Security Enumerations for Cyber-Physical Systems - Data and Applications Security and Privacy XXXIV
Conference Papers Year : 2020

Security Enumerations for Cyber-Physical Systems

Daniel Schlette
  • Function : Author
  • PersonId : 1100405
Florian Menges
  • Function : Author
  • PersonId : 1100406
Thomas Baumer
  • Function : Author
  • PersonId : 1100407
Günther Pernul
  • Function : Author
  • PersonId : 1024075

Abstract

Enumerations constitute a pivotal element of Cyber Threat Intelligence (CTI). References to enumerated artifacts support a universal understanding and integrate threat information. While traditional IT systems and vulnerabilities are covered by security enumerations, this does not apply to Cyber-Physical Systems (CPS). In particular, complexity and interdependencies of components within these systems demand for an extension of current enumerations. Taking on a CPS security management perspective this work identifies deficiencies within the Common Platform Enumeration (CPE) and the Common Vulnerabilities and Exposures (CVE) enumeration. Models for CPS are thus proposed to cover comprehensiveness and usability. A prototype is used to evaluate the feasibility by demonstrating key features of security enumerations for CPS.
Fichier principal
Vignette du fichier
496047_1_En_4_Chapter.pdf (240.98 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-03243630 , version 1 (31-05-2021)

Licence

Identifiers

Cite

Daniel Schlette, Florian Menges, Thomas Baumer, Günther Pernul. Security Enumerations for Cyber-Physical Systems. 34th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jun 2020, Regensburg, Germany. pp.64-76, ⟨10.1007/978-3-030-49669-2_4⟩. ⟨hal-03243630⟩
117 View
93 Download

Altmetric

Share

More