Diamond modelと攻撃状態に基づくサイバー攻撃シナリオ構造化表現モデル

抄録

Threat modeling is a process to determine effective cybersecurity measures to secure industrial control systems (ICSs). However, deep cybersecurity knowledge is required to perform threat modeling processes and those results including prioritization of cyber attack scenarios are depended on security analysts. To reduce the dependency of analysts, it is required to express cyber attack scenarios with a structured model. In this study, a new structured model that expresses cyber attack scenarios for ICSs is proposed. The proposed model is based on the Diamond model and capable of expression behaviors of adversary in a targeted system by a structured form. The model makes it possible to express structured cyber attack scenarios and reduce dependency of analysts. This paper provides a detail of the proposed model and evaluation results of the model in terms of the usefulness of threat modeling.