Today, many of our activities depend on the normal operation of the IT infrastructures that supports them. However, cyber-attacks on these infrastructures can lead to disastrous consequences. Therefore, efforts towards assessing the cyber-security are being done, such as attack graph simulations based on system architecture models. The Meta Attack Language (MAL) was previously proposed as a framework for developing Domain Specific Languages (DSLs) that can be used for the aforementioned purpose. Since many common components exist among different domains, a way to prevent repeating work had to be defined. To facilitate this goal, we adapt taxonomy building by Nickerson and propose an ecosystem of MAL-based DSLs that describes a systematic approach for not only developing, but also maintaining them over time. This can foster the usage of MAL for modeling new domains.
QC 20210817