THE PRACTICE OF THREAT MODELING
Threat models are developed to detect any possible threats or attacks that may be launched against a device. There are quite a several threat models that have been created over the years. The threat models that have already been developed could be used together to come up with a more complex and efficient model that could detect potential threats. This is because not all the threat models are elaborate, each model has its weaknesses, if they are combined, then they will complement each other and work effectively and efficiently (Jones et al. .2017) The threat modelling methods have been developed so that they can lead to the creation of an abstract in the system, profile and detect the potential attackers in the inclusion of their targets and how they are conducting the attack and show any possible attacks that may come up in future.
The following are examples of threat modelling methodologies that have been developed over the years;
- STRIDE- STRIDE is an abbreviation for Spoofing Tampering Repudiation Information Message Disclosure Denial of Service and Elevation of Privilege. This is Microsoft Windows use a threat modelling methodology. This threat method ensures that the confidentiality, integrity etc. are maintained such that any violation, there will be a detection (Khan et al. 2017).
- The other threat models include the VAST, PASTA and Trike threat modelling.
The best time to implement threat modelling is during the early stages of the development. It is during this time that the possible threats could be detected and dealt with quickly. This way, there would be a lesser amount of money spent on fixing the problems as compared to solving them at a later time. The threat modelling is very vital in determining the security requirements of a device or system, and mostly it has an impact on the final architectural decision making (Jones et al. .2017). Cyber-physical methods are used in the integration of technology into physical infrastructures such as vehicles and even buildings. These cyber-physical systems are very delicate and vulnerable to threats and attacks. The traditional developers may not have considered some security features or the security features could have been phased out, and this creates the need to implement threat models on them to ensure their security.
IMPORTANCE OF PREDICTING ATTACKS
The best remedy to any situation is by preventing the condition. The threat modelling methods are very critical in the detection of any threats or attacks that could be launched against a system. Predicting attacks in advance would enable the owners of the system to curb or prevent the actual attack by coming up with a solution to the vulnerability. The prediction of the possible attacks could also bring about the moderate expenditure of the finances, thus reducing the costs of solving the problem (Polatidis et al. 2018). This is because the amount of money that would be spent once the attack has happened would be more as compared to the amount that would have been paid if the fault was detected early enough and remedied.
REFERENCES
Jones, E. J., Costello, M. W., Schleiff, M., Miller, D. S., Chetal, A., Belden, M. M., & Gallup, V. V. (2017). U.S. Patent No. 9,602,529. Washington, DC: U.S. Patent and Trademark Office.
Khan, R., McLaughlin, K., Laverty, D., & Sezer, S. (2017, September). STRIDE-based threat modeling for cyber-physical systems. In 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe) (pp. 1-6). IEEE.
Polatidis, N., Pimenidis, E., Pavlidis, M., Papastergiou, S., & Mouratidis, H. (2018). From product recommendation to cyber-attack prediction: Generating attack graphs and predicting future attacks. Evolving Systems, 1-12.