Summit: Security Threat Modeling

Tuesday, June 26, 2012 @ 06:06 PM gHale

By Gregory Hale
Security is a risk management problem.

“One thing I have learned over the years is no one company does a security assessment the same way,” said John Cusimano, director of cyber security at exida during his presentation entitled, “Assessing the Security of ICS Systems Using Threat Modeling” at the Siemens 2012 Automation Summit today.

Summit: Birth of CERT
Summit: Users Need to be Aware
Summit: Productivity Key to Growth
Risk is Not a Game

In any kind of control environment, engineer’s work has always followed a standardized approach, but when it comes to security, it is difficult to follow that approach.

Part of Cusimano’s goal is to “drive toward an engineering approach to security.” That is where threat modeling comes in.

With all the reports coming out about the government’s involvement with Stuxnet, Duqu and Flame, and security researchers releasing flaws in systems, reports coming from DHS about coordinated attacks on gas pipelines, nuclear plants to name a few users are learning they need to get to the heart of security before they get caught in the crossfire or suffer collateral damage.

Companies’ response, though, varies. It goes from doing nothing to implementing a full blown security management system. Most, however, Cusimano said, fall in between.

“Some companies are IT focused and some are control focused; we have found the best are the ones that work together,” Cusimano said.

Cusimano offered a seven step list on the process for security
• Assess existing systems
• Document policies and procedures
• Train personnel and contractors
• Segment the control system network
• Control access to the system
• Harden the components of the system
• Monitor and maintain system security

The idea behind threat modeling is to identify vulnerabilities so the user can eliminate them, Cusimano said. There are four steps in the ICS threat-based risk assessment process:
1. Characterize the product or system
2. Identify all the critical assets and consequences
3. Identify threats
4. Analyze threats

Leave a Reply

You must be logged in to post a comment.