Abstract:
Industrial Control Systems (ICS) and Operational Technology (OT) in general are facing significantly increasing numbers of cyber attacks. Hence, threat identification is ...Show MoreMetadata
Abstract:
Industrial Control Systems (ICS) and Operational Technology (OT) in general are facing significantly increasing numbers of cyber attacks. Hence, threat identification is of utmost importance for their security architecture. The STRIDE methodology is well known for threat identification in the software domain, yet in recent years it has also been applied in other domains, such as Internet of Things, automotive or ICS. But OT domains are fundamentally different to IT by exhibiting unique characteristics such as high reliability, strict safety requirements or unique physical attack risks. Threat assessment thus needs to be adapted. This paper reviews STRIDE-based threat modeling approaches in that respect and provides a first step towards the overarching goal of establishing a common STRIDE-based methodology for threat modeling for ICS.
Date of Conference: 12-15 May 2024
Date Added to IEEE Xplore: 26 August 2024
ISBN Information: