Model-Based Security Risk Analysis for Networked Embedded Systems

  • Maria VasilevskayaEmail author
  • Simin Nadjm-TehraniEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8985)


Finding a balance between functional and non-functional requirements and resources in embedded systems has always been a challenge. What brings this challenge into a sharper focus is that embedded devices are increasingly deployed in many networked applications, some of which will form the backbone of the critical information infrastructures on which we all depend. The Security-Enhanced Embedded system Development (SEED) process has proposed a set of tools that a bridge the two islands of expertise, the engineers specialised in embedded systems development and the security experts. This paper identifies a gap in the tool chain that links the identification of assets to be protected to the associated security risks seen from different stakeholder perspectives. The needed tool support for systematic prioritisation of identified assets, and the selection of security building blocks at design stage based on a risk picture of different stakeholders, are characterised. The ideas are illustrated in a smart metering infrastructure scenario.


Embed System Smart Grid Stakeholder Perspective Embed Device National Regulatory Agency 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    The SecFutur project: Design of Secure and Energy-efficient Embedded Systems for Future Internet Application.
  2. 2.
    Vasilevskaya, M., Gunawan, L.A., Nadjm-Tehrani, S., Herrmann, P.: Integrating security mechanisms into embedded systems by domain-specific modelling. J. Secur. Commun. Netw. 7, 2815–2832 (2013). WileyCrossRefGoogle Scholar
  3. 3.
    Alberts, C., Dorofee, A.: Managing Information Security Risks: The Octave Approach. SEI Series in Software Engineering. Addison-Wesley, Boston (2003)Google Scholar
  4. 4.
    den Braber, F., Hogganvik, I., Lund, S., Stølen, K., Vraalsen, F.: Model-based security analysis in seven steps – a guided tour to the CORAS method. BT Technol. J. 25, 101–117 (2007)CrossRefGoogle Scholar
  5. 5.
    Vasilevskaya, M., Nadjm-Tehrani, S.: Quantifying risks to data assets using formal metrics in embedded system design. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9337, pp. 347–361. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-24255-2_25 CrossRefGoogle Scholar
  6. 6.
    Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: DAG-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014). ElsevierCrossRefzbMATHGoogle Scholar
  7. 7.
    Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 285–305. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  9. 9.
    Almasizadeh, J., Abdollahi Azgomi, M.: A stochastic model of attack process for the evaluation of security metrics. J. Comput. Netw. 57, 2159–2180 (2013)CrossRefGoogle Scholar
  10. 10.
    Raciti, M., Nadjm-Tehrani, S.: Embedded cyber-physical anomaly detection in smart meters. In: Hämmerli, B.M., Kalstad Svendsen, N., Lopez, J. (eds.) CRITIS 2012. LNCS, vol. 7722, pp. 34–45. Springer, Heidelberg (2013)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Department of Computer and Information ScienceLinköping UniversityLinköpingSweden

Personalised recommendations