This paper explores integrating the STRIDE threat modeling framework into the Systems Modeling Language (SysML) to enhance cybersecurity in cyber-physical systems. As the complexity of these systems increases, so does the challenge of ensuring their security. Traditional SysML does not inherently include detailed cybersecurity threat analysis provisions, necessitating an extension to accommodate such needs. We propose a methodology for systematically integrating cybersecurity considerations into SysML by developing a SysML profile that includes the STRIDE framework. This integration is achieved by mapping Data Flow Diagram (DFD) elements to SysML constructs and extending SysML to include a “threatEnumeration” class that facilitates detailed threat analysis. The findings indicate that this approach improves the ability to identify and manage cybersecurity threats and contributes to the broader field of systems engineering by providing a structured framework for security analysis. The paper concludes with recommendations for future research and the continued development of SysML extensions to better support cybersecurity analysis.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A SysML Metamodeling Approach to Embedding STRIDE Threat Analysis for Cyber-Physical Systems

  • Arturo J. Davila-Andino,
  • Alexandre Barreto,
  • Edward Huang

摘要

This paper explores integrating the STRIDE threat modeling framework into the Systems Modeling Language (SysML) to enhance cybersecurity in cyber-physical systems. As the complexity of these systems increases, so does the challenge of ensuring their security. Traditional SysML does not inherently include detailed cybersecurity threat analysis provisions, necessitating an extension to accommodate such needs. We propose a methodology for systematically integrating cybersecurity considerations into SysML by developing a SysML profile that includes the STRIDE framework. This integration is achieved by mapping Data Flow Diagram (DFD) elements to SysML constructs and extending SysML to include a “threatEnumeration” class that facilitates detailed threat analysis. The findings indicate that this approach improves the ability to identify and manage cybersecurity threats and contributes to the broader field of systems engineering by providing a structured framework for security analysis. The paper concludes with recommendations for future research and the continued development of SysML extensions to better support cybersecurity analysis.