kth.sePublications
Change search
Refine search result
1 - 10 of 10
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Katsikeas, Sotirios
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Rencelj Ling, Engla
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Johnsson, Pontus
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Empirical evaluation of a threat modeling language as a cybersecurity assessment tool2024In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 140, article id 103743Article in journal (Refereed)
    Abstract [en]

    The complexity of ICT infrastructures is continuously increasing, presenting a formidable challenge in safeguarding them against cyber attacks. In light of escalating cyber threats and limited availability of expert resources, organizations must explore more efficient approaches to assess their resilience and undertake proactive measures. Threat modeling is an effective approach for assessing the cyber resilience of ICT systems. One method is to utilize Attack Graphs, which visually represent the steps taken by adversaries during an attack. Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework for developing Domain-Specific Languages (DSLs) and generating Attack Graphs for modeled infrastructures. coreLang is a MAL-based threat modeling language that utilizes such Attack Graphs to enable attack simulations and security assessments for the generic ICT domain. Developing domain-specific languages for threat modeling and attack simulations provides a powerful approach for conducting security assessments of infrastructures. However, ensuring the correctness of these modeling languages raises a separate research question. In this study we conduct an empirical experiment aiming to falsify such a domain-specific threat modeling language. The potential inability to falsify the language through our empirical testing would lead to its corroboration, strengthening our belief in its validity within the parameters of our study. The outcomes of this approach indicated that, on average, the assessments generated by attack simulations outperformed those of human experts. Additionally, both human experts and simulations exhibited significantly superior performance compared to random guessers in their assessments. While specific human experts occasionally achieved better assessments for particular questions in the experiments, the efficiency of simulation-generated assessments surpasses that of human domain experts.

  • 2.
    Ling, Engla
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Electrical Engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Electrical Engineering.
    A threat modeling language for generating attack graphs of substation automation systems2023In: International Journal of Critical Infrastructure Protection, ISSN 1874-5482, E-ISSN 2212-2087, p. 100601-100601, article id 100601Article in journal (Refereed)
    Abstract [en]

    The substation automation system consists of many different complex assets and data flows. The system is also often externally connected to allow for remote management. The complexity and remote access to the substation automation system makes it vulnerable to cyber attacks. It also makes it difficult to assess the overall security of the system. One method of assessing the potential threats against a system is threat modeling. In this paper we create a language for producing threat models specifically for the substation automation systems. We focus on the method used to create the language where we review industry designs, build the language based on existing languages and consider attack scenarios from a literature study. Finally we present the language, model two different attack scenarios and generate attack graphs from the threat models.

    Download full text (pdf)
    fulltext
  • 3.
    Rencelj Ling, Engla
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Estimating Time-To-Compromise for Industrial Control System Attack Techniques Through Vulnerability Data2023In: SN Computer Science, ISSN 2661-8907, Vol. 4, no 3Article in journal (Refereed)
    Abstract [en]

    When protecting the Industrial Control Systems against cyber attacks, it is important to have as much information as possible to allocate defensive resources properly. In this paper we estimate the Time-To-Compromise of different Industrial Control Systems attack techniques by MITRE ATT&CK. The Time-To-Compromise is estimated using an equation that takes into consideration the vulnerability data that exists for a specific asset and category of vulnerability. The vulnerability data is derived from an Industrial Control Systems specific vulnerability dataset. As a result, we present the mapping of the attack techniques to assets and categories of vulnerability, which makes it possible to apply specific vulnerabilities to the technique. We also present the method of how to estimate the Time-To-Compromise of the techniques and finally the values of Time-To-Compromise. After mapping the attack techniques to assets and category of vulnerability we are able to estimate the Time-To-Compromise and discuss its trustworthiness.

    Download full text (pdf)
    fulltext
  • 4.
    Rencelj Ling, Engla
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Estimating the Time-To-Compromise of Exploiting Industrial Control System Vulnerabilities2022In: Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP, Scitepress , 2022, Vol. Vol. 1 - 978-989-758-553-1, p. 96-107Conference paper (Refereed)
    Abstract [en]

    The metric Time-To-Compromise (TTC) can be used for estimating the time taken for an attacker to compromise a component or a system. The TTC helps to identify the most critical attacks, which is useful when allocating resources for strengthening the cyber security of a system. In this paper we describe our updated version of the original definition of TTC. The updated version is specifically developed for the Industrial Control Systems domain. The Industrial Control Systems are essential for our society since they are a big part of producing, for example, electricity and clean water. Therefore, it is crucial that we keep these systems secure from cyberattacks. We align the method of estimating the TTC to Industrial Control Systems by updating the original definition’s parameters and use a vulnerability dataset specific for the domain. The new definition is evaluated by comparing estimated Time-To-Compromise values for Industrial Control System attack scenarios to previous research results. 

  • 5.
    Rencelj Ling, Engla
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Urrea Cabus, Jose Eduardo
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Butun, Ismail
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Olegård, Johannes
    Department of Computer and Systems Sciences, Stockholm University, Sweden.
    Securing Communication and Identifying Threats in RTUs: A Vulnerability Analysis2022In: ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security, Association for Computing Machinery (ACM) , 2022, p. -7, article id 74Conference paper (Refereed)
    Abstract [en]

    This paper investigates methods to secure Remote Terminal Units (RTUs) which are the building blocks of a smart grid systems - the next generation version to replace the power grid systems that are being used today. RTUs are identified as the heart of automation and control (SCADA) systems by the systems engineers. As such, security and maintaining nominal operability of such devices has prime importance, especially for the industrial automation networks such as the smart grid. A way of measuring the security of systems and networks is executing a series of cybersecurity weakness assessment tests called penetration testing. Another way of such an assessment is called vulnerability analysis by threat modelling which involves careful investigation and modelling of each and every component of a network/system under investigation. This article, aims at marrying these two methodologies for the vulnerability assessment of the RTUs in a methodological and scientific way.

