kth.sePublications
Change search
Refine search result
1 - 20 of 20
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Armendariz, Mikel
    et al.
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Gonzalez, Rodrigo
    KTH, School of Electrical Engineering (EES).
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems. KTH - Royal Institute of Technology.
    Nordström, Lars
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems. KTH - Royal Institute of Technology.
    Method for Reliability Analysis of Distribution Grid Communications Using PRMs-Monte Carlo Methods2017Conference paper (Refereed)
    Abstract [en]

    This paper presents a method to perform reliability analysis of communication systems for distribution grids. The method uses probabilistic relational models to indicate the probabilistic dependencies between the components that form the communication system and it is implemented by Monte Carlo methods. This method can be used for performing reliability predictions of simulated communication systems and for evaluating the reliability of real systems. The paper contains a case study in which the proposed method is applied to evaluate the reliability of the communication systems that are required for monitoring the network components at low voltage levels using the smart metering infrastructure. This case study is taken fromthe EU FP7 DISCERN project. Finally, the results are presented in a quantitative way, showing the individual reliability of each component and the combined reliability of the entire system.

  • 2. Blom, Rikard
    et al.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Robert, Lagerström
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Mathias, Ekstedt
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Analyzing attack resilience of an advanced meter infrastructure reference model2016In: Joint Workshop on Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG), IEEE conference proceedings, 2016Conference paper (Refereed)
    Abstract [en]

    Advanced metering infrastructure (AMI) is a key component of the concept of smart power grids. Although several functional/logical reference models of AMI exist, they are not suited for automated analysis of properties such as cyber security. This paper briefly presents a reference model of AMI that follows a tested and even commercially adopted formalism allowing automated analysis of cyber security. Finally, this paper presents an example cyber security analysis, and discusses its results.

  • 3.
    Ekstedt, Mathias
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Terruggia, Roberta
    Dondossola, Giovanna
    Application of a cyber security assessment framework to smart grid architectures2013Conference paper (Refereed)
  • 4. Gehrke, O.
    et al.
    Heussen, K.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Integrated multi-domain risk assessment using automated hypothesis testing2017In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 55-60Conference paper (Refereed)
    Abstract [en]

    In this paper we present an approach for the integration of cyberse-curity tools from multiple domains into an overall risk assessment framework which takes the complex interactions between domains in smart grid systems into account. The approach is based on generating hypotheses from a template, which are then analyzed for their probability and associated impact on the system. The feasibility of the proposed approach is discussed using a very simple example case to serve as a proof of concept. Furthermore, we introduce a generic software framework for the processing of hypothesis templates.

  • 5.
    Hjalmarsson, Alexander
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Software Migration Project Cost Estimation using COCOMO II and Enterprise Architecture Modeling2013In: CEUR Workshop Proceedings, 2013, p. 39-48Conference paper (Refereed)
    Abstract [en]

    Large amounts of software are running on what is considered to be legacy platforms. These systems are often business critical and cannot be phased out without a proper replacement. Migration of these legacy applications can be troublesome due to poor documentation and a changing workforce. Estimating the costof suchprojects is nontrivial. Expert estimationis the most common method, but the method is heavily relying on the experience, knowledge,and intuition of the estimator. The use of a complementary estimation method can increase the accuracy of the assessment. This paper presents a metamodel that combines enterprise architecture modeling concepts with the COCOMO II estimation model. Ourstudy proposes a method combining expert estimation with the metamodel-based approachtoincrease the estimation accuracy. The combination was tested with four project samples at a large Nordic manufacturing company, which resulted in a mean magnitude of relative error of 10%.

  • 6.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Manual for the Cyber Security Modeling Language2013Report (Other academic)
    Abstract [en]

    The Cyber Security Modeling Language (CySeMoL) is an attack graph toolthat can be used to estimate the cyber security of enterprise architectures. Cy-SeMoL includes theory on how attacks and defenses relate quantitatively; thus,users must only model their assets and how these are connected in order to enablecalculations. This report functions as a manual to facilitate practical usage andunderstanding of CySeMoL.

  • 7.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Bayesian Model for Likelihood Estimations of Acquirement of Critical Software Vulnerabilities and ExploitsManuscript (preprint) (Other academic)
  • 8.
    Holm, Hannes
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    A Bayesian network model for likelihood estimations of acquirement of critical software vulnerabilities and exploits2015In: Information and Software Technology, ISSN 0950-5849, E-ISSN 1873-6025, Vol. 58, p. 304-318Article in journal (Refereed)
    Abstract [en]

    Context: Software vulnerabilities in general, and software vulnerabilities with publicly available exploits in particular, are important to manage for both developers and users. This is however a difficult matter to address as time is limited and vulnerabilities are frequent. Objective: This paper presents a Bayesian network based model that can be used by enterprise decision makers to estimate the likelihood that a professional penetration tester is able to obtain knowledge of critical vulnerabilities and exploits for these vulnerabilities for software under different circumstances. Method: Data on the activities in the model are gathered from previous empirical studies, vulnerability databases and a survey with 58 individuals who all have been credited for the discovery of critical software vulnerabilities. Results: The proposed model describes 13 states related by 17 activities, and a total of 33 different datasets. Conclusion: Estimates by the model can be used to support decisions regarding what software to acquire, or what measures to invest in during software development projects.

  • 9.
    Korman, Matus
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Sommestad, Teodor
    Hallberg, Jonas
    Bengtsson, Johan
    Overview of Enterprise Information Needs in Information Security Risk Assessment2014In: Proceedings of the 18th IEEE International EDOC Conference (EDOC 2014), 2014Conference paper (Refereed)
    Abstract [en]

    Methods for risk assessment in information security suggest users to collect and consider sets of input information, often notably different, both in type and size. To explore these differences, this study compares twelve established methods on how their input suggestions map to the concepts of ArchiMate, a widely used modeling language for enterprise architecture. Hereby, the study also tests the extent, to which ArchiMate accommodates the information suggested by the methods (e.g., for the use of ArchiMate models as a source of information for risk assessment). Results of this study show how the methods differ in suggesting input information in quantity, as well as in the coverage of the ArchiMate structure. Although the translation between ArchiMate and the methods’ input suggestions is not perfect, our results indicate that ArchiMate is capable of modeling fair portions of the information needed for the methods for information security risk assessment, which makes ArchiMate models a promising source of guidance for performing risk assessments.

  • 10.
    Korman, Matus
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Modeling Authorization in Enterprise-wide Contexts2015In: PoEM-SDC 2015: Short and Doctoral Consortium Papers at PoEM 2015: Proceedings of Short and Doctoral Consortium Papers Presented at the 8th IFIP WG 8.1 Working Conference on the Practice of Enterprise Modelling (PoEM 2015) Valencia, Spain, November 10-12, 2015. / [ed] Sergio Espana, Jolita Ralyté, Pnina Soffer, Jelena Zdravkovic, Oscar Pastor, CEUR-WS , 2015, Vol. 1497, p. 81-90Conference paper (Refereed)
    Abstract [en]

    Authorization and its enforcement, access control, has stood at the beginning of the art and science of information security, and remains being a crucial pillar of secure operation of IT. Dozens of different models of access control have been proposed. Although enterprise architecture as a discipline strives to support the management of IT, support for modeling authorization in enterprises is lacking, both in terms of supporting the variety of individual models nowadays used, and in terms of providing a unified metamodel capable of flexibly expressing configurations of all or most of the models. This study summarizes a number of existing models of access control, proposes an unified metamodel mapped to ArchiMate, and illustrates its use on a selection of simple cases.

  • 11.
    Korman, Matus
    et al.
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Modeling Enterprise Authorization: A Unified Metamodel and Initial Validation2016In: Complex Systems Informatics and Modeling Quarterly, ISSN 2255-9922, no 7, p. 1-24Article in journal (Refereed)
    Abstract [en]

    Authorization and its enforcement, access control, have stood at the beginning of the art and science of information security, and remain being crucial pillar of security in the information technology and  enterprises operations. Dozens of different models of access control have been proposed. Although Enterprise Architecture as the discipline strives to support the management of IT, support for modeling access policies in enterprises is often lacking, both in terms of supporting the variety of individual models of access control nowadays used, and in terms of providing a unified ontology capable of flexibly expressing access policies for all or the most of the models.This study summarizes a number of existing models of access control, proposes an unified metamodel mapped to ArchiMate, and illustrates its use on a selection of example scenarios and two cases.

  • 12.
    Korman, Matus
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Välja, Margus
    KTH.
    Ekstedt, Mathias
    KTH, School of Computer Science and Communication (CSC).
    Blom, Rikard
    KTH.
    Technology Management through Architecture Reference Models: A Smart Metering Case2016In: PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016): TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION / [ed] Kocaoglu, DF Anderson, TR Daim, TU Kozanoglu, DC Niwa, K Perman, G, IEEE , 2016, p. 2338-2350Conference paper (Refereed)
    Abstract [en]

    Enterprise architecture (EA) has become an essential part of managing technology in large enterprises. These days, automated analysis of EA is gaining increased attention. That is, using models of business and technology combined in order to analyze aspects such as cyber security, complexity, cost, performance, and availability. However, gathering all information needed and creating models for such analysis is a demanding and costly task. To lower the efforts needed a number of approaches have been proposed, the most common are automatic data collection and reference models. However these approaches are all still very immature and not efficient enough for the discipline, especially when it comes to using the models for analysis and not only for documentation and communication purposes. In this paper we propose a format for representing reference models focusing on analysis. The format is tested with a case in a large European project focusing on security in advanced metering infrastructure. Thus we have, based on the format, created a reference model for smart metering architecture and cyber security analysis. On a theoretical level we discuss the potential impact such a reference model can have.

  • 13.
    Korman, Matus
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Välja, Margus
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Björkman, Gunnar
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Vernotte, Alexandre
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Analyzing the effectiveness of attack countermeasures in a SCADA system2017In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 73-78Conference paper (Refereed)
    Abstract [en]

    The SCADA infrastructure is a key component for power grid operations. Securing the SCADA infrastructure against cyber intrusions is thus vital for a well-functioning power grid. However, the task remains a particular challenge, not the least since not all available security mechanisms are easily deployable in these reliability-critical and complex, multi-vendor environments that host modern systems alongside legacy ones, to support a range of sensitive power grid operations. This paper examines how effective a few countermeasures are likely to be in SCADA environments, including those that are commonly considered out of bounds. The results show that granular network segmentation is a particularly effective countermeasure, followed by frequent patching of systems (which is unfortunately still difficult to date). The results also show that the enforcement of a password policy and restrictive network configuration including whitelisting of devices contributes to increased security, though best in combination with granular network segmentation.

  • 14.
    Rocha Flores, Waldo
    et al.
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Conceptualization of Constructs for Shaping Information Security Behavior: Towards a Measurement Instrument2012Conference paper (Refereed)
    Abstract [en]

    The development of new means to attack information systems by attacking humans accessing the systems has increased the attention given to risks related to human or social aspects of information security. However, the effect of organizational key constructs proposed in organizational and individual behavior literature on information security has not been rigorously examined. Therefore it is important to develop measurement instruments and validate them properly to empirically capture the phenomena with reliable results. In this paper we attempt to conceptualize seven constructs and their sub-dimensions toward developing a measurement instrument. This attempt is carried out through specifying the nature of each construct’s conceptual domain and surveying content domain experts on the relevance, comprehensiveness and clarity of the identified dimensions of the construct. Based on the survey results we provide a set of validated constructs and dimensions that can be used to formally specify future measurement models for investigating how organizations can influence information security behavior.

