Cyber-physical systems requires threat models that account for cyber and physical vulnerabilities alike. We present the CPSTRIDE framework, which extends the classic STRIDE model with a novel Cyber-Physical Flow Diagram and updated Security Property and Threat definitions. We demonstrate CPSTRIDE’s utility by modeling threats beyond STRIDE’s capabilities, and employ LLM assistance to identify threats in an additive manufacturing context.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

CPSTRIDE: A Threat Modeling Framework for Cyber-Physical Systems

  • Dallas Elleman,
  • John Hale

摘要

Cyber-physical systems requires threat models that account for cyber and physical vulnerabilities alike. We present the CPSTRIDE framework, which extends the classic STRIDE model with a novel Cyber-Physical Flow Diagram and updated Security Property and Threat definitions. We demonstrate CPSTRIDE’s utility by modeling threats beyond STRIDE’s capabilities, and employ LLM assistance to identify threats in an additive manufacturing context.