Combining Threat Modeling and Cascading Effects Analysis for Critical Infrastructures
摘要
Critical infrastructures have become major targets of adversaries ranging from individual attackers to state-sponsored actors. Evaluating threats, analyzing potential attack paths and identifying mitigation measures are core aspects of protecting critical infrastructures against adversaries. However, with the highly interconnected and sensitive networks operated by critical infrastructures, including information technology and operation technology systems, estimations of the cascading effects of incidents have become the focus of attention. This chapter describes an approach that combines threat modeling and cascading effects analysis in an integrated framework. Information about system configuration and potential threat vectors are used to identify tailored attack paths as well as to simulate the untargeted potential effects threats may have on entire infrastructures. An example is provided to demonstrate how the combination of threat modeling and cascading effects analysis can support critical infrastructure operators in improving their security analyses as well as overall infrastructure protection.