search menu icon-carat-right cmu-wordmark

Subject: Threat Modeling

Evaluating Threat-Modeling Methods for Cyber-Physical Systems

Evaluating Threat-Modeling Methods for Cyber-Physical Systems

• SEI Blog
Nataliya Shevchenko

Addressing cybersecurity for а complex system, especially for а cyber-physical system of systems (CPSoS), requires a strategic approach during the entire lifecycle of the system. Examples of CPSoS include rail transport systems, power plants, and integrated air-defense capability. All these systems consist of large physical, cyber-physical, and cyber-only subsystems with complex dynamics. In the first blog post in this series, I summarized 12 available threat-modeling methods (TMMs). In this post, I will identify criteria for...

Read More
Cyber Threat Modeling: An Evaluation of Three Methods

Cyber Threat Modeling: An Evaluation of Three Methods

• SEI Blog
Forrest Shull

This post was co-authored by Nancy Mead. Cyber threat modeling, the creation of an abstraction of a system to identify possible threats, is a required activity for DoD acquisition. Identifying potential threats to a system, cyber or otherwise, is increasingly important in today's environment. The number of information security incidents reported by federal agencies to the U.S. Computer Emergency Readiness Team (US-CERT) has increased by 1,121 percent from 5,503 in fiscal year 2006 to 67,168...

Read More