  • 6.
    Hacks, Simon
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering. University of Southern Denmark, Odense, Denmark.
    Katsikeas, Sotirios
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Rencelj Ling, Engla
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Xiong, Wenjun
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Pfeiffer, Jerome
    Wortmann, Andreas
    Towards a Systematic Method for Developing Meta Attack Language Instances2022In: Enterprise, Business-Process and Information Systems Modeling 23rd International Conference, BPMDS 2022 and 27th International Conference, EMMSAD 2022, Held at CAiSE 2022, Leuven, Belgium, June 6–7, 2022, Proceedings, Springer Nature , 2022, Vol. 450, p. 139-154Conference paper (Refereed)
    Abstract [en]

    Successfully developing domain-specific languages (DSLs) demands language engineers to consider their organizational context, which is challenging. Action design research (ADR) provides a conceptual framework to address this challenge. Since ADR’s application to the engineering of DSLs has not yet been examined, we investigate applying it to the development of threat modeling DSLs based on the Meta Attack Language (MAL), a metamodeling language for the specification of domain-specific threat modeling languages. To this end, we conducted a survey with experienced MAL developers on their development activities. We extract guidelines and align these, together with established DSL design guidelines, to the conceptual model of ADR. The research presented, aims to be the first step to investigate whether ADR can be used to systematically engineer DSLs.

  • 7.
    Rencelj Ling, Engla
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language2021In: Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems, Association for Computing Machinery (ACM) , 2021Conference paper (Refereed)
    Abstract [en]

    Due to our dependency on electricity, it is vital to keep our powersystems secure from cyber attacks. However, because power sys-tems are being digitalized and the infrastructure is growing increasingly complicated, it is difficult to gain an overview and secure the entire system. An overview of the potential security vulnerabilities can be achieved with threat modeling. The Meta AttackLanguage (MAL) is a formalism that enables the development ofthreat modeling languages that can be used to automatically generate attack graphs and conduct simulations over them. In this article we present the MAL-based language SCL-Lang which has been created based on the System description Configuration Language (SCL) as defined in the IEC 61850 standard. With SCL-Lang one can create threat models of substations based on their SCL files and automatically find information regarding potential cyber attack paths in the substation automation system configuration. This enables structured cyber security analysis for evaluating various design scenarios before implementation

    Download full text (pdf)
    fulltext
  • 8.
    Ling, Engla
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    A Systematic Literature Review of Information Sources for Threat Modeling in the Power Systems Domain2020Conference paper (Refereed)
    Abstract [en]

    Power systems are one of the critical infrastructures that has seen an increase in cyber security threats due to digitalization. The digitalization also affects the size and complexity of the infrastructure and therefore makes it more difficult to gain an overview in order to secure the entire power system from attackers. One method of how to gain an overview of possible vulnerabilities and security threats is to use threat modeling. In threat modeling, information regarding the vulnerabilities and possible attacks of power systems is required to create an accurate and useful model. There are several different sources for this information. In this paper we conduct a systematic literature review to find which information sources that have been used in power system threat modeling research. Six different information sources were found: expert knowledge, logs & alerts, previous research, system's state, vulnerability scoring & databases, and vulnerability scanners.

  • 9.
    Hacks, Simon
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Katsikeas, Sotirios
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ling, Engla
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    powerLang: a probabilistic attack simulation language for the power domain2020In: Energy Informatics, ISSN 2520-8942, Vol. 3, no 1Article in journal (Refereed)
    Abstract [en]

    Cyber-attacks these threats, the cyber security assessment of IT and OT infrastructures can foster a higher degree of safety and resilience against cyber-attacks. Therefore, the use of attack simulations based on system architecture models is proposed. To reduce the effort of creating new attack graphs for each system under assessment, domain-specific languages (DSLs) can be employed. DSLs codify the common attack logics of the considered domain.Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework to develop DSLs and generate attack graphs for modeled infrastructures. In this article, powerLang as a MAL-based DSL for modeling IT and OT infrastructures in the power domain is proposed. Further, it allows analyzing weaknesses related to known attacks. To comprise powerLang, two existing MAL-based DSL are combined with a new language focusing on industrial control systems (ICS). Finally, this first version of the language was validated against a known cyber-attack.

  • 10. Mao, Xinyue
    et al.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ling, Engla
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Ringdahl, Erik
    Foreseeti.
    Lagerström, Robert
    KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
    Conceptual Abstraction of Attack Graphs: a Use Case of securiCAD2019In: Graphical Models for Security. GraMSec 2019., Springer, 2019, Vol. 11720, p. 186-202Conference paper (Refereed)
    Abstract [en]

    Attack graphs quickly become large and challenging to understand and overview. As a means to ease this burden this paper presents an approach to introduce conceptual hierarchies of attack graphs. In this approach several attack steps are aggregated into abstract attack steps that can be given more comprehensive names. With such abstract attack graphs, it is possible to drill down, in several steps, to gain more granularity, and to move back up. The approach has been applied to the attack graphs generated by the cyber threat modeling tool securiCAD.

1 - 10 of 10
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf