Author

Vasilis Katos, Duncan Ki-Aries, Shamal Faily, Angel Genchev, Maya Bozhilova, Nikolai Stoianov

Published in

MODS 2021: Mathematical Modeling and Simulation of Systems

Keywords

cyber defense, user requirements elicitation, use case analysis, CAIRIS modelling

Open Access

NO

Abstract

Cyber defense requires research and investment in advanced technological solution as well as in the development of effective methods and tools for identifying cyber threats and risks. This implies a need for a well-defined process for user requirements elicitation. The paper presents a structured approach for the identification of cybersecurity knowledge and elicitation of user needs, based on the development of specific use cases. Employing use cases is an effective way to identify the cyber security gaps. Example use case descriptions of the attacks on a general computer network are given. The proposed use cases are analyzed within CAIRIS platform. The modelling process confirms that CAIRIS is a powerful tool to enrich the context of threat models and UML class diagrams. Also, the modelling with CAIRIS could support using security-by-design principles. The research is conducted under the activities of “The European network of Cybersecurity centres and competence Hub for innovation and Operations” (ECHO) project.

Source

https://link.springer.com/chapter/10.1007/978-3-030-89902-8_30