Cubierta

A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics

The rapid evolution of industrial components, the paradigm of Industry 4.0, and the new connectivity features introduced by 5G technology all increase the likelihood of cybersecurity incidents. Such incidents are caused by the vulnerabilities present in these components. Designing a secure system is...

Descripción completa

Idioma: English
Publicación: MDPI 2022
Materia:
CPE
CVE
CVSS
CWE
CAPEC
IACS
directed graph
cybersecurity
vulnerability
assessment
security metrics
IEC 62443
OpenPLC
Acceso electrónico SOLREBILTEGIA: https://hdl.handle.net/20.500.11984/5635
https://doi.org/10.3390/s22062126
https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=167549
Ampliar información
id ebiltegia-20.500.11984-5635
recordtype ebiltegia
spelling ebiltegia-20.500.11984-56352024-03-04T13:50:42Zcom_20.500.11984_473Ikerketa-Artikuluakcol_20.500.11984_478Artikuluak-Ingeniaritza A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics Garitano, Iñaki Longueira-Romero, Angel Iglesias, Rosa Flores, José Luis CPE CVE CVSS CWE CAPEC IACS directed graph cybersecurity vulnerability assessment security metrics IEC 62443 OpenPLC The rapid evolution of industrial components, the paradigm of Industry 4.0, and the new connectivity features introduced by 5G technology all increase the likelihood of cybersecurity incidents. Such incidents are caused by the vulnerabilities present in these components. Designing a secure system is critical, but it is also complex, costly, and an extra factor to manage during the lifespan of the component. This paper presents a model to analyze the known vulnerabilities of industrial components over time. The proposed Extended Dependency Graph (EDG) model is based on two main elements: a directed graph representation of the internal structure of the component, and a set of quantitative metrics based on the Common Vulnerability Scoring System (CVSS). The EDG model can be applied throughout the entire lifespan of a device to track vulnerabilities, identify new requirements, root causes, and test cases. It also helps prioritize patching activities. The model was validated by application to the OpenPLC project. The results reveal that most of the vulnerabilities associated with OpenPLC were related to memory buffer operations and were concentrated in the libssl library. The model was able to determine new requirements and generate test cases from the analysis. Comisión Europea Gobierno de España Gobierno Vasco 2022-07-12T14:59:15Z 2022-07-12T14:59:15Z 2022 info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion https://hdl.handle.net/20.500.11984/5635 1424-8220 https://doi.org/10.3390/s22062126 https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=167549 eng info:eu-repo/grantAgreement/EC/H2020/957212/EU/Automated protection and prevention to meet security requirements in DevOps Enviroments/VERIDEVOPS info:eu-repo/grantAgreement/GE/Ayudas Cervera para Centros Tecnológicos CDTI/CER-20191012/ES/Red de Excelencia en Tecnologías de Seguridad y Privacidad/EGIDA info:eu-repo/grantAgreement/GV/Elkartek 2021/KK-2021-00091/CAPV/REal tiME control and embeddeD securitY/REMEDY info:eu-repo/semantics/openAccess © 2022 by the authors. Licensee MDPI Attribution 4.0 International http://creativecommons.org/licenses/by/4.0/ application/pdf MDPI Sensors .Vol. 22. N. 6. N. artículo 2126, 2022
external_data_source Ebiltegia
institution Digital
collection Ebiltegia
language English
topic CPE
CVE
CVSS
CWE
CAPEC
IACS
directed graph
cybersecurity
vulnerability
assessment
security metrics
IEC 62443
OpenPLC
spellingShingle CPE
CVE
CVSS
CWE
CAPEC
IACS
directed graph
cybersecurity
vulnerability
assessment
security metrics
IEC 62443
OpenPLC
Garitano, Iñaki
A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics
description The rapid evolution of industrial components, the paradigm of Industry 4.0, and the new connectivity features introduced by 5G technology all increase the likelihood of cybersecurity incidents. Such incidents are caused by the vulnerabilities present in these components. Designing a secure system is critical, but it is also complex, costly, and an extra factor to manage during the lifespan of the component. This paper presents a model to analyze the known vulnerabilities of industrial components over time. The proposed Extended Dependency Graph (EDG) model is based on two main elements: a directed graph representation of the internal structure of the component, and a set of quantitative metrics based on the Common Vulnerability Scoring System (CVSS). The EDG model can be applied throughout the entire lifespan of a device to track vulnerabilities, identify new requirements, root causes, and test cases. It also helps prioritize patching activities. The model was validated by application to the OpenPLC project. The results reveal that most of the vulnerabilities associated with OpenPLC were related to memory buffer operations and were concentrated in the libssl library. The model was able to determine new requirements and generate test cases from the analysis.
author_additional Longueira-Romero, Angel
author Garitano, Iñaki
title A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics
title_short A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics
title_full A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics
title_fullStr A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics
title_full_unstemmed A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics
title_sort novel model for vulnerability analysis through enhanced directed graphs and quantitative metrics
publisher MDPI
publishDate 2022
url https://hdl.handle.net/20.500.11984/5635
https://doi.org/10.3390/s22062126
https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=167549
_version_ 1792663468589973504

Ejemplares similares