  • 15.
    Vernotte, Alexandre
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Välja, Margus
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Korman, Matus
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Björkman, Gunnar
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Load Balancing of Renewable Energy: A Cyber Security Analysis2018In: Energy Informatics, E-ISSN 2520-8942, Vol. 1, article id 5Article in journal (Refereed)
    Abstract [en]

    Background

    In the coming years, the increase of automation in electricity distribution grids, controlled by ICT, will bring major consequences to the cyber security posture of the grids. Automation plays an especially important role in load balancing of renewable energy where distributed generation is balanced to load in a way that the grid stability is ensured. Threats to the load balancing and the smart grid in general arise from the activities of misbehaving or rouge actors in combination with poor design, implementation, or configuration of the system that makes it vulnerable. It is urgent to conduct an in-depth analysis about the feasibility and imminency of these potential threats ahead of a cyber catastrophy. This paper presents a cyber security evaluation of the ICT part of the smart grid with a focus on load balancing of renewable energy.

    Method

    The work builds on a load balancing centered smart grid reference architecture model that is designed as part of the evaluation with the help of SCADA system and smart grid experts. The smart grid load balancing architecture represented by the model is then analyzed using a threat modelling approach that is encapsulated in a tool called securiCAD. Countermeasures are introduced in the model to measure how much each improve the cyber security of the smart grid.

    Results

    The analysis shows that the main threat comes from the internet and is directly dependant on the level of internet access office users have coupled with their level of access on the OT zone. Supply chain attacks are also of great concern, i.e. the compromising of the software/hardware vendor with the objective of feeding rogue updates to assets, typically to install a backdoor. The general takeaway defense-wise is that it is of the utmost importance to increase efforts in securing the smart Grid in all the ways possible as they appear to be generally complementary.

    Discussion

    The obtained results raise concerns whether the architecture of the smart grid still remains satisfactory in today’s state of the cyberspace and the increased presence and sophistication of cyber threats. There are also concerns whether the proposed security measures, regardless of their evaluated effectiveness, are realistically implementable from both financial and practical point of view.

    Conclusions

    There is no silver bullet available to achieve full protection against cyber attacks. The smart grid remains a network of IT/OT machines with dataflows going between them. State-sponsored hackers given enough time and regardless of the defences in place will eventually make their way into a critical infrastructure such as the smart grid. While mitigations will not eliminate the threats, they will increase the cyber resilience of the infrastructure by increasing both its time frame and effectiveness. As such, in a time where usability, efficiency and practicality are at the front of every domain, innovations regarding these aspects should really be carried out with strong security in mind.

  • 16.
    Välja, Margus
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    A study on software vulnerabilities and weaknesses of embedded systems in power networks2017In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 47-52Conference paper (Refereed)
    Abstract [en]

    In this paper we conduct an empirical study with the purpose of identifying common software weaknesses of embedded devices used as part of industrial control systems in power grids. The data is gathered about the devices and software of 6 companies, ABB, General Electric, Schneider Electric, Schweitzer Engineering Laboratories, Siemens and Wind River. The study uses data from the manufacturersfi online databases, NVD, CWE and ICS CERT. We identified that the most common problems that were reported are related to the improper input validation, cryptographic issues, and programming errors.

  • 17.
    Välja, Margus
    et al.
    KTH.
    Korman, Matus
    KTH.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Franke, Ulrik
    Swedish Inst Comp Sci, Stockholm, Sweden..
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Automated Architecture Modeling for Enterprise Technology Management Using Principles from Data Fusion: A Security Analysis Case2016In: PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016): TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION / [ed] Kocaoglu, DF Anderson, TR Daim, TU Kozanoglu, DC Niwa, K Perman, G, IEEE , 2016, p. 14-22Conference paper (Refereed)
    Abstract [en]

    Architecture models arc used in enterprise management for decision support. These decisions range from designing processes to planning for the appropriate supporting technology. It is unreasonable for an existing enterprise to completely reinvent itself. Incremental changes are in most cases a more resource efficient tactic. Thus, for planning organizational changes, models of the current practices and systems need to be created. For mid-sized to large organizations this can be an enormous task when executed manually. Fortunately, there's a lot of data available from different sources within an enterprise that can be used for populating such models. The data are however almost always heterogeneous and usually only representing fragmented views of certain aspects. In order to merge such data and obtaining a unified view of the enterprise a suitable methodology is needed. In this paper we address this problem of creating enterprise architecture models from heterogeneous data. The paper proposes a novel approach that combines methods from the fields of data fusion and data warehousing. The approach is tested using a modeling language focusing on cyber security analysis in a study of a lab setup mirroring a small power utility's IT environment.

