Download

File

Jamil_iastate_0097E_19776.pdf (821.77 KB)

Date

2021-12

Authors

Jamil, Ameerah Muhsinah

Major Professor

Advisor

ben-Othmane, Lotfi

Jacobson, Doug

Zheng, Mai

Daniels, Thomas Earl

Rover, Diane Thiede

Committee Member

Journal Title

Journal ISSN

Volume Title

Publisher

Altmetrics

Abstract

Cyber-physical system (CPS) seamlessly integrates computational and physical resources to form intelligent systems. Such CPSs are often used to control physical objects using real-time feedback loops through computation and communication. Some of the CPSs are used for safety-critical operations, such as autonomous driving, and must be secure. Commonly, threat modeling of such systems is based on the given system’s architecture. However, as the components and interactions among the components of a CPS change, the architecture of the given CPS changes over time, making the threat model of the CPS rapidly obsolete–i.e., incomplete and invalid threat model. This thesis aims to study the threat modeling practices of CPSs in the industry and explore the possibility of automating the threat modeling process. First, we interviewed software security practitioners on their current practices to ensure secure-code changes. Unexpectedly, we found that the practitioners commonly use security code analysis and testing tools in their development process. However, they often do not perform threat modeling of their software. Second, we interviewed threat modeling practitioners on their practices of threat modeling of CPS. We found in this study that the practitioners perform threat modeling of their CPS products on demand, and the outcome could become obsolete quickly due to the frequent changes to the systems. In addition, we found that they have limited confidence in the threat models that they obtain using the classic threat modeling methods, and they use their experience to address the limitations. Next, we proposed a semi-automated process for threats identification of a given CPS. We applied the method on Apollo Auto, open-source software for autonomous driving. The architecture recovery of the software was not successful given the large size of the software, which prevents us from validating the approach. To improve the security of CPS, we propose to develop new threat modeling approaches for CPSs, develop a threat knowledge repository, and develop efficient architecture recovery methods that could be used to recover the architecture of real-world software.

Series Number

Journal Issue

Is Version Of

Versions

Series

Academic or Administrative Unit

Department of Electrical and Computer Engineering

Type

dissertation

Comments

Rights Statement

Copyright

Funding

Subject Categories

Computer engineering

Keywords

Continuous threat modeling, Cyber-physical system, Secure cyber-physical system, Secure software, Threat modeling

DOI

https://doi.org/10.31274/td-20240329-558

Permanent Link

https://dr.lib.iastate.edu/handle/20.500.12876/VrO5y1mw

Supplemental Resources

Source

Collections

Theses and Dissertations