TUHH Open Research
Help
  • Log In
    New user? Click here to register.Have you forgotten your password?
  • English
  • Deutsch
  • Communities & Collections
  • Publications
  • Research Data
  • People
  • Institutions
  • Projects
  • Statistics
  1. Home
  2. TUHH
  3. Publication References
  4. Airworthiness Security Methods: Modeling and Highlighting Attack Paths in System and Software Architectures for Threat Scenario-Driven Security Analysis
 
Options

Airworthiness Security Methods: Modeling and Highlighting Attack Paths in System and Software Architectures for Threat Scenario-Driven Security Analysis

Publikationstyp
Conference Paper
Date Issued
2024-11-15
Sprache
English
Author(s)
Blecken, Marvin  
Flugzeug-Kabinensysteme M-25  
Hintze, Hartmut  
Flugzeug-Kabinensysteme M-25  
Giertzsch, Fabian Maximilian  orcid-logo
Flugzeug-Kabinensysteme M-25  
God, Ralf  orcid-logo
Aircraft Cabin Systems M-25  
TORE-URI
https://hdl.handle.net/11420/52597
Citation
43rd AIAA DATC/IEEE Digital Avionics Systems Conference, DASC 2024
Contribution to Conference
43rd AIAA DATC/IEEE Digital Avionics Systems Conference, DASC 2024  
Publisher DOI
10.1109/DASC62030.2024.10749693
Scopus ID
2-s2.0-85211244318
Publisher
IEEE
ISBN
9798350349610
The digitalization and increased connectivity of aircraft systems not only offer opportunities, such as optimizing business and operational processes as well as the introduction of novel services for passengers, but also pose new security-related risks to the system. As part of the security risks analysis which became mandatory for airworthiness security since the publication of the new certification specification CS-25.1319, threat scenarios and attack paths are defined to enable a more structured identification and assessment of security risks. In order to identify potential attack paths, it is necessary to examine the architectures that were created during the development of the system or the software. These architectures establish the prescribed pathways that an attacker is able to take due to the connection of the architectural elements. However, none of the available approaches for modeling attack paths link the attack paths to the architecture model. In this paper a novel approach for modeling attack paths and linking attack paths to the architecture model is presented. The Systems Modeling Language (SysML)-based approach extends the Risk Analysis and Assessment Modeling Language (RAAML) and introduces elements for modeling attack paths made of various attack actions and vulnerabilities as well as the asset under consideration. Furthermore, relationships are defined to link these attack path elements to the architecture and path segments encompassing the architectural elements. Moreover, the linkage between attack paths and the architectural elements is used to highlight the attack paths in the architectures by using tool-specific capabilities of Cameo Systems Modeler. The approach is exemplarily illustrated taking the example of a seat controller that is connected to the In-Flight Entertainment (IFE) system enabling the adjustment of the seat.
DDC Class
629.13: Aviation Engineering
005: Computer Programming, Programs, Data and Security
TUHH
Weiterführende Links
  • Contact
  • Send Feedback
  • Cookie settings
  • Privacy policy
  • Impress
DSpace Software

Built with DSpace-CRIS software - Extension maintained and optimized by 4Science
Design by effective webwork GmbH

  • Deutsche NationalbibliothekDeutsche Nationalbibliothek
  • ORCiD Member OrganizationORCiD Member Organization
  • DataCiteDataCite
  • Re3DataRe3Data
  • OpenDOAROpenDOAR
  • OpenAireOpenAire
  • BASE Bielefeld Academic Search EngineBASE Bielefeld Academic Search Engine
Feedback