  • 18.
    Välja, Margus
    et al.
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Shahzad, Khurram
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Integrated metamodel for security analysis2015In: 2015 48TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), IEEE Computer Society, 2015, p. 5192-5200Conference paper (Refereed)
    Abstract [en]

    This paper proposes a metamodel for analyzing security aspects of enterprise architecture by combining analysis of cybersecurity with analysis of interoperability and availability. The metamodel extends an existing attack graph based metamodel for cybersecurity modeling and evaluation, (PCySeMoL)-Cy-2, and incorporates several new elements and evaluation rules. The approach improves security analysis by combining two ways of evaluating reachability: one which considers ordinary user activity and another, which considers technically advanced techniques for penetration and attack. It is thus permitting to evaluate security in interoperability terms by revealing attack possibilities of legitimate users. Combined with data import from various sources, like an enterprise architecture data repository, the instantiations of the proposed metamodel allow for a more holistic overview of the threats to the architecture than the previous version. Additional granularity is added to the analysis with the reachability need concept and by enabling the consideration of unavailable and unreliable systems.

  • 19.
    Välja, Margus
    et al.
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    A Requirements Based Approach for Automating Enterprise IT Architecture Modeling Using Multiple Data Sources2015In: 2015 IEEE 19th International Enterprise Distributed Object Computing Workshop (EDOCW), Adelaide, SA, 2015, p. 79-87Conference paper (Refereed)
    Abstract [en]

    Enterprise Architecture (EA) is an approach where models of an enterprise are used for decision support. An important part of EA is enterprise IT architecture. Creating models of both types can be a complex task. EA can be difficult to model due to unavailable business data, while in the case of enterprise IT architecture, there can be too much IT data available. Furthermore, there is a trend of a growing availability of data possibly useful for modeling. We call the process of making use of available data, automatic modeling. There have been previous attempts to achieve automatic model creation using a single source of data. Often, a single source of data is not enough to create the models required. In this paper we address automatic modeling when data from multiple heterogeneous sources are needed. The paper looks at the potential data sources, requirements that the data must meet and proposes a four-part approach. The approach is tested in a study using the Cyber Security Modeling Language in order to model a lab setup at KTH Royal Institute of Technology. The lab aims at mirroring a small power utility's IT setup. The paper demonstrates that it is possible to create timely and scalable enterprise IT architecture models from multiple sources, and that manual modeling and data quality related problems can be resolved using known data processing methods.

  • 20.
    Välja, Margus
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Korman, Matus
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Franke, Ulrik
    Bridging the gap between business and technology in strategic decision-making for cyber security management2016In: Proceedings of 2016 Portland International Conference on Management of Engineering and Technology, 2016, p. 32-42Conference paper (Refereed)
    Abstract [en]

    System architectures are getting more and more complex. Thus, making strategic decisions when it comes to managing systems is difficult and needs proper support. One arising issue that managers need to take into account when changing their technology is security. No business is spared from threats in today's connected society. The repercussions of not paying this enough attention could result in loss of money and in case of cyber physical systems, also human lives. Thus, system security has become a high-level management issue. There are various methods of assessing system security. A common method that allows partial automation is attack graph based security analysis. This particular method has many variations and wide tool support. However, a complex technical analysis like the attack graph based one needs experts to run it and interpret the results. In this paper we study what kind of strategic decisions that need the support of threat analysis and how to improve an attack graph based architecture threat assessment method to fit this task. The needs are gathered from experts working with security management and the approach is inspired by an enterprise architecture language called ArchiMate. The paper contains a working example. The proposed approach aims to bridge the gap between technical analysis and business analysis making system architectures easier to manage.

1 - 20 of 20
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf