Model-Based Cybersecurity Assessment Software Tool

Technology Overview

The model-based cybersecurity assessment software tool supports holistic security assessment of complex critical infrastructures systems, such as power grids, metros, and other critical information infrastructure systems. 

By using the tool, security practitioners can integrate diverse inputs from different experts ---- including domain-specific threat scenarios and process models, system architectures, security controls, and attacker models ---- to reason about the security posture of the system being evaluated. In particular, the software can automatically link these diverse types of information together to form a “security argument graph”, which provides an intuitive way to help security analysts visualize and argue about the different cybersecurity risks a system is facing and informing the selection of suitable security controls to mitigate these risks.

Technology Features & Specifications

The software tool is an integrative security assessment tool that will help Critical Information Infrastructure (CII) companies and their security consultants to understand the threats their systems are facing and gain visibility to their assets and weak points. The tool also can help them plan their security investment, and allow them to carry out all these work in an efficient manner. To achieve this, the software offers the following main advantages:

  • Threat-centric modelling tool
  • Automated and comprehensive security risk analysis
  • Ease of use with an intuitive and flexible framework

Potential Applications

  • Design Phase Security Assessment for Critical Information Infrastructure (CII) Systems: This tool can be used at the design phase to evaluate security level with different designs for CII companies.
  • Periodical Risk Assessment for Security Managers: This tool can be used by in-house security management teams for periodical risk assessment.
  • Security Modelling for Consultants: This tool can help security consultants develop security assessment models for their customers.

Customer Benefits

The model-based cybersecurity assessment software tool can process heterogeneous pieces of information about a CII system, such as its business processes, network infrastructure, security measures, and attacker models and use this information to argue about the security level. This enables security practitioners to make intelligent decisions in order to best protect their systems. The software’s visual and comprehensive presentation of the security risk information can help efficient communications among different stakeholders of a CII system, regarding its cyber security management.

Make an Enquiry