Rauter, Tobias
Höller, Andrea
Kajtazovic, Nermin
Kreiner, Christian
2016-01-19
<p>Risk management is a crucial process for the development of<br>
secure systems. Valuable objects (assets) must be identified<br>
and protected. In order to prioritize the protection mechanisms,<br>
the values of assets need to be quantified. More<br>
valuable or exposed assets require more powerful protection.<br>
There are many risk assessment approaches that aim to provide<br>
a metric to generate this quantification for different domains.<br>
In software systems, these assets are reflected in resources<br>
(e.g., a file with important information) or functional<br>
software components (e.g., performing a bank transfer). To<br>
protect the assets from different threats like unauthorized<br>
access, other software components (e.g., an authenticator)<br>
are used. These components are essential for the asset's<br>
security properties and should therefore be considered for<br>
further investigation such as threat modeling. Evaluating<br>
assets only at system level may hide threats that originate<br>
from vulnerabilities in software components while doing an<br>
extensive threat analysis for all the system's components<br>
without prioritization is not feasible all the time.<br>
In this work, we propose a metric that quantifies software<br>
components by the assets they are able to access. Based on a<br>
component model of the software architecture, it is possible<br>
to identify trust domains and add filter components that<br>
split these domains. We show how the integration of the<br>
methodology into the development process of a distributed<br>
manufacturing system helped us to identify critical sections<br>
(i.e., components whose vulnerabilities may enable threats<br>
against important assets), to reduce attack surface, to find<br>
isolation domains and to implement security measures at the<br>
right places.</p>
https://doi.org/10.5281/zenodo.47992
oai:zenodo.org:47992
Zenodo
https://zenodo.org/communities/mils
https://doi.org/
info:eu-repo/semantics/openAccess
Creative Commons Attribution 4.0 International
https://creativecommons.org/licenses/by/4.0/legalcode
International Workshop on MILS: Architecture and Assurance for Secure Systems, Prague, 19 January 2016
Asset-Centric Security Risk Assessment of Software Components
info:eu-repo/semantics/conferencePaper