Imperial College London
Portrait Picture

Professor Emil Lupu

Faculty of EngineeringDepartment of Computing

Professor of Computer Systems
 
 
 
//

Contact

 

e.c.lupu Website

 
 
//

Location

 

564Huxley BuildingSouth Kensington Campus

//

Summary

 

Publications

Citation

BibTex format

@article{Valenza:2023:10.1109/tdsc.2022.3213577,
author = {Valenza, F and Karafili, E and Steiner, RV and Lupu, EC},
doi = {10.1109/tdsc.2022.3213577},
journal = {IEEE Transactions on Dependable and Secure Computing},
pages = {4403--4417},
title = {A hybrid threat model for smart systems},
url = {http://dx.doi.org/10.1109/tdsc.2022.3213577},
volume = {20},
year = {2023}
}
Download

RIS format (EndNote, RefMan)

TY  - JOUR
AB  - Cyber-physical systems and their smart components have a pervasive presence in all our daily activities. Unfortunately, identifying the potential threats and issues in these systems and selecting enough protection is challenging given that such environments combine human, physical and cyber aspects to the system design and implementation. Current threat models and analysis do not take into consideration all three aspects of the analyzed system, how they can introduce new vulnerabilities or protection measures to each other. In this work, we introduce a novel threat model for cyber-physical systems that combines the cyber, physical, and human aspects. Our model represents the system's components relations and security properties by taking into consideration these three aspects. Together with the threat model we also propose a threat analysis method that allows understanding the security state of the system's components. The threat model and the threat analysis have been implemented into an automatic tool, called TAMELESS, that automatically analyzes threats to the system, verifies its security properties, and generates a graphical representation, useful for security architects to identify the proper prevention/mitigation solutions. We show and prove the use of our threat model and analysis with three cases studies from different sectors.
AU  - Valenza,F
AU  - Karafili,E
AU  - Steiner,RV
AU  - Lupu,EC
DO  - 10.1109/tdsc.2022.3213577
EP  - 4417
PY  - 2023///
SN  - 1545-5971
SP  - 4403
TI  - A hybrid threat model for smart systems
T2  - IEEE Transactions on Dependable and Secure Computing
UR  - http://dx.doi.org/10.1109/tdsc.2022.3213577
UR  - https://ieeexplore.ieee.org/document/9916127
UR  - http://hdl.handle.net/10044/1/100322
VL  - 20
ER  -
Download