Security attack analysis using attack patterns

Discovering potential attacks on a system is an essential step in engineering secure systems, as the identified attacks will determine essential security requirements. The prevalence of Socio-Technical Systems (STSs) makes attack analysis particularly challenging. These systems are composed of people and organizations, their software systems, as well as physical infrastructures. As such, a thorough attack analysis needs to consider strategic (social and organizational) aspects of the involved people and organizations, as well as technical aspects affecting software systems and the physical infrastructure, requiring a large amount of security knowledge which is difficult to acquire. In this paper, we propose a systematic approach to efficiently leverage a comprehensive attack knowledge repository (CAPEC) in order to identify realistic and detailed attack behaviors, avoiding severe repercussions of security breaches. In particular, we propose a systematic method to model CAPEC attack patterns, which has been applied to 102 patterns, in order to semi-automatically select and apply such patterns. Using the CAPEC patterns as part of a systematic and tool-supported process, we can efficiently operationalize attack strategies and identify realistic alternative attacks on an STS. We validate our proposal by performing a case study on a smart grid scenario.