CySeMoL: A tool for cyber security analysis of enterprises

Holm, Hannes; Sommestad, Teodor; Ekstedt, Mathias; Nordström, Lars

doi:10.1049/cp.2013.1077

Cited by 25 publications

(12 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several tools exist that focus on the security analysis of detection. Some tools such as ADVISE [14], CyberSage [15], and CySeMoL [16,17] Centering on a probability analysis of an attacker reaching the attacker goal. These systems do not provide suggestions to improve the security of the system.…”

Section: Related Workmentioning

confidence: 99%

Modeling Web Security Analysis Attacks with CySeMoL Tool

Abdulhameed¹,

Al-Azawi²,

Al-Mahdawi

2020

MJS

View full text Add to dashboard Cite

The utilize of the web has made humans and companies powerless to exterior assaults. Indeed, cyber problems essentially influence information frameworks with distinctive types of malicious attacks such as spyware, virus, social engineering, etc. The Internet e-mail service, in particular, has become one of the most dependable methods of communication among people, institutions, and companies. The development of digital signatures to e-mail services has raised the e-mail security, which led to replacing the standard mailing of registered letters. Unfortunately, the process of sending and receiving e-mails has created a negative impact means on security and privacy from cybercriminals by diffusing spam and malware. As a result, e-mail hosts are constantly under attack by malicious programs that are often attached to e-mails. In this paper, the simulation model and prototype of an email traffic monitor developed and tested in order to prove the ability of our proposed method for detecting new viruses. This paper states the success possibility of this new method based on the simulation results. The results of the analysis suggest that the Cyber Security Modeling Language (CySeMoL) model has a good performance of operating system vulnerability prediction. At last, some useful suggestions in the context of the CySeMoL model are presented.

show abstract

Section: Related Workmentioning

confidence: 99%

Modeling Web Security Analysis Attacks with CySeMoL Tool

Abdulhameed¹,

Al-Azawi²,

Al-Mahdawi

2020

MJS

View full text Add to dashboard Cite

show abstract

“…While being a commercial tool, securi-CAD is based on results from previous research gathered in the Cyber Security Modelling Language (CySeMoL), an approach that has been extensively validated in the literature, both theoretically and practically Holm et al 2013;Holm et al 2015;Blom et al 2016;Korman et al 2017). All the experiments presented in this paper were conducted using securiCAD rather than CySeMoL due to the improved analysis logic, performance, and usability.…”

Section: Reference Model Language and Cyber Security Analysis Toolmentioning

confidence: 99%

Load balancing of renewable energy: a cyber security analysis

et al. 2018

View full text Add to dashboard Cite

Background: In the coming years, the increase of automation in electricity distribution grids, controlled by ICT, will bring major consequences to the cyber security posture of the grids. Automation plays an especially important role in load balancing of renewable energy where distributed generation is balanced to load in a way that the grid stability is ensured. Threats to the load balancing and the smart grid in general arise from the activities of misbehaving or rouge actors in combination with poor design, implementation, or configuration of the system that makes it vulnerable. It is urgent to conduct an in-depth analysis about the feasibility and imminency of these potential threats ahead of a cyber catastrophy. This paper presents a cyber security evaluation of the ICT part of the smart grid with a focus on load balancing of renewable energy. Method: The work builds on a load balancing centered smart grid reference architecture model that is designed as part of the evaluation with the help of SCADA system and smart grid experts. The smart grid load balancing architecture represented by the model is then analyzed using a threat modelling approach that is encapsulated in a tool called securiCAD. Countermeasures are introduced in the model to measure how much each improve the cyber security of the smart grid.

show abstract

“…Our exploration focused on two main approaches that are based on security DSLs and enable automatic processing of system models: the Cyber Security Modeling Language (CySeMoL) [6] and the Multihost, multistage Vulnerability AnaLysis (MulVAL) [7]. These two approaches have inspired building the S-cube KB.…”

Section: Security Domain Dslsmentioning

confidence: 99%

“…The CySeMoL [6] is an attack graph tool that can be used to assess the cyber security of enterprise architectures. It allows users to create models of their architectures and make calculations on the likelihood of different cyber-attacks being successful.…”

Section: Security Domain Dslsmentioning

confidence: 99%

“…Figseq can be used only in case of a purely Markovian model. The use of exponential distributions only in the S-cube KB allows us to benefit from the mathematical properties of the tool, and in particular the qualitative analysis yielding the attack and failure scenarios and the use of the Harrison [33] technique to compute their probabilities; -The Yams tool: uses the "analog" 6 Monte Carlo simulation [34] on the system model to compute an estimated value of the undesirable event probability. Any kind of probability distribution can be associated with transitions for this tool.…”

Section: Tool Chainmentioning

confidence: 99%

See 1 more Smart Citation

A new safety and security risk analysis framework for industrial control systems

Kriaa

Bouissou

Laarouchi

2018

Proceedings of the Institution of Mechanical Engineers, Part O:

View full text Add to dashboard Cite

The migration of modern Industrial Control Systems (ICS) towards information and communication technologies exposes them to cyber-attacks that can alter the way they function, thereby causing adverse consequences on the system and its environment. It has consequently become crucial to consider security risks in traditional safety risk analyses for industrial systems controlled by modern ICS. We propose in this paper a new framework for safety and security joint risk analysis for industrial control systems. S-cube (for SCADA Safety and Security joint modeling) is a new model-based approach that enables, thanks to a knowledge base, formal modeling of the physical and functional architecture of cyber physical systems and automatic generation of a qualitative and quantitative analysis encompassing safety risks (accidental) and security risks (malicious). We first give the principle and rationale of S-cube then we illustrate its inputs and outputs on a case study.

show abstract

CySeMoL: A tool for cyber security analysis of enterprises

Cited by 25 publications

References 6 publications

Modeling Web Security Analysis Attacks with CySeMoL Tool

Modeling Web Security Analysis Attacks with CySeMoL Tool

Load balancing of renewable energy: a cyber security analysis

A new safety and security risk analysis framework for industrial control systems

Contact Info

Product

Resources

About