Skip to Main content Skip to Navigation
Conference papers

A Domain-specific Modeling Framework for Attack Surface Modeling

Abstract : Cybersecurity is becoming vital as industries are gradually moving from automating physical processes to a higher level automation using cyber physical systems (CPS) and internet of things (IoT). In this context, security is becoming a continuous process that runs in parallel to other processes during the complete life cycle of a system. Traditional threat analysis methods use design models alongside threat models as an input for security analysis, hence missing the life-cycle-based dynamicity required by the security concern. In this paper, we argue for an attacker-aware systems modeling language that exposes the systems attack surfaces. For this purpose, we have designed Pimca, a domain specific modeling language geared towards capturing the attacker point of view of the system. This study introduces the formalism along with the Pimca workbench, a framework designed to ease the development and manipulation of the Pimca models. Finally, we present two relevant use cases, serving as a preliminary validation of our approach.
Document type :
Conference papers
Complete list of metadata

Cited literature [17 references]  Display  Hide  Download
Contributor : Raul Mazo <>
Submitted on : Tuesday, March 10, 2020 - 11:26:51 AM
Last modification on : Tuesday, December 1, 2020 - 9:38:32 AM
Long-term archiving on: : Thursday, June 11, 2020 - 2:17:35 PM


2020_A Domain-specific Modelin...
Files produced by the author(s)



Tithnara Sun, Bastien Drouot, Fahad Golra, Joël Champeau, Sylvain Guerin, et al.. A Domain-specific Modeling Framework for Attack Surface Modeling. ICISSP 2020 : 6th International Conference on Information Systems Security and Privacy, Feb 2020, Valetta, Malta. pp.341 - 348, ⟨10.5220/0008916203410348⟩. ⟨hal-02502387⟩



Record views


Files downloads