization and formalization as well as the professional assistance of security experts. Also, because of multiple deficits during the requirement engineering, such as poor communication, inaccurate specifications and documentation, a gap has emerged between the documented system specification and the actual implementation. This gap causes many security leaks in the system and the operating embedded software. This thesis is part of a CTI (National Swiss Commission for Technology and Innovation) founded project, which is a cooperation between the Institute of Information Management of the University of St. Gallen and the ABB Corporate Research Center. Within the scope of the project, the threat modeling method ESSAF (Embedded Systems Security Assessment) has evolved. Based on the identified deficits in the development process of embedded systems, the method defines an incremental process model that supports product experts to systematically and methodically documenting system specifications and analyzing security architectures of software sensitive embedded systems in the design phase. This dissertation presents the conceptual design and implementation of the ESSAF tool. Based on the ESSAF method the tool is designed to be a documentation platform for product experts and supports the generation and evaluation of qualitative security-oriented system specifications of software-sensitive embedded systems.


Related Articles

  • ForeScout pitches honeypot technology as IPS. Snyder, Joel; Burns, Christine // Network World;2/16/2004, Vol. 21 Issue 7, p73 

    Introduces the network-based intrusion protection software ActiveScout from ForeScout Technologies. Capabilities and functions; Benefits to users.

  • Safety Check. Phifer, Lisa // Information Security;Feb2011, Vol. 13 Issue 1, p21 

    The article discusses managing an effective endpoint integrity enforcement program for network security. It warns that malware-infested, non-compliant endpoints can infiltrate well-secured networks unless measures are taken to assess and prevent damage. It cites a low four percent completion...

  • Security News and Products: New StoneGate FW-1060 and IPS-1060 appliances.  // Software World;Jul2009, Vol. 40 Issue 4, p24 

    The article evaluates several integrated network security and business continuity solutions including StoneGate Firewall FW-1060 and the StoneGate Intrusion Prevention System IPS-1060 from Stonesoft Corp.

  • THE RETOOLING OF THE END-POINT SECURITY SOFTWARE MARKET. Oltsik, Jon // Information Security;Jul2015, Issue 6, p13 

    The article discusses the launch of endpoint security software to address the increasing cyberattacks. Topics covered include the rising demands of companies and individuals for layered security technologies. Also mentioned is the views of technology experts of the rising overall malware threats...

  • 50 Free Network Security Software for SMEs. Ghosh, Jayanta // PC Quest;May2012, p110 

    The article offers information on various network security software for small and medium enterprises. Among the recommended security tools include Tripwire which is use for monitoring and alerting specific file changes on a range of systems, and Kismet which offers wireless network detection and...

  • BETTER SAFE THAN SORRY. Garr, Robin // Louisville Magazine;Oct2000, Vol. 51 Issue 10, p42 

    Advises the installation of firewall software programs to protect computer networks from hackers.

  • Network security for all. Scambray, Joel; O'Neill, Leslie // InfoWorld;12/14/98, Vol. 20 Issue 50, p68 

    Evaluates four computer network firewall products. Implementation; Performance; Management tools; Virtual Private Network features; Support; Projected basic ownership cost; Options. INSETS: Internet Devices Fort Knox Policy Router F-3000;Technologic Interceptor 3.6;WatchGuard Security...

  • Cable-Modem Users Ponder Firewall Need.  // Multichannel News;06/05/2000, Vol. 21 Issue 23, p14 

    Highlights the emergence of a category of home-firewall products for cable-modem users' personal computers. Prevention of unauthorized access to or from a private network; Cable Television Laboratories Inc.'s development of DOCSIS 1.1; NDC Communications Inc.'s SOHOware's Broadband Internet...

  • The changing face of data protection. Wood, Denise // Sports Car;Dec2013, Vol. 24 Issue 12, p16 

    In this article, the author focuses on the changing aspects of business and consumer data protection. She informs that information technology (IT), sakes and customer services departments should know IT security policies and standards and she states that businesses should be aware of latest...


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics