Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Towards a Systematic Threat Modeling Approach for Cyber-physical Systems

Published

Author(s)

Goncalo Martins, Sajal Bhatia, Xenofon Koutsoukos, Keith A. Stouffer, CheeYee Tang, Rick Candell

Abstract

Cyber-Physical Systems (CPS) are systems with seamless integration of physical, computational and networking components. These systems can potentially have an impact on the physical components, hence it is critical to safeguard them against a wide range of attacks. In this paper, it is argued that an effective approach to achieve this goal is to systematically identify the potential threats at the design phase of building such systems, commonly achieved via threat modeling. In this context, a tool to perform systematic analysis of threat modeling for CPS is proposed. A real-world wireless railway temperature monitoring system is used as a case study to validate the proposed approach. The threats identified in the system are subsequently mitigated using National Institute of Standards and Technology (NIST) standards.
Proceedings Title
2nd National Symposium on Resilient Critical Infrastructure (ISRCS 2015)
Conference Dates
August 18-20, 2015
Conference Location
Philadelphia, PA, US

Keywords

Cybersecurity, Cyber-physical systems (CPS), Industrial control systems (ICS), Threat modelling

Citation

Martins, G. , Bhatia, S. , Koutsoukos, X. , Stouffer, K. , Tang, C. and Candell, R. (2015), Towards a Systematic Threat Modeling Approach for Cyber-physical Systems, 2nd National Symposium on Resilient Critical Infrastructure (ISRCS 2015), Philadelphia, PA, US, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=919378 (Accessed October 9, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 15, 2015, Updated April 4, 2022