Using model driven engineering to support multi-paradigms security analysis

Abstract : Nowadays, security analysis of complex systems has become a major concern. Many works have been achieved to reduce vulnerabilities in such systems. However, existing methods used to perform security assessment as a holistic approach are still poorly instrumented and limited in scope. In this work, we propose methodology and associated framework for security analysis. The methodology relies upon model-driven engineering approach and combines two types of methods: a qualitative method named EBIOS that is usually simple and helps to identify critical parts of the system; then a quantitative method, the Attack Trees method, that is more complex but gives more accurate results. We present the automatic generation of Attack trees from EBIOS analysis phase. We show on a SCADA system case study how our process can be applied.
Document type :
Conference papers
Complete list of metadatas

https://hal-cea.archives-ouvertes.fr/cea-01836561
Contributor : Léna Le Roy <>
Submitted on : Thursday, July 12, 2018 - 1:53:55 PM
Last modification on : Wednesday, January 23, 2019 - 2:39:33 PM

Identifiers

Collections

Citation

R. Abdallah, A. Motii, N. Yakymets, A. Lanusse. Using model driven engineering to support multi-paradigms security analysis. Model-Driven Engineering and Software Development. MODELSWARD 2015. Communications in Computer and Information Science, Feb 2015, Angers, France. pp.278-292, ⟨10.1007/978-3-319-27869-8_16⟩. ⟨cea-01836561⟩

Share

Metrics

Record views

59