kth.sePublications KTH
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
VehicleLang: A probabilistic modeling and simulation language for modern vehicle IT infrastructures
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0001-8287-3160
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering. Southern Univ Denmark, Maersk Mc Kinney Moller Inst, Odense, Denmark..ORCID iD: 0000-0003-0478-9347
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0003-3089-3885
2022 (English)In: Computers & Security, ISSN 0167-4048, E-ISSN 1872-6208, Vol. 117, article id 102705Article in journal (Refereed) Published
Abstract [en]

Attack simulations are a feasible means of assessing the cyber security of various systems. Simulations can replicate the steps taken by an attacker to compromise sensitive system assets, and the time required for the acquisition of assets of interests can be calculated. One widely accepted approach to such simulations is the modelling of attack steps and their dependencies in a formal manner using attack graphs. To reduce the effort of creating new attack graphs for each system in a given domain, one can employ domain-specific attack-modeling languages to codify common attack logic. The Meta Attack Language has been proposed as a framework for developing domain-specific attack languages. In this article, we propose vehicleLang as a domain-specific language for modeling vehicles in the context of corresponding information technology infrastructures and analyzing weaknesses related to known attacks. To model domain-specific attributes, we reviewed existing literature to develop a comprehensive language, which was then verified through a series of interviews with domain experts from the automotive industry. Specifically, a systematic literature review was performed to identify possible attacks against vehicles. The identified attacks served as a blueprint for the evaluation of vehicleLang's simulation capabilities. Finally, the language was validated using the Feigenbaum test methodology.
Place, publisher, year, edition, pages
Elsevier BV , 2022. Vol. 117, article id 102705
Keywords [en]
Domain-specific language, Cyber security, Threat modeling, Attack graphs, Vehicular security
National Category
Computer Sciences Computer Engineering Information Systems
Identifiers
URN: urn:nbn:se:kth:diva-313033DOI: 10.1016/j.cose.2022.102705ISI: 000793072700008Scopus ID: 2-s2.0-85127355690OAI: oai:DiVA.org:kth-313033DiVA, id: diva2:1662629
Note

QC 20220601

Available from: 2022-06-01 Created: 2022-06-01 Last updated: 2025-12-16Bibliographically approved
In thesis
1. Developing and validating domain specific languages for cyberattack modeling and simulations
Open this publication in new window or tab >>Developing and validating domain specific languages for cyberattack modeling and simulations
2026 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

This thesis explores the potential of domain-specific languages (DSLs) to enhance the accuracy, efficiency, and expressiveness of cyberattack modeling and simulation. Motivated by the increasing sophistication of cyber threats, this work addresses the limitations of traditional modeling approaches by developing and validating two novel DSLs: one tailored for vehicular systems and another for the Information and Communications Technology (ICT) domain. These languages provide specialized vocabulary and syntax for describing attack patterns, system behaviors, and defense mechanisms concisely and straightforwardly. Through a series of experiments and case studies, this research demonstrates the effectiveness of these DSLs in capturing the complexities of real-world cyberattacks. These languages enable the automatic generation of attack graphs from system architecture models, streamlining threat identification and enhancing the alignment of security measures with established frameworks for cybersecurity professionals. This thesis contributes to the advancement of cyberattack modeling and simulation techniques, providing cybersecurity professionals with tools to express, analyze, and predict the behavior of cyberattacks.
Abstract [sv]

Denna avhandling undersöker potentialen hos domänspecifika språk (DSL) för att förbättra noggrannheten, effektiviteten och uttrycksfullheten i modellering och simulering av cyberattacker. Motiverad av den ökande sofistikeringen av cyberhot, adresserar detta arbete begränsningarna hos traditionella modelleringsmetoder genom att utveckla och validera två nya DSL:er: en skräddarsydd för fordonsystem och en annan för IKT-domänen. Dessa språk tillhandahåller specialiserad vokabulär och syntax för att beskriva attackmönster, systembeteenden och försvarsmekanismer på ett koncist och tydligt sätt. Genom en serie experiment och fallstudier visar denna forskning effektiviteten hos dessa DSL:er för att fånga komplexiteten i verkliga cyberattacker. Dessa språk möjliggör automatisk generering av attackgrafer från systemarkitekturmodeller, vilket effektiviserar hotidentifiering och förbättrar anpassningen av säkerhetsåtgärder till etablerade ramverk för cybersäkerhets-experter. Denna avhandling bidrar till utvecklingen av tekniker för modellering och simulering av cyberattacker, vilket ger cybersäkerhetsexperter verktyg för att uttrycka, analysera och förutsäga beteendet hos cyberattacker.
Place, publisher, year, edition, pages
Stockholm, Sweden: KTH Royal Institute of Technology, 2026. p. ix, 49
Series
TRITA-EECS-AVL ; 2026:1
Keywords
Domain specific languages, Attack graphs, Cyberattack modeling, Cyberattack simulations, Threat modeling
National Category
Computer Sciences
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-374288 (URN)978-91-8106-445-2 (ISBN)
Public defence
2026-02-06, https://kth-se.zoom.us/j/65337054278, Kollegiesalen, Brinellvägen 8, Stockholm, 13:00 (English)
Opponent
Supervisors
Note

QC 20251217

Available from: 2025-12-18 Created: 2025-12-16 Last updated: 2026-01-12Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Katsikeas, SotiriosJohnsson, PontusHacks, SimonLagerström, Robert

Search in DiVA

By author/editor
Katsikeas, SotiriosJohnsson, PontusHacks, SimonLagerström, Robert
By organisation
Network and Systems Engineering
In the same journal
Computers & Security
Computer SciencesComputer EngineeringInformation Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 210 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
KTH Library
|
DiVA support
|
Register in DiVA
|
Posting your thesis
|
SwePub
|
About Open Access